diff --git a/composio/Chart.lock b/composio/Chart.lock index eb3975e..97a2eb4 100644 --- a/composio/Chart.lock +++ b/composio/Chart.lock @@ -3,7 +3,7 @@ dependencies: repository: https://charts.bitnami.com/bitnami version: 17.11.3 - name: temporal - repository: file://./charts/temporal - version: 0.68.1 -digest: sha256:c1090761b9cf246aa01b955f0df8c2635b581173bdb4b9388162436eeba6f4ca -generated: "2025-10-27T16:22:50.722053351+05:30" + repository: https://go.temporal.io/helm-charts + version: 0.64.0 +digest: sha256:1c13e2fad613314638938c742fce0432c5594681f529375a623e89c99ddab05b +generated: "2025-07-09T20:00:44.179347+05:30" diff --git a/composio/Chart.yaml b/composio/Chart.yaml index a74c1b8..fdf78a6 100644 --- a/composio/Chart.yaml +++ b/composio/Chart.yaml @@ -11,6 +11,5 @@ dependencies: repository: "https://charts.bitnami.com/bitnami" condition: redis.enabled - name: temporal - alias: temporal - version: "0.68.1" - repository: "file://./charts/temporal" + version: "0.64.0" + repository: "https://go.temporal.io/helm-charts" diff --git a/composio/charts/temporal-0.64.0.tgz b/composio/charts/temporal-0.64.0.tgz new file mode 100644 index 0000000..11b062d Binary files /dev/null and b/composio/charts/temporal-0.64.0.tgz differ diff --git a/composio/charts/temporal/.helmignore b/composio/charts/temporal/.helmignore deleted file mode 100644 index f85b0ee..0000000 --- a/composio/charts/temporal/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -tests/ diff --git a/composio/charts/temporal/Chart.lock b/composio/charts/temporal/Chart.lock deleted file mode 100644 index 902c0b1..0000000 --- a/composio/charts/temporal/Chart.lock +++ /dev/null @@ -1,15 +0,0 @@ -dependencies: -- name: cassandra - repository: https://charts.helm.sh/incubator - version: 0.14.3 -- name: prometheus - repository: https://prometheus-community.github.io/helm-charts - version: 25.22.0 -- name: elasticsearch - repository: https://helm.elastic.co - version: 7.17.3 -- name: grafana - repository: https://grafana.github.io/helm-charts - version: 8.0.2 -digest: sha256:f74565632d43941cad32e713f73481b3d8065d9c462473e80d86fd1f7c5049af -generated: "2024-10-07T14:43:06.775398+01:00" diff --git a/composio/charts/temporal/Chart.yaml b/composio/charts/temporal/Chart.yaml deleted file mode 100644 index 74b1cc5..0000000 --- a/composio/charts/temporal/Chart.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v2 -appVersion: 1.29.0 -dependencies: -- condition: cassandra.enabled - name: cassandra - repository: https://charts.helm.sh/incubator - version: 0.14.3 -- condition: prometheus.enabled - name: prometheus - repository: https://prometheus-community.github.io/helm-charts - version: 25.22.0 -- condition: elasticsearch.enabled - name: elasticsearch - repository: https://helm.elastic.co - version: 7.17.3 -- condition: grafana.enabled - name: grafana - repository: https://grafana.github.io/helm-charts - version: 8.0.2 -description: Temporal is a distributed, scalable, durable, and highly available orchestration - engine to execute asynchronous long-running business logic in a scalable and resilient - way. -home: https://temporal.io/ -keywords: -- temporal -- workflow -- orchestration -maintainers: -- name: temporalio - url: https://temporal.io/ -name: temporal -sources: -- https://github.com/temporalio/temporal -type: application -version: 0.68.1 diff --git a/composio/charts/temporal/charts/cassandra/.helmignore b/composio/charts/temporal/charts/cassandra/.helmignore deleted file mode 100644 index 5e03def..0000000 --- a/composio/charts/temporal/charts/cassandra/.helmignore +++ /dev/null @@ -1,17 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -OWNERS diff --git a/composio/charts/temporal/charts/cassandra/Chart.yaml b/composio/charts/temporal/charts/cassandra/Chart.yaml deleted file mode 100644 index 5a59430..0000000 --- a/composio/charts/temporal/charts/cassandra/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -appVersion: 3.11.5 -description: Apache Cassandra is a free and open-source distributed database management - system designed to handle large amounts of data across many commodity servers, providing - high availability with no single point of failure. -home: http://cassandra.apache.org -icon: https://upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Cassandra_logo.svg/330px-Cassandra_logo.svg.png -keywords: -- cassandra -- database -- nosql -maintainers: -- email: goonohc@gmail.com - name: KongZ -- email: maor.friedman@redhat.com - name: maorfr -name: cassandra -version: 0.14.3 diff --git a/composio/charts/temporal/charts/cassandra/README.md b/composio/charts/temporal/charts/cassandra/README.md deleted file mode 100644 index e2f49b9..0000000 --- a/composio/charts/temporal/charts/cassandra/README.md +++ /dev/null @@ -1,215 +0,0 @@ -# Cassandra -A Cassandra Chart for Kubernetes - -## Install Chart -To install the Cassandra Chart into your Kubernetes cluster (This Chart requires persistent volume by default, you may need to create a storage class before install chart. To create storage class, see [Persist data](#persist_data) section) - -```bash -helm install --namespace "cassandra" -n "cassandra" incubator/cassandra -``` - -After installation succeeds, you can get a status of Chart - -```bash -helm status "cassandra" -``` - -If you want to delete your Chart, use this command -```bash -helm delete --purge "cassandra" -``` - -## Upgrading - -To upgrade your Cassandra release, simply run - -```bash -helm upgrade "cassandra" incubator/cassandra -``` - -### 0.12.0 - -This version fixes https://github.com/helm/charts/issues/7803 by removing mutable labels in `spec.VolumeClaimTemplate.metadata.labels` so that it is upgradable. - -Until this version, in order to upgrade, you have to delete the Cassandra StatefulSet before upgrading: -```bash -$ kubectl delete statefulset --cascade=false my-cassandra-release -``` - - -## Persist data -You need to create `StorageClass` before able to persist data in persistent volume. -To create a `StorageClass` on Google Cloud, run the following - -```bash -kubectl create -f sample/create-storage-gce.yaml -``` - -And set the following values in `values.yaml` - -```yaml -persistence: - enabled: true -``` - -If you want to create a `StorageClass` on other platform, please see documentation here [https://kubernetes.io/docs/user-guide/persistent-volumes/](https://kubernetes.io/docs/user-guide/persistent-volumes/) - -When running a cluster without persistence, the termination of a pod will first initiate a decommissioning of that pod. -Depending on the amount of data stored inside the cluster this may take a while. In order to complete a graceful -termination, pods need to get more time for it. Set the following values in `values.yaml`: - -```yaml -podSettings: - terminationGracePeriodSeconds: 1800 -``` - -## Install Chart with specific cluster size -By default, this Chart will create a cassandra with 3 nodes. If you want to change the cluster size during installation, you can use `--set config.cluster_size={value}` argument. Or edit `values.yaml` - -For example: -Set cluster size to 5 - -```bash -helm install --namespace "cassandra" -n "cassandra" --set config.cluster_size=5 incubator/cassandra/ -``` - -## Install Chart with specific resource size -By default, this Chart will create a cassandra with CPU 2 vCPU and 4Gi of memory which is suitable for development environment. -If you want to use this Chart for production, I would recommend to update the CPU to 4 vCPU and 16Gi. Also increase size of `max_heap_size` and `heap_new_size`. -To update the settings, edit `values.yaml` - -## Install Chart with specific node -Sometime you may need to deploy your cassandra to specific nodes to allocate resources. You can use node selector by edit `nodes.enabled=true` in `values.yaml` -For example, you have 6 vms in node pools and you want to deploy cassandra to node which labeled as `cloud.google.com/gke-nodepool: pool-db` - -Set the following values in `values.yaml` - -```yaml -nodes: - enabled: true - selector: - nodeSelector: - cloud.google.com/gke-nodepool: pool-db -``` - -## Configuration - -The following table lists the configurable parameters of the Cassandra chart and their default values. - -| Parameter | Description | Default | -| ----------------------- | --------------------------------------------- | ---------------------------------------------------------- | -| `image.repo` | `cassandra` image repository | `cassandra` | -| `image.tag` | `cassandra` image tag | `3.11.5` | -| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` | -| `image.pullSecrets` | Image pull secrets | `nil` | -| `config.cluster_domain` | The name of the cluster domain. | `cluster.local` | -| `config.cluster_name` | The name of the cluster. | `cassandra` | -| `config.cluster_size` | The number of nodes in the cluster. | `3` | -| `config.seed_size` | The number of seed nodes used to bootstrap new clients joining the cluster. | `2` | -| `config.seeds` | The comma-separated list of seed nodes. | Automatically generated according to `.Release.Name` and `config.seed_size` | -| `config.num_tokens` | Initdb Arguments | `256` | -| `config.dc_name` | Initdb Arguments | `DC1` | -| `config.rack_name` | Initdb Arguments | `RAC1` | -| `config.endpoint_snitch` | Initdb Arguments | `SimpleSnitch` | -| `config.max_heap_size` | Initdb Arguments | `2048M` | -| `config.heap_new_size` | Initdb Arguments | `512M` | -| `config.ports.cql` | Initdb Arguments | `9042` | -| `config.ports.thrift` | Initdb Arguments | `9160` | -| `config.ports.agent` | The port of the JVM Agent (if any) | `nil` | -| `config.start_rpc` | Initdb Arguments | `false` | -| `configOverrides` | Overrides config files in /etc/cassandra dir | `{}` | -| `commandOverrides` | Overrides default docker command | `[]` | -| `argsOverrides` | Overrides default docker args | `[]` | -| `env` | Custom env variables | `{}` | -| `schedulerName` | Name of k8s scheduler (other than the default) | `nil` | -| `persistence.enabled` | Use a PVC to persist data | `true` | -| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) | -| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` | -| `persistence.size` | Size of data volume | `10Gi` | -| `resources` | CPU/Memory resource requests/limits | Memory: `4Gi`, CPU: `2` | -| `service.type` | k8s service type exposing ports, e.g. `NodePort`| `ClusterIP` | -| `service.annotations` | Annotations to apply to cassandra service | `""` | -| `podManagementPolicy` | podManagementPolicy of the StatefulSet | `OrderedReady` | -| `podDisruptionBudget` | Pod distruption budget | `{}` | -| `podAnnotations` | pod annotations for the StatefulSet | `{}` | -| `updateStrategy.type` | UpdateStrategy of the StatefulSet | `OnDelete` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `90` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `30` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `90` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `30` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `readinessProbe.address` | Address to use for checking node has joined the cluster and is ready. | `${POD_IP}` | -| `rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use | | -| `backup.enabled` | Enable backup on chart installation | `false` | -| `backup.schedule` | Keyspaces to backup, each with cron time | | -| `backup.annotations` | Backup pod annotations | iam.amazonaws.com/role: `cain` | -| `backup.image.repository` | Backup image repository | `maorfr/cain` | -| `backup.image.tag` | Backup image tag | `0.6.0` | -| `backup.extraArgs` | Additional arguments for cain | `[]` | -| `backup.env` | Backup environment variables | AWS_REGION: `us-east-1` | -| `backup.resources` | Backup CPU/Memory resource requests/limits | Memory: `1Gi`, CPU: `1` | -| `backup.destination` | Destination to store backup artifacts | `s3://bucket/cassandra` | -| `backup.google.serviceAccountSecret` | Secret containing credentials if GCS is used as destination | | -| `exporter.enabled` | Enable Cassandra exporter | `false` | -| `exporter.servicemonitor` | Enable ServiceMonitor for exporter | `true` | -| `exporter.additionalLabels` | Additional labels for Service Monitor | `{}` | -| `exporter.image.repo` | Exporter image repository | `criteord/cassandra_exporter` | -| `exporter.image.tag` | Exporter image tag | `2.0.2` | -| `exporter.port` | Exporter port | `5556` | -| `exporter.jvmOpts` | Exporter additional JVM options | | -| `exporter.resources` | Exporter CPU/Memory resource requests/limits | `{}` | -| `affinity` | Kubernetes node affinity | `{}` | -| `tolerations` | Kubernetes node tolerations | `[]` | - - -## Scale cassandra -When you want to change the cluster size of your cassandra, you can use the helm upgrade command. - -```bash -helm upgrade --set config.cluster_size=5 cassandra incubator/cassandra -``` - -## Get cassandra status -You can get your cassandra cluster status by running the command - -```bash -kubectl exec -it --namespace cassandra $(kubectl get pods --namespace cassandra -l app=cassandra-cassandra -o jsonpath='{.items[0].metadata.name}') nodetool status -``` - -Output -```bash -Datacenter: asia-east1 -====================== -Status=Up/Down -|/ State=Normal/Leaving/Joining/Moving --- Address Load Tokens Owns (effective) Host ID Rack -UN 10.8.1.11 108.45 KiB 256 66.1% 410cc9da-8993-4dc2-9026-1dd381874c54 a -UN 10.8.4.12 84.08 KiB 256 68.7% 96e159e1-ef94-406e-a0be-e58fbd32a830 c -UN 10.8.3.6 103.07 KiB 256 65.2% 1a42b953-8728-4139-b070-b855b8fff326 b -``` - -## Benchmark -You can use [cassandra-stress](https://docs.datastax.com/en/cassandra/3.0/cassandra/tools/toolsCStress.html) tool to run the benchmark on the cluster by the following command - -```bash -kubectl exec -it --namespace cassandra $(kubectl get pods --namespace cassandra -l app=cassandra-cassandra -o jsonpath='{.items[0].metadata.name}') cassandra-stress -``` - -Example of `cassandra-stress` argument - - Run both read and write with ration 9:1 - - Operator total 1 million keys with uniform distribution - - Use QUORUM for read/write - - Generate 50 threads - - Generate result in graph - - Use NetworkTopologyStrategy with replica factor 2 - -```bash -cassandra-stress mixed ratio\(write=1,read=9\) n=1000000 cl=QUORUM -pop dist=UNIFORM\(1..1000000\) -mode native cql3 -rate threads=50 -log file=~/mixed_autorate_r9w1_1M.log -graph file=test2.html title=test revision=test2 -schema "replication(strategy=NetworkTopologyStrategy, factor=2)" -``` diff --git a/composio/charts/temporal/charts/cassandra/sample/create-storage-gce.yaml b/composio/charts/temporal/charts/cassandra/sample/create-storage-gce.yaml deleted file mode 100644 index 2467b95..0000000 --- a/composio/charts/temporal/charts/cassandra/sample/create-storage-gce.yaml +++ /dev/null @@ -1,7 +0,0 @@ -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: generic -provisioner: kubernetes.io/gce-pd -parameters: - type: pd-ssd diff --git a/composio/charts/temporal/charts/cassandra/templates/NOTES.txt b/composio/charts/temporal/charts/cassandra/templates/NOTES.txt deleted file mode 100644 index 9ecb004..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/NOTES.txt +++ /dev/null @@ -1,35 +0,0 @@ -Cassandra CQL can be accessed via port {{ .Values.config.ports.cql }} on the following DNS name from within your cluster: -Cassandra Thrift can be accessed via port {{ .Values.config.ports.thrift }} on the following DNS name from within your cluster: - -If you want to connect to the remote instance with your local Cassandra CQL cli. To forward the API port to localhost:9042 run the following: -- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "cassandra.name" . }},release={{ .Release.Name }} -o jsonpath='{ .items[0].metadata.name }') 9042:{{ .Values.config.ports.cql }} - -If you want to connect to the Cassandra CQL run the following: -{{- if contains "NodePort" .Values.service.type }} -- export CQL_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "cassandra.fullname" . }}) -- export CQL_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") -- cqlsh $CQL_HOST $CQL_PORT - -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "cassandra.fullname" . }}' -- export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "cassandra.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') -- echo cqlsh $SERVICE_IP -{{- else if contains "ClusterIP" .Values.service.type }} -- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "cassandra.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 9042:{{ .Values.config.ports.cql }} - echo cqlsh 127.0.0.1 9042 -{{- end }} - -You can also see the cluster status by run the following: -- kubectl exec -it --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "cassandra.name" . }},release={{ .Release.Name }} -o jsonpath='{.items[0].metadata.name}') nodetool status - -To tail the logs for the Cassandra pod run the following: -- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "cassandra.name" . }},release={{ .Release.Name }} -o jsonpath='{ .items[0].metadata.name }') - -{{- if not .Values.persistence.enabled }} - -Note that the cluster is running with node-local storage instead of PersistentVolumes. In order to prevent data loss, -pods will be decommissioned upon termination. Decommissioning may take some time, so you might also want to adjust the -pod termination gace period, which is currently set to {{ .Values.podSettings.terminationGracePeriodSeconds }} seconds. - -{{- end}} diff --git a/composio/charts/temporal/charts/cassandra/templates/_helpers.tpl b/composio/charts/temporal/charts/cassandra/templates/_helpers.tpl deleted file mode 100644 index b870420..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/_helpers.tpl +++ /dev/null @@ -1,43 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "cassandra.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "cassandra.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "cassandra.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "cassandra.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "cassandra.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/cassandra/templates/backup/cronjob.yaml b/composio/charts/temporal/charts/cassandra/templates/backup/cronjob.yaml deleted file mode 100644 index 3ee3210..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/backup/cronjob.yaml +++ /dev/null @@ -1,90 +0,0 @@ -{{- if .Values.backup.enabled }} -{{- $release := .Release }} -{{- $values := .Values }} -{{- $backup := $values.backup }} -{{- range $index, $schedule := $backup.schedule }} ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: {{ template "cassandra.fullname" $ }}-backup-{{ $schedule.keyspace | replace "_" "-" }} - labels: - app: {{ template "cassandra.name" $ }}-cain - chart: {{ template "cassandra.chart" $ }} - release: "{{ $release.Name }}" - heritage: "{{ $release.Service }}" -spec: - schedule: {{ $schedule.cron | quote }} - concurrencyPolicy: Forbid - startingDeadlineSeconds: 120 - jobTemplate: - spec: - template: - metadata: - annotations: - {{ toYaml $backup.annotations }} - spec: - restartPolicy: OnFailure - serviceAccountName: {{ template "cassandra.serviceAccountName" $ }} - containers: - - name: cassandra-backup - image: "{{ $backup.image.repository }}:{{ $backup.image.tag }}" - command: ["cain"] - args: - - backup - - --namespace - - {{ $release.Namespace }} - - --selector - - release={{ $release.Name }},app={{ template "cassandra.name" $ }} - - --keyspace - - {{ $schedule.keyspace }} - - --dst - - {{ $backup.destination }} - {{- with $backup.extraArgs }} -{{ toYaml . | indent 12 }} - {{- end }} - env: -{{- if $backup.google.serviceAccountSecret }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: "/etc/secrets/google/credentials.json" -{{- end }} - {{- with $backup.env }} -{{ toYaml . | indent 12 }} - {{- end }} - {{- with $backup.resources }} - resources: -{{ toYaml . | indent 14 }} - {{- end }} -{{- if $backup.google.serviceAccountSecret }} - volumeMounts: - - name: google-service-account - mountPath: /etc/secrets/google/ -{{- end }} -{{- if $backup.google.serviceAccountSecret }} - volumes: - - name: google-service-account - secret: - secretName: {{ $backup.google.serviceAccountSecret | quote }} -{{- end }} - affinity: - podAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - {{ template "cassandra.fullname" $ }} - - key: release - operator: In - values: - - {{ $release.Name }} - topologyKey: "kubernetes.io/hostname" - {{- with $values.tolerations }} - tolerations: -{{ toYaml . | indent 12 }} - {{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/cassandra/templates/backup/rbac.yaml b/composio/charts/temporal/charts/cassandra/templates/backup/rbac.yaml deleted file mode 100644 index 12b0f27..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/backup/rbac.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.backup.enabled }} -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "cassandra.serviceAccountName" . }} - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" ---- -{{- end }} -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "cassandra.fullname" . }}-backup - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -rules: -- apiGroups: [""] - resources: ["pods", "pods/log"] - verbs: ["get", "list"] -- apiGroups: [""] - resources: ["pods/exec"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "cassandra.fullname" . }}-backup - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cassandra.fullname" . }}-backup -subjects: -- kind: ServiceAccount - name: {{ template "cassandra.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/cassandra/templates/configmap.yaml b/composio/charts/temporal/charts/cassandra/templates/configmap.yaml deleted file mode 100644 index 4e5ab76..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.configOverrides }} -kind: ConfigMap -apiVersion: v1 -metadata: - name: {{ template "cassandra.name" . }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ template "cassandra.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ toYaml .Values.configOverrides | indent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/cassandra/templates/pdb.yaml b/composio/charts/temporal/charts/cassandra/templates/pdb.yaml deleted file mode 100644 index 2e539bd..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/pdb.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.podDisruptionBudget -}} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - labels: - app: {{ template "cassandra.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - name: {{ template "cassandra.fullname" . }} -spec: - selector: - matchLabels: - app: {{ template "cassandra.name" . }} - release: {{ .Release.Name }} -{{ toYaml .Values.podDisruptionBudget | indent 2 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/cassandra/templates/service.yaml b/composio/charts/temporal/charts/cassandra/templates/service.yaml deleted file mode 100644 index da0a84e..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/service.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "cassandra.fullname" . }} - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - clusterIP: None - type: {{ .Values.service.type }} - ports: - {{- if .Values.exporter.enabled }} - - name: metrics - port: 5556 - targetPort: {{ .Values.exporter.port }} - {{- end }} - - name: intra - port: 7000 - targetPort: 7000 - - name: tls - port: 7001 - targetPort: 7001 - - name: jmx - port: 7199 - targetPort: 7199 - - name: cql - port: {{ default 9042 .Values.config.ports.cql }} - targetPort: {{ default 9042 .Values.config.ports.cql }} - - name: thrift - port: {{ default 9160 .Values.config.ports.thrift }} - targetPort: {{ default 9160 .Values.config.ports.thrift }} - {{- if .Values.config.ports.agent }} - - name: agent - port: {{ .Values.config.ports.agent }} - targetPort: {{ .Values.config.ports.agent }} - {{- end }} - selector: - app: {{ template "cassandra.name" . }} - release: {{ .Release.Name }} diff --git a/composio/charts/temporal/charts/cassandra/templates/servicemonitor.yaml b/composio/charts/temporal/charts/cassandra/templates/servicemonitor.yaml deleted file mode 100644 index 7e60cec..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/servicemonitor.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if and .Values.exporter.enabled .Values.exporter.servicemonitor }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "cassandra.fullname" . }} - name: hello-prometheus-scraping - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} -{{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} -spec: - jobLabel: {{ template "cassandra.name" . }} - endpoints: - - port: metrics - interval: 10s - selector: - matchLabels: - app: {{ template "cassandra.name" . }} - namespaceSelector: - any: true -{{- end }} diff --git a/composio/charts/temporal/charts/cassandra/templates/statefulset.yaml b/composio/charts/temporal/charts/cassandra/templates/statefulset.yaml deleted file mode 100644 index 455dfb6..0000000 --- a/composio/charts/temporal/charts/cassandra/templates/statefulset.yaml +++ /dev/null @@ -1,220 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "cassandra.fullname" . }} - labels: - app: {{ template "cassandra.name" . }} - chart: {{ template "cassandra.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - selector: - matchLabels: - app: {{ template "cassandra.name" . }} - release: {{ .Release.Name }} - serviceName: {{ template "cassandra.fullname" . }} - replicas: {{ .Values.config.cluster_size }} - podManagementPolicy: {{ .Values.podManagementPolicy }} - updateStrategy: - type: {{ .Values.updateStrategy.type }} - template: - metadata: - labels: - app: {{ template "cassandra.name" . }} - release: {{ .Release.Name }} -{{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} -{{- end }} -{{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} -{{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - hostNetwork: {{ .Values.hostNetwork }} -{{- if .Values.selector }} -{{ toYaml .Values.selector | indent 6 }} -{{- end }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} -{{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} -{{- end }} -{{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} -{{- end }} -{{- if .Values.configOverrides }} - initContainers: - - name: config-copier - image: busybox - command: [ 'sh', '-c', 'cp /configmap-files/* /cassandra-configs/ && chown 999:999 /cassandra-configs/*'] - volumeMounts: -{{- range $key, $value := .Values.configOverrides }} - - name: cassandra-config-{{ $key | replace "." "-" | replace "_" "--" }} - mountPath: /configmap-files/{{ $key }} - subPath: {{ $key }} -{{- end }} - - name: cassandra-configs - mountPath: /cassandra-configs/ -{{- end }} - containers: -{{- if .Values.exporter.enabled }} - - name: cassandra-exporter - image: "{{ .Values.exporter.image.repo }}:{{ .Values.exporter.image.tag }}" - resources: -{{ toYaml .Values.exporter.resources | indent 10 }} - env: - - name: CASSANDRA_EXPORTER_CONFIG_listenPort - value: {{ .Values.exporter.port | quote }} - - name: JVM_OPTS - value: {{ .Values.exporter.jvmOpts | quote }} - ports: - - name: metrics - containerPort: {{ .Values.exporter.port }} - protocol: TCP - - name: jmx - containerPort: 5555 - livenessProbe: - tcpSocket: - port: {{ .Values.exporter.port }} - readinessProbe: - httpGet: - path: /metrics - port: {{ .Values.exporter.port }} - initialDelaySeconds: 20 - timeoutSeconds: 45 -{{- end }} - - name: {{ template "cassandra.fullname" . }} - image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} -{{- if .Values.commandOverrides }} - command: {{ .Values.commandOverrides }} -{{- end }} -{{- if .Values.argsOverrides }} - args: {{ .Values.argsOverrides }} -{{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} - env: - {{- $seed_size := default 1 .Values.config.seed_size | int -}} - {{- $global := . }} - - name: CASSANDRA_SEEDS - {{- if .Values.hostNetwork }} - value: {{ required "You must fill \".Values.config.seeds\" with list of Cassandra seeds when hostNetwork is set to true" .Values.config.seeds | quote }} - {{- else }} - value: "{{- range $i, $e := until $seed_size }}{{ template "cassandra.fullname" $global }}-{{ $i }}.{{ template "cassandra.fullname" $global }}.{{ $global.Release.Namespace }}.svc.{{ $global.Values.config.cluster_domain }}{{- if (lt ( add1 $i ) $seed_size ) }},{{- end }}{{- end }}" - {{- end }} - - name: MAX_HEAP_SIZE - value: {{ default "8192M" .Values.config.max_heap_size | quote }} - - name: HEAP_NEWSIZE - value: {{ default "200M" .Values.config.heap_new_size | quote }} - - name: CASSANDRA_ENDPOINT_SNITCH - value: {{ default "SimpleSnitch" .Values.config.endpoint_snitch | quote }} - - name: CASSANDRA_CLUSTER_NAME - value: {{ default "Cassandra" .Values.config.cluster_name | quote }} - - name: CASSANDRA_DC - value: {{ default "DC1" .Values.config.dc_name | quote }} - - name: CASSANDRA_RACK - value: {{ default "RAC1" .Values.config.rack_name | quote }} - - name: CASSANDRA_START_RPC - value: {{ default "false" .Values.config.start_rpc | quote }} - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- range $key, $value := .Values.env }} - - name: {{ $key | quote }} - value: {{ $value | quote }} - {{- end }} - livenessProbe: - exec: - command: [ "/bin/sh", "-c", "nodetool status" ] - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - readinessProbe: - exec: - command: [ "/bin/sh", "-c", "nodetool status | grep -E \"^UN\\s+{{ .Values.readinessProbe.address }}\"" ] - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - ports: - - name: intra - containerPort: 7000 - - name: tls - containerPort: 7001 - - name: jmx - containerPort: 7199 - - name: cql - containerPort: {{ default 9042 .Values.config.ports.cql }} - - name: thrift - containerPort: {{ default 9160 .Values.config.ports.thrift }} - {{- if .Values.config.ports.agent }} - - name: agent - containerPort: {{ .Values.config.ports.agent }} - {{- end }} - volumeMounts: - - name: data - mountPath: /var/lib/cassandra - {{- if .Values.configOverrides }} - - name: cassandra-configs - mountPath: /etc/cassandra - {{- end }} - {{- if not .Values.persistence.enabled }} - lifecycle: - preStop: - exec: - command: ["/bin/sh", "-c", "exec nodetool decommission"] - {{- end }} - terminationGracePeriodSeconds: {{ default 30 .Values.podSettings.terminationGracePeriodSeconds }} - {{- if .Values.image.pullSecrets }} - imagePullSecrets: - - name: {{ .Values.image.pullSecrets }} - {{- end }} -{{- if or .Values.configOverrides (not .Values.persistence.enabled) }} - volumes: -{{- end }} -{{- range $key, $value := .Values.configOverrides }} - - configMap: - name: cassandra - name: cassandra-config-{{ $key | replace "." "-" | replace "_" "--" }} -{{- end }} -{{- if .Values.configOverrides }} - - name: cassandra-configs - emptyDir: {} -{{- end }} -{{- if not .Values.persistence.enabled }} - - name: data - emptyDir: {} -{{- else }} - volumeClaimTemplates: - - metadata: - name: data - labels: - app: {{ template "cassandra.name" . }} - release: {{ .Release.Name }} - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- if .Values.persistence.storageClass }} - {{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/cassandra/values.yaml b/composio/charts/temporal/charts/cassandra/values.yaml deleted file mode 100644 index fb1eb03..0000000 --- a/composio/charts/temporal/charts/cassandra/values.yaml +++ /dev/null @@ -1,231 +0,0 @@ -## Cassandra image version -## ref: https://hub.docker.com/r/library/cassandra/ -image: - repo: cassandra - tag: 3.11.5 - pullPolicy: IfNotPresent - ## Specify ImagePullSecrets for Pods - ## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod - # pullSecrets: myregistrykey - -## Specify a service type -## ref: http://kubernetes.io/docs/user-guide/services/ -service: - type: ClusterIP - annotations: "" - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: - -## Persist data to a persistent volume -persistence: - enabled: true - ## cassandra data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessMode: ReadWriteOnce - size: 10Gi - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## Minimum memory for development is 4GB and 2 CPU cores -## Minimum memory for production is 8GB and 4 CPU cores -## ref: http://docs.datastax.com/en/archived/cassandra/2.0/cassandra/architecture/architecturePlanningHardware_c.html -resources: {} - # requests: - # memory: 4Gi - # cpu: 2 - # limits: - # memory: 4Gi - # cpu: 2 - -## Change cassandra configuration parameters below: -## ref: http://docs.datastax.com/en/cassandra/3.0/cassandra/configuration/configCassandra_yaml.html -## Recommended max heap size is 1/2 of system memory -## Recommended heap new size is 1/4 of max heap size -## ref: http://docs.datastax.com/en/cassandra/3.0/cassandra/operations/opsTuneJVM.html -config: - cluster_domain: cluster.local - cluster_name: cassandra - cluster_size: 3 - seed_size: 2 - num_tokens: 256 - # If you want Cassandra to use this datacenter and rack name, - # you need to set endpoint_snitch to GossipingPropertyFileSnitch. - # Otherwise, these values are ignored and datacenter1 and rack1 - # are used. - dc_name: DC1 - rack_name: RAC1 - endpoint_snitch: SimpleSnitch - max_heap_size: 2048M - heap_new_size: 512M - start_rpc: false - ports: - cql: 9042 - thrift: 9160 - # If a JVM Agent is in place - # agent: 61621 - -## Cassandra config files overrides -configOverrides: {} - -## Cassandra docker command overrides -commandOverrides: [] - -## Cassandra docker args overrides -argsOverrides: [] - -## Custom env variables. -## ref: https://hub.docker.com/_/cassandra/ -env: {} - -## Liveness and Readiness probe values. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ -livenessProbe: - initialDelaySeconds: 90 - periodSeconds: 30 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 -readinessProbe: - initialDelaySeconds: 90 - periodSeconds: 30 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 3 - address: "${POD_IP}" - -## Configure node selector. Edit code below for adding selector to pods -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -# selector: - # nodeSelector: - # cloud.google.com/gke-nodepool: pool-db - -## Additional pod annotations -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -podAnnotations: {} - -## Additional pod labels -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -podLabels: {} - -## Additional pod-level settings -podSettings: - # Change this to give pods more time to properly leave the cluster when not using persistent storage. - terminationGracePeriodSeconds: 30 - -## Pod distruption budget -podDisruptionBudget: {} - # maxUnavailable: 1 - # minAvailable: 2 - -podManagementPolicy: OrderedReady -updateStrategy: - type: OnDelete - -## Pod Security Context -securityContext: - enabled: false - fsGroup: 999 - runAsUser: 999 - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -affinity: {} - -## Node tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -tolerations: [] - -rbac: - # Specifies whether RBAC resources should be created - create: true - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - # name: - -# Use host network for Cassandra pods -# You must pass seed list into config.seeds property if set to true -hostNetwork: false - -## Backup cronjob configuration -## Ref: https://github.com/maorfr/cain -backup: - enabled: false - - # Schedule to run jobs. Must be in cron time format - # Ref: https://crontab.guru/ - schedule: - - keyspace: keyspace1 - cron: "0 7 * * *" - - keyspace: keyspace2 - cron: "30 7 * * *" - - annotations: - # Example for authorization to AWS S3 using kube2iam - # Can also be done using environment variables - iam.amazonaws.com/role: cain - - image: - repository: maorfr/cain - tag: 0.6.0 - - # Additional arguments for cain - # Ref: https://github.com/maorfr/cain#usage - extraArgs: [] - - # Add additional environment variables - env: - # Example environment variable required for AWS credentials chain - - name: AWS_REGION - value: us-east-1 - - resources: - requests: - memory: 1Gi - cpu: 1 - limits: - memory: 1Gi - cpu: 1 - - # Name of the secret containing the credentials of the service account used by GOOGLE_APPLICATION_CREDENTIALS, as a credentials.json file - # google: - # serviceAccountSecret: - - # Destination to store the backup artifacts - # Supported cloud storage services: AWS S3, Minio S3, Azure Blob Storage, Google Cloud Storage - # Additional support can added. Visit this repository for details - # Ref: https://github.com/maorfr/skbn - destination: s3://bucket/cassandra - -## Cassandra exported configuration -## ref: https://github.com/criteo/cassandra_exporter -exporter: - # If exporter is enabled this will create a ServiceMonitor by default as well - servicemonitor: true - enabled: false - additionalLabels: {} - # prometheus: default - image: - repo: criteord/cassandra_exporter - tag: 2.0.2 - port: 5556 - jvmOpts: "" - resources: {} - # limits: - # cpu: 1 - # memory: 1Gi - # requests: - # cpu: 1 - # memory: 1Gi diff --git a/composio/charts/temporal/charts/elasticsearch/.helmignore b/composio/charts/temporal/charts/elasticsearch/.helmignore deleted file mode 100644 index e12c0b4..0000000 --- a/composio/charts/temporal/charts/elasticsearch/.helmignore +++ /dev/null @@ -1,2 +0,0 @@ -tests/ -.pytest_cache/ diff --git a/composio/charts/temporal/charts/elasticsearch/Chart.yaml b/composio/charts/temporal/charts/elasticsearch/Chart.yaml deleted file mode 100644 index 0b417cb..0000000 --- a/composio/charts/temporal/charts/elasticsearch/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -appVersion: 7.17.3 -description: Official Elastic helm chart for Elasticsearch -home: https://github.com/elastic/helm-charts -icon: https://helm.elastic.co/icons/elasticsearch.png -maintainers: -- email: helm-charts@elastic.co - name: Elastic -name: elasticsearch -sources: -- https://github.com/elastic/elasticsearch -version: 7.17.3 diff --git a/composio/charts/temporal/charts/elasticsearch/Makefile b/composio/charts/temporal/charts/elasticsearch/Makefile deleted file mode 100644 index 22218a1..0000000 --- a/composio/charts/temporal/charts/elasticsearch/Makefile +++ /dev/null @@ -1 +0,0 @@ -include ../helpers/common.mk diff --git a/composio/charts/temporal/charts/elasticsearch/README.md b/composio/charts/temporal/charts/elasticsearch/README.md deleted file mode 100644 index 6e4fd02..0000000 --- a/composio/charts/temporal/charts/elasticsearch/README.md +++ /dev/null @@ -1,459 +0,0 @@ -# Elasticsearch Helm Chart - -[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) - -This Helm chart is a lightweight way to configure and run our official -[Elasticsearch Docker image][]. - - - - - - - -- [Requirements](#requirements) -- [Installing](#installing) - - [Install released version using Helm repository](#install-released-version-using-helm-repository) - - [Install development version from a branch](#install-development-version-from-a-branch) -- [Upgrading](#upgrading) -- [Usage notes](#usage-notes) -- [Configuration](#configuration) - - [Deprecated](#deprecated) -- [FAQ](#faq) - - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution) - - [How to deploy dedicated nodes types?](#how-to-deploy-dedicated-nodes-types) - - [Clustering and Node Discovery](#clustering-and-node-discovery) - - [How to deploy clusters with security (authentication and TLS) enabled?](#how-to-deploy-clusters-with-security-authentication-and-tls-enabled) - - [How to migrate from helm/charts stable chart?](#how-to-migrate-from-helmcharts-stable-chart) - - [How to install plugins?](#how-to-install-plugins) - - [How to use the keystore?](#how-to-use-the-keystore) - - [Basic example](#basic-example) - - [Multiple keys](#multiple-keys) - - [Custom paths and keys](#custom-paths-and-keys) - - [How to enable snapshotting?](#how-to-enable-snapshotting) - - [How to configure templates post-deployment?](#how-to-configure-templates-post-deployment) -- [Contributing](#contributing) - - - - - - -## Requirements - -* Kubernetes >= 1.14 -* [Helm][] >= 2.17.0 -* Minimum cluster requirements include the following to run this chart with -default settings. All of these settings are configurable. - * Three Kubernetes nodes to respect the default "hard" affinity settings - * 1GB of RAM for the JVM heap - -See [supported configurations][] for more details. - -## Installing - -This chart is tested with the latest 7.17.3 version. - -### Install released version using Helm repository - -* Add the Elastic Helm charts repo: -`helm repo add elastic https://helm.elastic.co` - -* Install it: - - with Helm 3: `helm install elasticsearch --version elastic/elasticsearch` - - with Helm 2 (deprecated): `helm install --name elasticsearch --version elastic/elasticsearch` - -### Install development version from a branch - -* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` - -* Checkout the branch : `git checkout 7.17` - -* Install it: - - with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.17.3` - - with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.17.3` - - -## Upgrading - -Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before -upgrading to a new chart version. - - -## Usage notes - -* This repo includes a number of [examples][] configurations which can be used -as a reference. They are also used in the automated testing of this chart. -* Automated testing of this chart is currently only run against GKE (Google -Kubernetes Engine). -* The chart deploys a StatefulSet and by default will do an automated rolling -update of your cluster. It does this by waiting for the cluster health to become -green after each instance is updated. If you prefer to update manually you can -set `OnDelete` [updateStrategy][]. -* It is important to verify that the JVM heap size in `esJavaOpts` and to set -the CPU/Memory `resources` to something suitable for your cluster. -* To simplify chart and maintenance each set of node groups is deployed as a -separate Helm release. Take a look at the [multi][] example to get an idea for -how this works. Without doing this it isn't possible to resize persistent -volumes in a StatefulSet. By setting it up this way it makes it possible to add -more nodes with a new storage size then drain the old ones. It also solves the -problem of allowing the user to determine which node groups to update first when -doing upgrades or changes. -* We have designed this chart to be very un-opinionated about how to configure -Elasticsearch. It exposes ways to set environment variables and mount secrets -inside of the container. Doing this makes it much easier for this chart to -support multiple versions with minimal changes. - - -## Configuration - -| Parameter | Description | Default | -|------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------| -| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | -| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` | -| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` | -| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` | -| `clusterDeprecationIndexing` | Enable or disable deprecation logs to be indexed (should be disabled when deploying master only node groups) | `false` | -| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` | -| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | -| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` | -| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][] | `""` | -| `esJvmOptions` | [Java options][] for Elasticsearch. Override the default JVM options by adding custom options files . See [values.yaml][] for an example of the formatting | `{}` | -| `esMajorVersion` | Deprecated. Instead, use the version of the chart corresponding to your ES minor version. Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | -| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` | -| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` | -| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` | -| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` | -| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` | -| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` | -| `healthNameOverride` | Overrides `test-elasticsearch-health` pod name | `""` | -| `hostAliases` | Configurable [hostAliases][] | `[]` | -| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` | -| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` | -| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | -| `imageTag` | The Elasticsearch Docker image tag | `7.17.3` | -| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` | -| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] | -| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` | -| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` | -| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` | -| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | -| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` | -| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | -| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` | -| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` | -| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` | -| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}` | -| `nodeAffinity` | Value for the [node affinity settings][] | `{}` | -| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` | -| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` | -| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] | -| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` | -| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` | -| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | -| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] | -| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | -| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | -| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"`, or automount the service account token | see [values.yaml][] | -| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] | -| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` | -| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] | -| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] | -| `schedulerName` | Name of the [alternate scheduler][] | `""` | -| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | -| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | -| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` | -| `service.enabled` | Enable non-headless service | `true` | -| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` | -| `service.httpPortName` | The name of the http port within the service | `http` | -| `service.labelsHeadless` | Labels to be added to headless service | `{}` | -| `service.labels` | Labels to be added to non-headless service | `{}` | -| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` | -| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` | -| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` | -| `service.transportPortName` | The name of the transport port within the service | `transport` | -| `service.publishNotReadyAddresses` | Consider that all endpoints are considered "ready" even if the Pods themselves are not | `false` | -| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` | -| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` | -| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` | -| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` | -| `tests.enabled` | Enable creating test related resources when running `helm template` or `helm test` | `true` | -| `tolerations` | Configurable [tolerations][] | `[]` | -| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` | -| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | -| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] | - -### Deprecated - -| Parameter | Description | Default | -|-----------|---------------------------------------------------------------------------------------------------------------|---------| -| `fsGroup` | The Group ID (GID) for [securityContext][] so that the Elasticsearch user can read from the persistent volume | `""` | - - -## FAQ - -### How to deploy this chart on a specific K8S distribution? - -This chart is designed to run on production scale Kubernetes clusters with -multiple nodes, lots of memory and persistent storage. For that reason it can be -a bit tricky to run them against local Kubernetes environments such as -[Minikube][]. - -This chart is highly tested with [GKE][], but some K8S distribution also -requires specific configurations. - -We provide examples of configuration for the following K8S providers: - -- [Docker for Mac][] -- [KIND][] -- [Minikube][] -- [MicroK8S][] -- [OpenShift][] - -### How to deploy dedicated nodes types? - -All the Elasticsearch pods deployed share the same configuration. If you need to -deploy dedicated [nodes types][] (for example dedicated master and data nodes), -you can deploy multiple releases of this chart with different configurations -while they share the same `clusterName` value. - -For each Helm release, the nodes types can then be defined using `roles` value. - -An example of Elasticsearch cluster using 2 different Helm releases for master -and data nodes can be found in [examples/multi][]. - -#### Clustering and Node Discovery - -This chart facilitates Elasticsearch node discovery and services by creating two -`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` -and another named `$clusterName-$nodeGroup-headless`. -Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all -pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. - -If your group of master nodes has the default `nodeGroup: master` then you can -just add new groups of nodes with a different `nodeGroup` and they will -automatically discover the correct master. If your master nodes have a different -`nodeGroup` name then you will need to set `masterService` to -`$clusterName-$masterNodeGroup`. - -The chart value for `masterService` is used to populate -`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to -contact master nodes and form a cluster. -Therefore, to add a group of nodes to an existing cluster, setting -`masterService` to the desired `Service` name of the related cluster is -sufficient. - -### How to deploy clusters with security (authentication and TLS) enabled? - -This Helm chart can use existing [Kubernetes secrets][] to setup -credentials or certificates for examples. These secrets should be created -outside of this chart and accessed using [environment variables][] and volumes. - -An example of Elasticsearch cluster using security can be found in -[examples/security][]. - -### How to migrate from helm/charts stable chart? - -If you currently have a cluster deployed with the [helm/charts stable][] chart -you can follow the [migration guide][]. - -### How to install plugins? - -The recommended way to install plugins into our Docker images is to create a -[custom Docker image][]. - -The Dockerfile would look something like: - -``` -ARG elasticsearch_version -FROM docker.elastic.co/elasticsearch/elasticsearch:${elasticsearch_version} - -RUN bin/elasticsearch-plugin install --batch repository-gcs -``` - -And then updating the `image` in values to point to your custom image. - -There are a couple reasons we recommend this. - -1. Tying the availability of Elasticsearch to the download service to install -plugins is not a great idea or something that we recommend. Especially in -Kubernetes where it is normal and expected for a container to be moved to -another host at random times. -2. Mutating the state of a running Docker image (by installing plugins) goes -against best practices of containers and immutable infrastructure. - -### How to use the keystore? - -#### Basic example - -Create the secret, the key name needs to be the keystore key path. In this -example we will create a secret from a file and from a literal string. - -``` -kubectl create secret generic encryption-key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key -kubectl create secret generic slack-hook --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' -``` - -To add these secrets to the keystore: - -``` -keystore: - - secretName: encryption-key - - secretName: slack-hook -``` - -#### Multiple keys - -All keys in the secret will be added to the keystore. To create the previous -example in one secret you could also do: - -``` -kubectl create secret generic keystore-secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' -``` - -``` -keystore: - - secretName: keystore-secrets -``` - -#### Custom paths and keys - -If you are using these secrets for other applications (besides the Elasticsearch -keystore) then it is also possible to specify the keystore path and which keys -you want to add. Everything specified under each `keystore` item will be passed -through to the `volumeMounts` section for mounting the [secret][]. In this -example we will only add the `slack_hook` key from a secret that also has other -keys. Our secret looks like this: - -``` -kubectl create secret generic slack-secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' -``` - -We only want to add the `slack_hook` key to the keystore at path -`xpack.notification.slack.account.monitoring.secure_url`: - -``` -keystore: - - secretName: slack-secrets - items: - - key: slack_hook - path: xpack.notification.slack.account.monitoring.secure_url -``` - -You can also take a look at the [config example][] which is used as part of the -automated testing pipeline. - -### How to enable snapshotting? - -1. Install your [snapshot plugin][] into a custom Docker image following the -[how to install plugins guide][]. -2. Add any required secrets or credentials into an Elasticsearch keystore -following the [how to use the keystore][] guide. -3. Configure the [snapshot repository][] as you normally would. -4. To automate snapshots you can use [Snapshot Lifecycle Management][] or a tool -like [curator][]. - -### How to configure templates post-deployment? - -You can use `postStart` [lifecycle hooks][] to run code triggered after a -container is created. - -Here is an example of `postStart` hook to configure templates: - -```yaml -lifecycle: - postStart: - exec: - command: - - bash - - -c - - | - #!/bin/bash - # Add a template to adjust number of shards/replicas - TEMPLATE_NAME=my_template - INDEX_PATTERN="logstash-*" - SHARD_COUNT=8 - REPLICA_COUNT=1 - ES_URL=http://localhost:9200 - while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' -``` - - -## Contributing - -Please check [CONTRIBUTING.md][] before any contribution or for any questions -about our development and testing process. - -[7.17]: https://github.com/elastic/helm-charts/releases -[#63]: https://github.com/elastic/helm-charts/issues/63 -[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md -[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md -[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md -[alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods -[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -[anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/important-settings.html#cluster-name -[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/README.md#clustering-and-node-discovery -[config example]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/config/values.yaml -[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.9/snapshot.html -[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/docker.html#_c_customized_image -[deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies -[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/discovery-settings.html#minimum_master_nodes -[docker for mac]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/docker-for-mac -[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/cluster-health.html#request-params -[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/docker.html -[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config -[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables -[examples]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/ -[examples/multi]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi -[examples/security]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/security -[gke]: https://cloud.google.com/kubernetes-engine -[helm]: https://helm.sh -[helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/ -[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/README.md#how-to-install-plugins -[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/README.md#how-to-use-the-keystore -[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/modules-http.html#_settings -[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images -[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret -[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ -[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/jvm-options.html -[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/heap-size.html -[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ -[kind]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/kubernetes-kind -[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ -[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ -[loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws -[loadBalancer externalTrafficPolicy]: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip -[loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer -[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget -[migration guide]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/migration/README.md -[minikube]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/minikube -[microk8s]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/microk8s -[multi]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi/ -[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/network.host.html -[node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/configuring-tls.html#node-certificates -[nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport -[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/modules-node.html -[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -[openshift]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/openshift -[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ -[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/modules-node.html -[secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets -[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -[service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types -[snapshot lifecycle management]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/snapshot-lifecycle-management.html -[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.17/repository.html -[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/modules-snapshots.html -[supported configurations]: https://github.com/elastic/helm-charts/tree/7.17/README.md#supported-configurations -[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/vm-max-map-count.html#vm-max-map-count -[terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods -[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/modules-transport.html#_transport_settings -[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ -[values.yaml]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/values.yaml -[volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage diff --git a/composio/charts/temporal/charts/elasticsearch/examples/config/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/config/Makefile deleted file mode 100644 index 9ae9c37..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/config/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-es-config -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -secrets: - kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true - kubectl create secret generic elastic-config-credentials --from-literal=password=changeme --from-literal=username=elastic - kubectl create secret generic elastic-config-slack --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' - kubectl create secret generic elastic-config-secret --from-file=xpack.watcher.encryption_key=./watcher_encryption_key - kubectl create secret generic elastic-config-custom-path --from-literal=slack_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' --from-literal=thing_i_don_tcare_about=test - -test: secrets install goss - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/config/README.md b/composio/charts/temporal/charts/elasticsearch/examples/config/README.md deleted file mode 100644 index 410d754..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/config/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# Config - -This example deploy a single node Elasticsearch 7.17.3 with authentication and -custom [values][]. - - -## Usage - -* Create the required secrets: `make secrets` - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/config-master 9200 - curl -u elastic:changeme http://localhost:9200/_cat/indices - ``` - - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/config/test/goss.yaml -[values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/config/values.yaml diff --git a/composio/charts/temporal/charts/elasticsearch/examples/config/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/config/test/goss.yaml deleted file mode 100644 index 752db8d..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/config/test/goss.yaml +++ /dev/null @@ -1,29 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - username: elastic - password: "{{ .Env.ELASTIC_PASSWORD }}" - body: - - "green" - - '"number_of_nodes":1' - - '"number_of_data_nodes":1' - - http://localhost:9200: - status: 200 - timeout: 2000 - username: elastic - password: "{{ .Env.ELASTIC_PASSWORD }}" - body: - - '"cluster_name" : "config"' - - "You Know, for Search" - -command: - "elasticsearch-keystore list": - exit-status: 0 - stdout: - - keystore.seed - - bootstrap.password - - xpack.notification.slack.account.monitoring.secure_url - - xpack.notification.slack.account.otheraccount.secure_url - - xpack.watcher.encryption_key diff --git a/composio/charts/temporal/charts/elasticsearch/examples/config/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/config/values.yaml deleted file mode 100644 index 13cff2c..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/config/values.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -clusterName: "config" -replicas: 1 - -extraEnvs: - - name: ELASTIC_PASSWORD - valueFrom: - secretKeyRef: - name: elastic-config-credentials - key: password - -# This is just a dummy file to make sure that -# the keystore can be mounted at the same time -# as a custom elasticsearch.yml -esConfig: - elasticsearch.yml: | - xpack.security.enabled: true - path.data: /usr/share/elasticsearch/data - -keystore: - - secretName: elastic-config-secret - - secretName: elastic-config-slack - - secretName: elastic-config-custom-path - items: - - key: slack_url - path: xpack.notification.slack.account.otheraccount.secure_url diff --git a/composio/charts/temporal/charts/elasticsearch/examples/config/watcher_encryption_key b/composio/charts/temporal/charts/elasticsearch/examples/config/watcher_encryption_key deleted file mode 100644 index b5f9078..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/config/watcher_encryption_key +++ /dev/null @@ -1 +0,0 @@ -supersecret diff --git a/composio/charts/temporal/charts/elasticsearch/examples/default/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/default/Makefile deleted file mode 100644 index 389bf99..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/default/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-es-default -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install $(RELEASE) ../../ - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/default/README.md b/composio/charts/temporal/charts/elasticsearch/examples/default/README.md deleted file mode 100644 index c50ea2a..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/default/README.md +++ /dev/null @@ -1,25 +0,0 @@ -# Default - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster using -[default values][]. - - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/default/test/goss.yaml -[default values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/values.yaml diff --git a/composio/charts/temporal/charts/elasticsearch/examples/default/rolling_upgrade.sh b/composio/charts/temporal/charts/elasticsearch/examples/default/rolling_upgrade.sh deleted file mode 100644 index c5a2a88..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/default/rolling_upgrade.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash -x - -kubectl proxy || true & - -make & -PROC_ID=$! - -while kill -0 "$PROC_ID" >/dev/null 2>&1; do - echo "PROCESS IS RUNNING" - if curl --fail 'http://localhost:8001/api/v1/proxy/namespaces/default/services/elasticsearch-master:9200/_search' ; then - echo "cluster is healthy" - else - echo "cluster not healthy!" - exit 1 - fi - sleep 1 -done -echo "PROCESS TERMINATED" -exit 0 diff --git a/composio/charts/temporal/charts/elasticsearch/examples/default/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/default/test/goss.yaml deleted file mode 100644 index db9b68b..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/default/test/goss.yaml +++ /dev/null @@ -1,38 +0,0 @@ -kernel-param: - vm.max_map_count: - value: "262144" - -http: - http://elasticsearch-master:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - "green" - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - http://localhost:9200: - status: 200 - timeout: 2000 - body: - - '"number" : "7.17.3"' - - '"cluster_name" : "elasticsearch"' - - "You Know, for Search" - -file: - /usr/share/elasticsearch/data: - exists: true - mode: "2775" - owner: root - group: elasticsearch - filetype: directory - -mount: - /usr/share/elasticsearch/data: - exists: true - -user: - elasticsearch: - exists: true - uid: 1000 - gid: 1000 diff --git a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/Makefile deleted file mode 100644 index 18fd053..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -RELEASE := helm-es-docker-for-mac -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install - helm test $(RELEASE) - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/README.md b/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/README.md deleted file mode 100644 index 1b5f306..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# Docker for Mac - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster on [Docker for Mac][] -using [custom values][]. - -Note that this configuration should be used for test only and isn't recommended -for production. - - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - - -[custom values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/docker-for-mac/values.yaml -[docker for mac]: https://docs.docker.com/docker-for-mac/kubernetes/ diff --git a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/values.yaml deleted file mode 100644 index f7deba6..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/docker-for-mac/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Permit co-located instances for solitary minikube virtual machines. -antiAffinity: "soft" - -# Shrink default JVM heap. -esJavaOpts: "-Xmx128m -Xms128m" - -# Allocate smaller chunks of memory per pod. -resources: - requests: - cpu: "100m" - memory: "512M" - limits: - cpu: "1000m" - memory: "512M" - -# Request smaller persistent volumes. -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "hostpath" - resources: - requests: - storage: 100M diff --git a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/Makefile deleted file mode 100644 index 9e5602d..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -default: test - -RELEASE := helm-es-kind -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -install-local-path: - kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values-local-path.yaml $(RELEASE) ../../ - -test: install - helm test $(RELEASE) - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/README.md b/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/README.md deleted file mode 100644 index a026c6f..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/README.md +++ /dev/null @@ -1,36 +0,0 @@ -# KIND - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster on [Kind][] -using [custom values][]. - -Note that this configuration should be used for test only and isn't recommended -for production. - -Note that Kind < 0.7.0 are affected by a [kind issue][] with mount points -created from PVCs not writable by non-root users. [kubernetes-sigs/kind#1157][] -fix it in Kind 0.7.0. - -The workaround for Kind < 0.7.0 is to install manually -[Rancher Local Path Provisioner][] and use `local-path` storage class for -Elasticsearch volumes (see [Makefile][] instructions). - - -## Usage - -* For Kind >= 0.7.0: Deploy Elasticsearch chart with the default values: `make install` -* For Kind < 0.7.0: Deploy Elasticsearch chart with `local-path` storage class: `make install-local-path` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - - -[custom values]: https://github.com/elastic/helm-charts/blob/7.17/elasticsearch/examples/kubernetes-kind/values.yaml -[kind]: https://kind.sigs.k8s.io/ -[kind issue]: https://github.com/kubernetes-sigs/kind/issues/830 -[kubernetes-sigs/kind#1157]: https://github.com/kubernetes-sigs/kind/pull/1157 -[rancher local path provisioner]: https://github.com/rancher/local-path-provisioner -[Makefile]: https://github.com/elastic/helm-charts/blob/7.17/elasticsearch/examples/kubernetes-kind/Makefile#L5 diff --git a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values-local-path.yaml b/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values-local-path.yaml deleted file mode 100644 index 500ad4b..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values-local-path.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Permit co-located instances for solitary minikube virtual machines. -antiAffinity: "soft" - -# Shrink default JVM heap. -esJavaOpts: "-Xmx128m -Xms128m" - -# Allocate smaller chunks of memory per pod. -resources: - requests: - cpu: "100m" - memory: "512M" - limits: - cpu: "1000m" - memory: "512M" - -# Request smaller persistent volumes. -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "local-path" - resources: - requests: - storage: 100M diff --git a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values.yaml deleted file mode 100644 index 500ad4b..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/kubernetes-kind/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Permit co-located instances for solitary minikube virtual machines. -antiAffinity: "soft" - -# Shrink default JVM heap. -esJavaOpts: "-Xmx128m -Xms128m" - -# Allocate smaller chunks of memory per pod. -resources: - requests: - cpu: "100m" - memory: "512M" - limits: - cpu: "1000m" - memory: "512M" - -# Request smaller persistent volumes. -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "local-path" - resources: - requests: - storage: 100M diff --git a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/microk8s/Makefile deleted file mode 100644 index 2d0012d..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -RELEASE := helm-es-microk8s -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install - helm test $(RELEASE) - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/README.md b/composio/charts/temporal/charts/elasticsearch/examples/microk8s/README.md deleted file mode 100644 index bd611bd..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/README.md +++ /dev/null @@ -1,32 +0,0 @@ -# MicroK8S - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster on [MicroK8S][] -using [custom values][]. - -Note that this configuration should be used for test only and isn't recommended -for production. - - -## Requirements - -The following MicroK8S [addons][] need to be enabled: -- `dns` -- `helm` -- `storage` - - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - - -[addons]: https://microk8s.io/docs/addons -[custom values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/microk8s/values.yaml -[MicroK8S]: https://microk8s.io diff --git a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/microk8s/values.yaml deleted file mode 100644 index 2627ecb..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/microk8s/values.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Disable privileged init Container creation. -sysctlInitContainer: - enabled: false - -# Restrict the use of the memory-mapping when sysctlInitContainer is disabled. -esConfig: - elasticsearch.yml: | - node.store.allow_mmap: false - -# Permit co-located instances for solitary minikube virtual machines. -antiAffinity: "soft" - -# Shrink default JVM heap. -esJavaOpts: "-Xmx128m -Xms128m" - -# Allocate smaller chunks of memory per pod. -resources: - requests: - cpu: "100m" - memory: "512M" - limits: - cpu: "1000m" - memory: "512M" - -# Request smaller persistent volumes. -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "microk8s-hostpath" - resources: - requests: - storage: 100M diff --git a/composio/charts/temporal/charts/elasticsearch/examples/migration/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/migration/Makefile deleted file mode 100644 index 020906f..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/migration/Makefile +++ /dev/null @@ -1,10 +0,0 @@ -PREFIX := helm-es-migration - -data: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values data.yaml $(PREFIX)-data ../../ - -master: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values master.yaml $(PREFIX)-master ../../ - -client: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values client.yaml $(PREFIX)-client ../../ diff --git a/composio/charts/temporal/charts/elasticsearch/examples/migration/README.md b/composio/charts/temporal/charts/elasticsearch/examples/migration/README.md deleted file mode 100644 index fe6333d..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/migration/README.md +++ /dev/null @@ -1,167 +0,0 @@ -# Migration Guide from helm/charts - -There are two viable options for migrating from the community Elasticsearch Helm -chart from the [helm/charts][] repo. - -1. Restoring from Snapshot to a fresh cluster -2. Live migration by joining a new cluster to the existing cluster. - -## Restoring from Snapshot - -This is the recommended and preferred option. The downside is that it will -involve a period of write downtime during the migration. If you have a way to -temporarily stop writes to your cluster then this is the way to go. This is also -a lot simpler as it just involves launching a fresh cluster and restoring a -snapshot following the [restoring to a different cluster guide][]. - -## Live migration - -If restoring from a snapshot is not possible due to the write downtime then a -live migration is also possible. It is very important to first test this in a -testing environment to make sure you are comfortable with the process and fully -understand what is happening. - -This process will involve joining a new set of master, data and client nodes to -an existing cluster that has been deployed using the [helm/charts][] community -chart. Nodes will then be replaced one by one in a controlled fashion to -decommission the old cluster. - -This example will be using the default values for the existing helm/charts -release and for the Elastic helm-charts release. If you have changed any of the -default values then you will need to first make sure that your values are -configured in a compatible way before starting the migration. - -The process will involve a re-sync and a rolling restart of all of your data -nodes. Therefore it is important to disable shard allocation and perform a synced -flush like you normally would during any other rolling upgrade. See the -[rolling upgrades guide][] for more information. - -* The default image for this chart is -`docker.elastic.co/elasticsearch/elasticsearch` which contains the default -distribution of Elasticsearch with a [basic license][]. Make sure to update the -`image` and `imageTag` values to the correct Docker image and Elasticsearch -version that you currently have deployed. - -* Convert your current helm/charts configuration into something that is -compatible with this chart. - -* Take a fresh snapshot of your cluster. If something goes wrong you want to be -able to restore your data no matter what. - -* Check that your clusters health is green. If not abort and make sure your -cluster is healthy before continuing: - - ``` - curl localhost:9200/_cluster/health - ``` - -* Deploy new data nodes which will join the existing cluster. Take a look at the -configuration in [data.yaml][]: - - ``` - make data - ``` - -* Check that the new nodes have joined the cluster (run this and any other curl -commands from within one of your pods): - - ``` - curl localhost:9200/_cat/nodes - ``` - -* Check that your cluster is still green. If so we can now start to scale down -the existing data nodes. Assuming you have the default amount of data nodes (2) -we now want to scale it down to 1: - - ``` - kubectl scale statefulsets my-release-elasticsearch-data --replicas=1 - ``` - -* Wait for your cluster to become green again: - - ``` - watch 'curl -s localhost:9200/_cluster/health' - ``` - -* Once the cluster is green we can scale down again: - - ``` - kubectl scale statefulsets my-release-elasticsearch-data --replicas=0 - ``` - -* Wait for the cluster to be green again. -* OK. We now have all data nodes running in the new cluster. Time to replace the -masters by firstly scaling down the masters from 3 to 2. Between each step make -sure to wait for the cluster to become green again, and check with -`curl localhost:9200/_cat/nodes` that you see the correct amount of master -nodes. During this process we will always make sure to keep at least 2 master -nodes as to not lose quorum: - - ``` - kubectl scale statefulsets my-release-elasticsearch-master --replicas=2 - ``` - -* Now deploy a single new master so that we have 3 masters again. See -[master.yaml][] for the configuration: - - ``` - make master - ``` - -* Scale down old masters to 1: - - ``` - kubectl scale statefulsets my-release-elasticsearch-master --replicas=1 - ``` - -* Edit the masters in [masters.yaml][] to 2 and redeploy: - - ``` - make master - ``` - -* Scale down the old masters to 0: - - ``` - kubectl scale statefulsets my-release-elasticsearch-master --replicas=0 - ``` - -* Edit the [masters.yaml][] to have 3 replicas and remove the -`discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the -masters. This will make sure all 3 masters are running in the new cluster and -are pointing at each other for discovery: - - ``` - make master - ``` - -* Remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then -redeploy the data nodes to make sure they are pointing at the new masters: - - ``` - make data - ``` - -* Deploy the client nodes: - - ``` - make client - ``` - -* Update any processes that are talking to the existing client nodes and point -them to the new client nodes. Once this is done you can scale down the old -client nodes: - - ``` - kubectl scale deployment my-release-elasticsearch-client --replicas=0 - ``` - -* The migration should now be complete. After verifying that everything is -working correctly you can cleanup leftover resources from your old cluster. - -[basic license]: https://www.elastic.co/subscriptions -[data.yaml]: https://github.com/elastic/helm-charts/blob/7.17/elasticsearch/examples/migration/data.yaml -[helm/charts]: https://github.com/helm/charts/tree/7.17/stable/elasticsearch -[master.yaml]: https://github.com/elastic/helm-charts/blob/7.17/elasticsearch/examples/migration/master.yaml -[restoring to a different cluster guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/modules-snapshots.html#_restoring_to_a_different_cluster -[rolling upgrades guide]: https://www.elastic.co/guide/en/elasticsearch/reference/6.8/rolling-upgrades.html diff --git a/composio/charts/temporal/charts/elasticsearch/examples/migration/client.yaml b/composio/charts/temporal/charts/elasticsearch/examples/migration/client.yaml deleted file mode 100644 index 30ee700..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/migration/client.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -replicas: 2 - -clusterName: "elasticsearch" -nodeGroup: "client" - -esMajorVersion: 6 - -roles: - master: "false" - ingest: "false" - data: "false" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "standard" - resources: - requests: - storage: 1Gi # Currently needed till pvcs are made optional - -persistence: - enabled: false diff --git a/composio/charts/temporal/charts/elasticsearch/examples/migration/data.yaml b/composio/charts/temporal/charts/elasticsearch/examples/migration/data.yaml deleted file mode 100644 index eedcbb0..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/migration/data.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- - -replicas: 2 - -esMajorVersion: 6 - -extraEnvs: - - name: discovery.zen.ping.unicast.hosts - value: "my-release-elasticsearch-discovery" - -clusterName: "elasticsearch" -nodeGroup: "data" - -roles: - master: "false" - ingest: "false" - data: "true" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/migration/master.yaml b/composio/charts/temporal/charts/elasticsearch/examples/migration/master.yaml deleted file mode 100644 index 3e3a2f1..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/migration/master.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- - -# Temporarily set to 3 so we can scale up/down the old a new cluster -# one at a time whilst always keeping 3 masters running -replicas: 1 - -esMajorVersion: 6 - -extraEnvs: - - name: discovery.zen.ping.unicast.hosts - value: "my-release-elasticsearch-discovery" - -clusterName: "elasticsearch" -nodeGroup: "master" - -roles: - master: "true" - ingest: "false" - data: "false" - -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "standard" - resources: - requests: - storage: 4Gi diff --git a/composio/charts/temporal/charts/elasticsearch/examples/minikube/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/minikube/Makefile deleted file mode 100644 index 1021d98..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/minikube/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -RELEASE := helm-es-minikube -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install - helm test $(RELEASE) - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/minikube/README.md b/composio/charts/temporal/charts/elasticsearch/examples/minikube/README.md deleted file mode 100644 index c13052a..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/minikube/README.md +++ /dev/null @@ -1,38 +0,0 @@ -# Minikube - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster on [Minikube][] -using [custom values][]. - -If helm or kubectl timeouts occur, you may consider creating a minikube VM with -more CPU cores or memory allocated. - -Note that this configuration should be used for test only and isn't recommended -for production. - - -## Requirements - -In order to properly support the required persistent volume claims for the -Elasticsearch StatefulSet, the `default-storageclass` and `storage-provisioner` -minikube addons must be enabled. - -``` -minikube addons enable default-storageclass -minikube addons enable storage-provisioner -``` - - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - - -[custom values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/minikube/values.yaml -[minikube]: https://minikube.sigs.k8s.io/docs/ diff --git a/composio/charts/temporal/charts/elasticsearch/examples/minikube/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/minikube/values.yaml deleted file mode 100644 index ccceb3a..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/minikube/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Permit co-located instances for solitary minikube virtual machines. -antiAffinity: "soft" - -# Shrink default JVM heap. -esJavaOpts: "-Xmx128m -Xms128m" - -# Allocate smaller chunks of memory per pod. -resources: - requests: - cpu: "100m" - memory: "512M" - limits: - cpu: "1000m" - memory: "512M" - -# Request smaller persistent volumes. -volumeClaimTemplate: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "standard" - resources: - requests: - storage: 100M diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/multi/Makefile deleted file mode 100644 index 243e504..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -PREFIX := helm-es-multi -RELEASE := helm-es-multi-master -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values master.yaml $(PREFIX)-master ../../ - helm upgrade --wait --timeout=$(TIMEOUT) --install --values data.yaml $(PREFIX)-data ../../ - helm upgrade --wait --timeout=$(TIMEOUT) --install --values client.yaml $(PREFIX)-client ../../ - -test: install goss - -purge: - helm del $(PREFIX)-master - helm del $(PREFIX)-data - helm del $(PREFIX)-client diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/README.md b/composio/charts/temporal/charts/elasticsearch/examples/multi/README.md deleted file mode 100644 index db3380a..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/README.md +++ /dev/null @@ -1,29 +0,0 @@ -# Multi - -This example deploy an Elasticsearch 7.17.3 cluster composed of 3 different Helm -releases: - -- `helm-es-multi-master` for the 3 master nodes using [master values][] -- `helm-es-multi-data` for the 3 data nodes using [data values][] -- `helm-es-multi-client` for the 3 client nodes using [client values][] - -## Usage - -* Deploy the 3 Elasticsearch releases: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/multi-master 9200 - curl -u elastic:changeme http://localhost:9200/_cat/indices - ``` - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[client values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi/client.yaml -[data values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi/data.yaml -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi/test/goss.yaml -[master values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/multi/master.yaml diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/client.yaml b/composio/charts/temporal/charts/elasticsearch/examples/multi/client.yaml deleted file mode 100644 index dbe5b05..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/client.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -clusterName: "multi" -nodeGroup: "client" - -roles: - master: "false" - ingest: "false" - data: "false" - ml: "false" - remote_cluster_client: "false" - -persistence: - enabled: false diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/data.yaml b/composio/charts/temporal/charts/elasticsearch/examples/multi/data.yaml deleted file mode 100644 index 2e3a909..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/data.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -clusterName: "multi" -nodeGroup: "data" - -roles: - master: "false" - ingest: "true" - data: "true" - ml: "false" - remote_cluster_client: "false" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/master.yaml b/composio/charts/temporal/charts/elasticsearch/examples/multi/master.yaml deleted file mode 100644 index 6b8c082..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/master.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -clusterName: "multi" -nodeGroup: "master" - -roles: - master: "true" - ingest: "false" - data: "false" - ml: "false" - remote_cluster_client: "false" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/multi/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/multi/test/goss.yaml deleted file mode 100644 index 794416b..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/multi/test/goss.yaml +++ /dev/null @@ -1,9 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - 'green' - - '"cluster_name":"multi"' - - '"number_of_nodes":9' - - '"number_of_data_nodes":3' diff --git a/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/Makefile deleted file mode 100644 index e7b20c5..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-es-networkpolicy -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/values.yaml deleted file mode 100644 index 1963d20..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/networkpolicy/values.yaml +++ /dev/null @@ -1,37 +0,0 @@ -networkPolicy: - http: - enabled: true - explicitNamespacesSelector: - # Accept from namespaces with all those different rules (from whitelisted Pods) - matchLabels: - role: frontend-http - matchExpressions: - - {key: role, operator: In, values: [frontend-http]} - additionalRules: - - podSelector: - matchLabels: - role: frontend-http - - podSelector: - matchExpressions: - - key: role - operator: In - values: - - frontend-http - transport: - enabled: true - allowExternal: true - explicitNamespacesSelector: - matchLabels: - role: frontend-transport - matchExpressions: - - {key: role, operator: In, values: [frontend-transport]} - additionalRules: - - podSelector: - matchLabels: - role: frontend-transport - - podSelector: - matchExpressions: - - key: role - operator: In - values: - - frontend-transport diff --git a/composio/charts/temporal/charts/elasticsearch/examples/openshift/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/openshift/Makefile deleted file mode 100644 index 078c33c..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/openshift/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := elasticsearch - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/openshift/README.md b/composio/charts/temporal/charts/elasticsearch/examples/openshift/README.md deleted file mode 100644 index f410ef9..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/openshift/README.md +++ /dev/null @@ -1,24 +0,0 @@ -# OpenShift - -This example deploy a 3 nodes Elasticsearch 7.17.3 cluster on [OpenShift][] -using [custom values][]. - -## Usage - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/elasticsearch-master 9200 - curl localhost:9200/_cat/indices - ``` - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[custom values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/openshift/values.yaml -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/openshift/test/goss.yaml -[openshift]: https://www.openshift.com/ diff --git a/composio/charts/temporal/charts/elasticsearch/examples/openshift/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/openshift/test/goss.yaml deleted file mode 100644 index f897164..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/openshift/test/goss.yaml +++ /dev/null @@ -1,16 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - "green" - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - http://localhost:9200: - status: 200 - timeout: 2000 - body: - - '"number" : "7.17.3"' - - '"cluster_name" : "elasticsearch"' - - "You Know, for Search" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/openshift/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/openshift/values.yaml deleted file mode 100644 index 8a21126..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/openshift/values.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -securityContext: - runAsUser: null - -podSecurityContext: - fsGroup: null - runAsUser: null - -sysctlInitContainer: - enabled: false diff --git a/composio/charts/temporal/charts/elasticsearch/examples/security/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/security/Makefile deleted file mode 100644 index beddbef..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/security/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -RELEASE := helm-es-security -ELASTICSEARCH_IMAGE := docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) -TIMEOUT := 1200s - -install: - helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../ - -test: secrets install goss - -purge: - kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true - helm del $(RELEASE) - -pull-elasticsearch-image: - docker pull $(ELASTICSEARCH_IMAGE) - -secrets: - docker rm -f elastic-helm-charts-certs || true - rm -f elastic-certificates.p12 elastic-certificate.pem elastic-certificate.crt elastic-stack-ca.p12 || true - password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm busybox:1.31.1 /bin/sh -c "< /dev/urandom tr -cd '[:alnum:]' | head -c20")) && \ - docker run --name elastic-helm-charts-certs -i -w /app \ - $(ELASTICSEARCH_IMAGE) \ - /bin/sh -c " \ - elasticsearch-certutil ca --out /app/elastic-stack-ca.p12 --pass '' && \ - elasticsearch-certutil cert --name security-master --dns security-master --ca /app/elastic-stack-ca.p12 --pass '' --ca-pass '' --out /app/elastic-certificates.p12" && \ - docker cp elastic-helm-charts-certs:/app/elastic-certificates.p12 ./ && \ - docker rm -f elastic-helm-charts-certs && \ - openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem && \ - openssl x509 -outform der -in elastic-certificate.pem -out elastic-certificate.crt && \ - kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 && \ - kubectl create secret generic elastic-certificate-pem --from-file=elastic-certificate.pem && \ - kubectl create secret generic elastic-certificate-crt --from-file=elastic-certificate.crt && \ - kubectl create secret generic elastic-credentials --from-literal=password=$$password --from-literal=username=elastic && \ - rm -f elastic-certificates.p12 elastic-certificate.pem elastic-certificate.crt elastic-stack-ca.p12 diff --git a/composio/charts/temporal/charts/elasticsearch/examples/security/README.md b/composio/charts/temporal/charts/elasticsearch/examples/security/README.md deleted file mode 100644 index e0b5eff..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/security/README.md +++ /dev/null @@ -1,29 +0,0 @@ -# Security - -This example deploy a 3 nodes Elasticsearch 7.17.3 with authentication and -autogenerated certificates for TLS (see [values][]). - -Note that this configuration should be used for test only. For a production -deployment you should generate SSL certificates following the [official docs][]. - -## Usage - -* Create the required secrets: `make secrets` - -* Deploy Elasticsearch chart with the default values: `make install` - -* You can now setup a port forward to query Elasticsearch API: - - ``` - kubectl port-forward svc/security-master 9200 - curl -u elastic:changeme https://localhost:9200/_cat/indices - ``` - -## Testing - -You can also run [goss integration tests][] using `make test` - - -[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/security/test/goss.yaml -[official docs]: https://www.elastic.co/guide/en/elasticsearch/reference/7.17/configuring-tls.html#node-certificates -[values]: https://github.com/elastic/helm-charts/tree/7.17/elasticsearch/examples/security/values.yaml diff --git a/composio/charts/temporal/charts/elasticsearch/examples/security/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/security/test/goss.yaml deleted file mode 100644 index c52e05f..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/security/test/goss.yaml +++ /dev/null @@ -1,44 +0,0 @@ -http: - https://security-master:9200/_cluster/health: - status: 200 - timeout: 2000 - allow-insecure: true - username: elastic - password: "{{ .Env.ELASTIC_PASSWORD }}" - body: - - "green" - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - https://localhost:9200/: - status: 200 - timeout: 2000 - allow-insecure: true - username: elastic - password: "{{ .Env.ELASTIC_PASSWORD }}" - body: - - '"cluster_name" : "security"' - - "You Know, for Search" - - https://localhost:9200/_xpack/license: - status: 200 - timeout: 2000 - allow-insecure: true - username: elastic - password: "{{ .Env.ELASTIC_PASSWORD }}" - body: - - "active" - - "basic" - -file: - /usr/share/elasticsearch/config/elasticsearch.yml: - exists: true - contains: - - "xpack.security.enabled: true" - - "xpack.security.transport.ssl.enabled: true" - - "xpack.security.transport.ssl.verification_mode: certificate" - - "xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" - - "xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" - - "xpack.security.http.ssl.enabled: true" - - "xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" - - "xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/security/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/security/values.yaml deleted file mode 100644 index ac26231..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/security/values.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -clusterName: "security" -nodeGroup: "master" - -roles: - master: "true" - ingest: "true" - data: "true" - -protocol: https - -esConfig: - elasticsearch.yml: | - xpack.security.enabled: true - xpack.security.transport.ssl.enabled: true - xpack.security.transport.ssl.verification_mode: certificate - xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 - xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 - xpack.security.http.ssl.enabled: true - xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 - xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 - -extraEnvs: - - name: ELASTIC_PASSWORD - valueFrom: - secretKeyRef: - name: elastic-credentials - key: password - -secretMounts: - - name: elastic-certificates - secretName: elastic-certificates - path: /usr/share/elasticsearch/config/certs diff --git a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/Makefile b/composio/charts/temporal/charts/elasticsearch/examples/upgrade/Makefile deleted file mode 100644 index 9251d3b..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -default: test - -include ../../../helpers/examples.mk - -CHART := elasticsearch -RELEASE := helm-es-upgrade -FROM := 7.4.0 # versions before 7.4.O aren't compatible with Kubernetes >= 1.16.0 - -install: - ../../../helpers/upgrade.sh --chart $(CHART) --release $(RELEASE) --from $(FROM) - kubectl rollout status statefulset upgrade-master - -test: install goss - -purge: - helm del $(RELEASE) diff --git a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/README.md b/composio/charts/temporal/charts/elasticsearch/examples/upgrade/README.md deleted file mode 100644 index 85977f5..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# Upgrade - -This example will deploy a 3 node Elasticsearch cluster chart using an old chart -version, then upgrade it. - - -## Usage - -* Deploy and upgrade Elasticsearch chart with the default values: `make install` - - -## Testing - -You can also run [goss integration tests][] using `make test`. - - -[goss integration tests]: https://github.com/elastic/helm-charts/tree/master/elasticsearch/examples/upgrade/test/goss.yaml diff --git a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/scripts/upgrade.sh b/composio/charts/temporal/charts/elasticsearch/examples/upgrade/scripts/upgrade.sh deleted file mode 100644 index 59853e0..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/scripts/upgrade.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -usage() { - cat <<-EOF - USAGE: - $0 [--release ] [--from ] - $0 --help - - OPTIONS: - --release - Name of the Helm release to install - --from - Elasticsearch version to use for first install - EOF - exit 1 -} - -RELEASE="helm-es-upgrade" -FROM="" - -while [[ $# -gt 0 ]] -do - key="$1" - - case $key in - --help) - usage - ;; - --release) - RELEASE="$2" - shift 2 - ;; - --from) - FROM="$2" - shift 2 - ;; - *) - log "Unrecognized argument: '$key'" - usage - ;; - esac -done - -if ! command -v jq > /dev/null -then - echo 'jq is required to use this script' - echo 'please check https://stedolan.github.io/jq/download/ to install it' - exit 1 -fi - -# Elasticsearch chart < 7.4.0 are not compatible with K8S >= 1.16) -if [[ -z $FROM ]] -then - KUBE_MINOR_VERSION=$(kubectl version -o json | jq --raw-output --exit-status '.serverVersion.minor' | sed 's/[^0-9]*//g') - - if [ "$KUBE_MINOR_VERSION" -lt 16 ] - then - FROM="7.0.0-alpha1" - else - FROM="7.4.0" - fi -fi - -helm repo add elastic https://helm.elastic.co - -# Initial install -printf "Installing Elasticsearch chart %s\n" "$FROM" -helm upgrade --wait --timeout=600s --install "$RELEASE" elastic/elasticsearch --version "$FROM" --set clusterName=upgrade -kubectl rollout status sts/upgrade-master --timeout=600s - -# Upgrade -printf "Upgrading Elasticsearch chart\n" -helm upgrade --wait --timeout=600s --set terminationGracePeriod=121 --install "$RELEASE" ../../ --set clusterName=upgrade -kubectl rollout status sts/upgrade-master --timeout=600s diff --git a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/test/goss.yaml b/composio/charts/temporal/charts/elasticsearch/examples/upgrade/test/goss.yaml deleted file mode 100644 index 714022d..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/test/goss.yaml +++ /dev/null @@ -1,16 +0,0 @@ -http: - http://localhost:9200/_cluster/health: - status: 200 - timeout: 2000 - body: - - "green" - - '"number_of_nodes":3' - - '"number_of_data_nodes":3' - - http://localhost:9200: - status: 200 - timeout: 2000 - body: - - '"number" : "7.17.3"' - - '"cluster_name" : "upgrade"' - - "You Know, for Search" diff --git a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/values.yaml b/composio/charts/temporal/charts/elasticsearch/examples/upgrade/values.yaml deleted file mode 100644 index de0283a..0000000 --- a/composio/charts/temporal/charts/elasticsearch/examples/upgrade/values.yaml +++ /dev/null @@ -1,2 +0,0 @@ ---- -clusterName: upgrade diff --git a/composio/charts/temporal/charts/elasticsearch/templates/NOTES.txt b/composio/charts/temporal/charts/elasticsearch/templates/NOTES.txt deleted file mode 100644 index 88b5dd5..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/NOTES.txt +++ /dev/null @@ -1,6 +0,0 @@ -1. Watch all cluster members come up. - $ kubectl get pods --namespace={{ .Release.Namespace }} -l app={{ template "elasticsearch.uname" . }} -w -{{- if .Values.tests.enabled -}} -2. Test cluster health using Helm test. - $ helm --namespace={{ .Release.Namespace }} test {{ .Release.Name }} -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/_helpers.tpl b/composio/charts/temporal/charts/elasticsearch/templates/_helpers.tpl deleted file mode 100644 index b2ae034..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/_helpers.tpl +++ /dev/null @@ -1,84 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "elasticsearch.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "elasticsearch.fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "elasticsearch.uname" -}} -{{- if empty .Values.fullnameOverride -}} -{{- if empty .Values.nameOverride -}} -{{ .Values.clusterName }}-{{ .Values.nodeGroup }} -{{- else -}} -{{ .Values.nameOverride }}-{{ .Values.nodeGroup }} -{{- end -}} -{{- else -}} -{{ .Values.fullnameOverride }} -{{- end -}} -{{- end -}} - -{{/* -Generate certificates -*/}} -{{- define "elasticsearch.gen-certs" -}} -{{- $altNames := list ( printf "%s.%s" (include "elasticsearch.name" .) .Release.Namespace ) ( printf "%s.%s.svc" (include "elasticsearch.name" .) .Release.Namespace ) -}} -{{- $ca := genCA "elasticsearch-ca" 365 -}} -{{- $cert := genSignedCert ( include "elasticsearch.name" . ) nil $altNames 365 $ca -}} -tls.crt: {{ $cert.Cert | toString | b64enc }} -tls.key: {{ $cert.Key | toString | b64enc }} -ca.crt: {{ $ca.Cert | toString | b64enc }} -{{- end -}} - -{{- define "elasticsearch.masterService" -}} -{{- if empty .Values.masterService -}} -{{- if empty .Values.fullnameOverride -}} -{{- if empty .Values.nameOverride -}} -{{ .Values.clusterName }}-master -{{- else -}} -{{ .Values.nameOverride }}-master -{{- end -}} -{{- else -}} -{{ .Values.fullnameOverride }} -{{- end -}} -{{- else -}} -{{ .Values.masterService }} -{{- end -}} -{{- end -}} - -{{- define "elasticsearch.endpoints" -}} -{{- $replicas := int (toString (.Values.replicas)) }} -{{- $uname := (include "elasticsearch.uname" .) }} - {{- range $i, $e := untilStep 0 $replicas 1 -}} -{{ $uname }}-{{ $i }}, - {{- end -}} -{{- end -}} - -{{- define "elasticsearch.esMajorVersion" -}} -{{- if .Values.esMajorVersion -}} -{{ .Values.esMajorVersion }} -{{- else -}} -{{- $version := int (index (.Values.imageTag | splitList ".") 0) -}} - {{- if and (contains "docker.elastic.co/elasticsearch/elasticsearch" .Values.image) (not (eq $version 0)) -}} -{{ $version }} - {{- else -}} -7 - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Use the fullname if the serviceAccount value is not set -*/}} -{{- define "elasticsearch.serviceAccount" -}} -{{- .Values.rbac.serviceAccountName | default (include "elasticsearch.uname" .) -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/configmap.yaml b/composio/charts/temporal/charts/elasticsearch/templates/configmap.yaml deleted file mode 100644 index fd1ad30..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/configmap.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if .Values.esConfig }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "elasticsearch.uname" . }}-config - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" -data: -{{- range $path, $config := .Values.esConfig }} - {{ $path }}: | -{{ $config | indent 4 -}} -{{- end -}} -{{- end -}} -{{- if .Values.esJvmOptions }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "elasticsearch.uname" . }}-jvm-options - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" -data: -{{- range $path, $config := .Values.esJvmOptions }} - {{ $path }}: | -{{ $config | indent 4 -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/composio/charts/temporal/charts/elasticsearch/templates/ingress.yaml b/composio/charts/temporal/charts/elasticsearch/templates/ingress.yaml deleted file mode 100644 index e60cebf..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/ingress.yaml +++ /dev/null @@ -1,64 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "elasticsearch.uname" . -}} -{{- $httpPort := .Values.httpPort -}} -{{- $pathtype := .Values.ingress.pathtype -}} -{{- $ingressPath := .Values.ingress.path -}} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - app: {{ .Chart.Name }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className | quote }} - {{- end }} -{{- if .Values.ingress.tls }} - tls: - {{- if .ingressPath }} - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- else }} -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end }} -{{- end}} - rules: - {{- range .Values.ingress.hosts }} - {{- if $ingressPath }} - - host: {{ . }} - http: - paths: - - path: {{ $ingressPath }} - pathType: {{ $pathtype }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $httpPort }} - {{- else }} - - host: {{ .host }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - pathType: {{ $pathtype }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ .servicePort | default $httpPort }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/networkpolicy.yaml b/composio/charts/temporal/charts/elasticsearch/templates/networkpolicy.yaml deleted file mode 100644 index 62bb1bd..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/networkpolicy.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if (or .Values.networkPolicy.http.enabled .Values.networkPolicy.transport.enabled) }} -kind: NetworkPolicy -apiVersion: networking.k8s.io/v1 -metadata: - name: {{ template "elasticsearch.uname" . }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" -spec: - podSelector: - matchLabels: - app: "{{ template "elasticsearch.uname" . }}" - ingress: # Allow inbound connections - -{{- if .Values.networkPolicy.http.enabled }} - # For HTTP access - - ports: - - port: {{ .Values.httpPort }} - from: - # From authorized Pods (having the correct label) - - podSelector: - matchLabels: - {{ template "elasticsearch.uname" . }}-http-client: "true" -{{- with .Values.networkPolicy.http.explicitNamespacesSelector }} - # From authorized namespaces - namespaceSelector: -{{ toYaml . | indent 12 }} -{{- end }} -{{- with .Values.networkPolicy.http.additionalRules }} - # Or from custom additional rules -{{ toYaml . | indent 8 }} -{{- end }} -{{- end }} - -{{- if .Values.networkPolicy.transport.enabled }} - # For transport access - - ports: - - port: {{ .Values.transportPort }} - from: - # From authorized Pods (having the correct label) - - podSelector: - matchLabels: - {{ template "elasticsearch.uname" . }}-transport-client: "true" -{{- with .Values.networkPolicy.transport.explicitNamespacesSelector }} - # From authorized namespaces - namespaceSelector: -{{ toYaml . | indent 12 }} -{{- end }} -{{- with .Values.networkPolicy.transport.additionalRules }} - # Or from custom additional rules -{{ toYaml . | indent 8 }} -{{- end }} - # Or from other ElasticSearch Pods - - podSelector: - matchLabels: - app: "{{ template "elasticsearch.uname" . }}" -{{- end }} - -{{- end }} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/poddisruptionbudget.yaml b/composio/charts/temporal/charts/elasticsearch/templates/poddisruptionbudget.yaml deleted file mode 100644 index 6d0bdf3..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.maxUnavailable }} -{{- if .Capabilities.APIVersions.Has "policy/v1" -}} -apiVersion: policy/v1 -{{- else}} -apiVersion: policy/v1beta1 -{{- end }} -kind: PodDisruptionBudget -metadata: - name: "{{ template "elasticsearch.uname" . }}-pdb" -spec: - maxUnavailable: {{ .Values.maxUnavailable }} - selector: - matchLabels: - app: "{{ template "elasticsearch.uname" . }}" -{{- end }} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/podsecuritypolicy.yaml b/composio/charts/temporal/charts/elasticsearch/templates/podsecuritypolicy.yaml deleted file mode 100644 index e22e75c..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/podsecuritypolicy.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.podSecurityPolicy.create -}} -{{- $fullName := include "elasticsearch.uname" . -}} -{{- if .Capabilities.APIVersions.Has "policy/v1" -}} -apiVersion: policy/v1 -{{- else}} -apiVersion: policy/v1beta1 -{{- end }} -kind: PodSecurityPolicy -metadata: - name: {{ default $fullName .Values.podSecurityPolicy.name | quote }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - app: {{ $fullName | quote }} -spec: -{{ toYaml .Values.podSecurityPolicy.spec | indent 2 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/role.yaml b/composio/charts/temporal/charts/elasticsearch/templates/role.yaml deleted file mode 100644 index d3a7ee3..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/role.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.rbac.create -}} -{{- $fullName := include "elasticsearch.uname" . -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ $fullName | quote }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - app: {{ $fullName | quote }} -rules: - - apiGroups: - - extensions - resources: - - podsecuritypolicies - resourceNames: - {{- if eq .Values.podSecurityPolicy.name "" }} - - {{ $fullName | quote }} - {{- else }} - - {{ .Values.podSecurityPolicy.name | quote }} - {{- end }} - verbs: - - use -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/rolebinding.yaml b/composio/charts/temporal/charts/elasticsearch/templates/rolebinding.yaml deleted file mode 100644 index e0ecced..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/rolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.rbac.create -}} -{{- $fullName := include "elasticsearch.uname" . -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ $fullName | quote }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - app: {{ $fullName | quote }} -subjects: - - kind: ServiceAccount - name: "{{ template "elasticsearch.serviceAccount" . }}" - namespace: {{ .Release.Namespace | quote }} -roleRef: - kind: Role - name: {{ $fullName | quote }} - apiGroup: rbac.authorization.k8s.io -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/service.yaml b/composio/charts/temporal/charts/elasticsearch/templates/service.yaml deleted file mode 100644 index 5fe52eb..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/service.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- if .Values.service.enabled -}} ---- -kind: Service -apiVersion: v1 -metadata: -{{- if eq .Values.nodeGroup "master" }} - name: {{ template "elasticsearch.masterService" . }} -{{- else }} - name: {{ template "elasticsearch.uname" . }} -{{- end }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" -{{- if .Values.service.labels }} -{{ toYaml .Values.service.labels | indent 4}} -{{- end }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -spec: - type: {{ .Values.service.type }} - selector: - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" - publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }} - ports: - - name: {{ .Values.service.httpPortName | default "http" }} - protocol: TCP - port: {{ .Values.httpPort }} -{{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} -{{- end }} - - name: {{ .Values.service.transportPortName | default "transport" }} - protocol: TCP - port: {{ .Values.transportPort }} -{{- if .Values.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} -{{- end }} -{{- with .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml . | indent 4 }} -{{- end }} -{{- if .Values.service.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} -{{- end }} -{{- end }} ---- -kind: Service -apiVersion: v1 -metadata: -{{- if eq .Values.nodeGroup "master" }} - name: {{ template "elasticsearch.masterService" . }}-headless -{{- else }} - name: {{ template "elasticsearch.uname" . }}-headless -{{- end }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" -{{- if .Values.service.labelsHeadless }} -{{ toYaml .Values.service.labelsHeadless | indent 4 }} -{{- end }} - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -spec: - clusterIP: None # This is needed for statefulset hostnames like elasticsearch-0 to resolve - # Create endpoints also if the related pod isn't ready - publishNotReadyAddresses: true - selector: - app: "{{ template "elasticsearch.uname" . }}" - ports: - - name: {{ .Values.service.httpPortName | default "http" }} - port: {{ .Values.httpPort }} - - name: {{ .Values.service.transportPortName | default "transport" }} - port: {{ .Values.transportPort }} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/serviceaccount.yaml b/composio/charts/temporal/charts/elasticsearch/templates/serviceaccount.yaml deleted file mode 100644 index a7ef847..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.rbac.create -}} -{{- $fullName := include "elasticsearch.uname" . -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: "{{ template "elasticsearch.serviceAccount" . }}" - annotations: - {{- with .Values.rbac.serviceAccountAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - app: {{ $fullName | quote }} -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/statefulset.yaml b/composio/charts/temporal/charts/elasticsearch/templates/statefulset.yaml deleted file mode 100644 index 754581c..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/statefulset.yaml +++ /dev/null @@ -1,390 +0,0 @@ ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "elasticsearch.uname" . }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - esMajorVersion: "{{ include "elasticsearch.esMajorVersion" . }}" -spec: - serviceName: {{ template "elasticsearch.uname" . }}-headless - selector: - matchLabels: - app: "{{ template "elasticsearch.uname" . }}" - replicas: {{ .Values.replicas }} - podManagementPolicy: {{ .Values.podManagementPolicy }} - updateStrategy: - type: {{ .Values.updateStrategy }} - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: {{ template "elasticsearch.uname" . }} - {{- if .Values.persistence.labels.enabled }} - labels: - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- with .Values.persistence.annotations }} - annotations: -{{ toYaml . | indent 8 }} - {{- end }} - spec: -{{ toYaml .Values.volumeClaimTemplate | indent 6 }} - {{- end }} - template: - metadata: - name: "{{ template "elasticsearch.uname" . }}" - labels: - release: {{ .Release.Name | quote }} - chart: "{{ .Chart.Name }}" - app: "{{ template "elasticsearch.uname" . }}" - {{- range $key, $value := .Values.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{/* This forces a restart if the configmap has changed */}} - {{- if or .Values.esConfig .Values.esJvmOptions }} - configchecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - securityContext: -{{ toYaml .Values.podSecurityContext | indent 8 }} - {{- if .Values.fsGroup }} - fsGroup: {{ .Values.fsGroup }} # Deprecated value, please use .Values.podSecurityContext.fsGroup - {{- end }} - {{- if or .Values.rbac.create .Values.rbac.serviceAccountName }} - serviceAccountName: "{{ template "elasticsearch.serviceAccount" . }}" - {{- end }} - automountServiceAccountToken: {{ .Values.rbac.automountToken }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - {{- if or (eq .Values.antiAffinity "hard") (eq .Values.antiAffinity "soft") .Values.nodeAffinity }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - affinity: - {{- end }} - {{- if eq .Values.antiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "{{ template "elasticsearch.uname" .}}" - topologyKey: {{ .Values.antiAffinityTopologyKey }} - {{- else if eq .Values.antiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - topologyKey: {{ .Values.antiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "{{ template "elasticsearch.uname" . }}" - {{- end }} - {{- with .Values.nodeAffinity }} - nodeAffinity: -{{ toYaml . | indent 10 }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} - volumes: - {{- range .Values.secretMounts }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - {{- if .defaultMode }} - defaultMode: {{ .defaultMode }} - {{- end }} - {{- end }} - {{- if .Values.esConfig }} - - name: esconfig - configMap: - name: {{ template "elasticsearch.uname" . }}-config - {{- end }} - {{- if .Values.esJvmOptions }} - - name: esjvmoptions - configMap: - name: {{ template "elasticsearch.uname" . }}-jvm-options - {{- end }} -{{- if .Values.keystore }} - - name: keystore - emptyDir: {} - {{- range .Values.keystore }} - - name: keystore-{{ .secretName }} - secret: {{ toYaml . | nindent 12 }} - {{- end }} -{{ end }} - {{- if .Values.extraVolumes }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraVolumes) }} -{{ tpl .Values.extraVolumes . | indent 8 }} - {{- else }} -{{ toYaml .Values.extraVolumes | indent 8 }} - {{- end }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} - enableServiceLinks: {{ .Values.enableServiceLinks }} - {{- if .Values.hostAliases }} - hostAliases: {{ toYaml .Values.hostAliases | nindent 8 }} - {{- end }} - {{- if or (.Values.extraInitContainers) (.Values.sysctlInitContainer.enabled) (.Values.keystore) }} - initContainers: - {{- if .Values.sysctlInitContainer.enabled }} - - name: configure-sysctl - securityContext: - runAsUser: 0 - privileged: true - image: "{{ .Values.image }}:{{ .Values.imageTag }}" - imagePullPolicy: "{{ .Values.imagePullPolicy }}" - command: ["sysctl", "-w", "vm.max_map_count={{ .Values.sysctlVmMaxMapCount}}"] - resources: -{{ toYaml .Values.initResources | indent 10 }} - {{- end }} -{{ if .Values.keystore }} - - name: keystore - securityContext: -{{ toYaml .Values.securityContext | indent 10 }} - image: "{{ .Values.image }}:{{ .Values.imageTag }}" - imagePullPolicy: "{{ .Values.imagePullPolicy }}" - command: - - bash - - -c - - | - set -euo pipefail - - elasticsearch-keystore create - - for i in /tmp/keystoreSecrets/*/*; do - key=$(basename $i) - echo "Adding file $i to keystore key $key" - elasticsearch-keystore add-file "$key" "$i" - done - - # Add the bootstrap password since otherwise the Elasticsearch entrypoint tries to do this on startup - if [ ! -z ${ELASTIC_PASSWORD+x} ]; then - echo 'Adding env $ELASTIC_PASSWORD to keystore as key bootstrap.password' - echo "$ELASTIC_PASSWORD" | elasticsearch-keystore add -x bootstrap.password - fi - - cp -a /usr/share/elasticsearch/config/elasticsearch.keystore /tmp/keystore/ - env: {{ toYaml .Values.extraEnvs | nindent 10 }} - envFrom: {{ toYaml .Values.envFrom | nindent 10 }} - resources: {{ toYaml .Values.initResources | nindent 10 }} - volumeMounts: - - name: keystore - mountPath: /tmp/keystore - {{- range .Values.keystore }} - - name: keystore-{{ .secretName }} - mountPath: /tmp/keystoreSecrets/{{ .secretName }} - {{- end }} -{{ end }} - {{- if .Values.extraInitContainers }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} -{{ tpl .Values.extraInitContainers . | indent 6 }} - {{- else }} -{{ toYaml .Values.extraInitContainers | indent 6 }} - {{- end }} - {{- end }} - {{- end }} - containers: - - name: "{{ template "elasticsearch.name" . }}" - securityContext: -{{ toYaml .Values.securityContext | indent 10 }} - image: "{{ .Values.image }}:{{ .Values.imageTag }}" - imagePullPolicy: "{{ .Values.imagePullPolicy }}" - readinessProbe: - exec: - command: - - bash - - -c - - | - set -e - # If the node is starting up wait for the cluster to be ready (request params: "{{ .Values.clusterHealthCheckParams }}" ) - # Once it has started only check that the node itself is responding - START_FILE=/tmp/.es_start_file - - # Disable nss cache to avoid filling dentry cache when calling curl - # This is required with Elasticsearch Docker using nss < 3.52 - export NSS_SDB_USE_CACHE=no - - http () { - local path="${1}" - local args="${2}" - set -- -XGET -s - - if [ "$args" != "" ]; then - set -- "$@" $args - fi - - if [ -n "${ELASTIC_PASSWORD}" ]; then - set -- "$@" -u "elastic:${ELASTIC_PASSWORD}" - fi - - curl --output /dev/null -k "$@" "{{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path}" - } - - if [ -f "${START_FILE}" ]; then - echo 'Elasticsearch is already running, lets check the node is healthy' - HTTP_CODE=$(http "/" "-w %{http_code}") - RC=$? - if [[ ${RC} -ne 0 ]]; then - echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" - exit ${RC} - fi - # ready if HTTP code 200, 503 is tolerable if ES version is 6.x - if [[ ${HTTP_CODE} == "200" ]]; then - exit 0 - elif [[ ${HTTP_CODE} == "503" && "{{ include "elasticsearch.esMajorVersion" . }}" == "6" ]]; then - exit 0 - else - echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" - exit 1 - fi - - else - echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - if http "/_cluster/health?{{ .Values.clusterHealthCheckParams }}" "--fail" ; then - touch ${START_FILE} - exit 0 - else - echo 'Cluster is not yet ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - exit 1 - fi - fi -{{ toYaml .Values.readinessProbe | indent 10 }} - ports: - - name: http - containerPort: {{ .Values.httpPort }} - - name: transport - containerPort: {{ .Values.transportPort }} - resources: -{{ toYaml .Values.resources | indent 10 }} - env: - - name: node.name - valueFrom: - fieldRef: - fieldPath: metadata.name - {{- if eq .Values.roles.master "true" }} - {{- if ge (int (include "elasticsearch.esMajorVersion" .)) 7 }} - - name: cluster.initial_master_nodes - value: "{{ template "elasticsearch.endpoints" . }}" - {{- else }} - - name: discovery.zen.minimum_master_nodes - value: "{{ .Values.minimumMasterNodes }}" - {{- end }} - {{- end }} - {{- if lt (int (include "elasticsearch.esMajorVersion" .)) 7 }} - - name: discovery.zen.ping.unicast.hosts - value: "{{ template "elasticsearch.masterService" . }}-headless" - {{- else }} - - name: discovery.seed_hosts - value: "{{ template "elasticsearch.masterService" . }}-headless" - {{- end }} - - name: cluster.name - value: "{{ .Values.clusterName }}" - - name: network.host - value: "{{ .Values.networkHost }}" - - name: cluster.deprecation_indexing.enabled - value: "{{ .Values.clusterDeprecationIndexing }}" - {{- if .Values.esJavaOpts }} - - name: ES_JAVA_OPTS - value: "{{ .Values.esJavaOpts }}" - {{- end }} - {{- range $role, $enabled := .Values.roles }} - - name: node.{{ $role }} - value: "{{ $enabled }}" - {{- end }} -{{- if .Values.extraEnvs }} -{{ toYaml .Values.extraEnvs | indent 10 }} -{{- end }} -{{- if .Values.envFrom }} - envFrom: -{{ toYaml .Values.envFrom | indent 10 }} -{{- end }} - volumeMounts: - {{- if .Values.persistence.enabled }} - - name: "{{ template "elasticsearch.uname" . }}" - mountPath: /usr/share/elasticsearch/data - {{- end }} -{{ if .Values.keystore }} - - name: keystore - mountPath: /usr/share/elasticsearch/config/elasticsearch.keystore - subPath: elasticsearch.keystore -{{ end }} - {{- range .Values.secretMounts }} - - name: {{ .name }} - mountPath: {{ .path }} - {{- if .subPath }} - subPath: {{ .subPath }} - {{- end }} - {{- end }} - {{- range $path, $config := .Values.esConfig }} - - name: esconfig - mountPath: /usr/share/elasticsearch/config/{{ $path }} - subPath: {{ $path }} - {{- end -}} - {{- range $path, $config := .Values.esJvmOptions }} - - name: esjvmoptions - mountPath: /usr/share/elasticsearch/config/jvm.options.d/{{ $path }} - subPath: {{ $path }} - {{- end -}} - {{- if .Values.extraVolumeMounts }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraVolumeMounts) }} -{{ tpl .Values.extraVolumeMounts . | indent 10 }} - {{- else }} -{{ toYaml .Values.extraVolumeMounts | indent 10 }} - {{- end }} - {{- end }} -{{- if .Values.lifecycle }} - lifecycle: -{{ toYaml .Values.lifecycle | indent 10 }} -{{- end }} - {{- if .Values.extraContainers }} - # Currently some extra blocks accept strings - # to continue with backwards compatibility this is being kept - # whilst also allowing for yaml to be specified too. - {{- if eq "string" (printf "%T" .Values.extraContainers) }} -{{ tpl .Values.extraContainers . | indent 6 }} - {{- else }} -{{ toYaml .Values.extraContainers | indent 6 }} - {{- end }} - {{- end }} diff --git a/composio/charts/temporal/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml b/composio/charts/temporal/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml deleted file mode 100644 index 9ab7dab..0000000 --- a/composio/charts/temporal/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{- if .Values.tests.enabled -}} ---- -apiVersion: v1 -kind: Pod -metadata: -{{- if .Values.healthNameOverride }} - name: {{ .Values.healthNameOverride | quote }} -{{- else }} - name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" -{{- end }} - annotations: - "helm.sh/hook": test - "helm.sh/hook-delete-policy": hook-succeeded -spec: - securityContext: -{{ toYaml .Values.podSecurityContext | indent 4 }} - containers: -{{- if .Values.healthNameOverride }} - - name: {{ .Values.healthNameOverride | quote }} -{{- else }} - - name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" -{{- end }} - image: "{{ .Values.image }}:{{ .Values.imageTag }}" - imagePullPolicy: "{{ .Values.imagePullPolicy }}" - command: - - "sh" - - "-c" - - | - #!/usr/bin/env bash -e - curl -XGET --fail '{{ template "elasticsearch.uname" . }}:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }}' - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 4 }} - {{- end }} - restartPolicy: Never -{{- end -}} diff --git a/composio/charts/temporal/charts/elasticsearch/values.yaml b/composio/charts/temporal/charts/elasticsearch/values.yaml deleted file mode 100644 index 9eb4370..0000000 --- a/composio/charts/temporal/charts/elasticsearch/values.yaml +++ /dev/null @@ -1,355 +0,0 @@ ---- -clusterName: "elasticsearch" -nodeGroup: "master" - -# The service that non master groups will try to connect to when joining the cluster -# This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "" - -# Elasticsearch roles that will be applied to this nodeGroup -# These will be set as environment variables. E.g. node.master=true -roles: - master: "true" - ingest: "true" - data: "true" - remote_cluster_client: "true" - ml: "true" - -replicas: 3 -minimumMasterNodes: 2 - -esMajorVersion: "" - -clusterDeprecationIndexing: "false" - -# Allows you to add any config files in /usr/share/elasticsearch/config/ -# such as elasticsearch.yml and log4j2.properties -esConfig: {} -# elasticsearch.yml: | -# key: -# nestedkey: value -# log4j2.properties: | -# key = value - -esJvmOptions: {} -# processors.options: | -# -XX:ActiveProcessorCount=3 - -# Extra environment variables to append to this nodeGroup -# This will be appended to the current 'env:' key. You can use any of the kubernetes env -# syntax here -extraEnvs: [] -# - name: MY_ENVIRONMENT_VAR -# value: the_value_goes_here - -# Allows you to load environment variables from kubernetes secret or config map -envFrom: [] -# - secretRef: -# name: env-secret -# - configMapRef: -# name: config-map - -# A list of secrets and their paths to mount inside the pod -# This is useful for mounting certificates for security and for mounting -# the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs -# defaultMode: 0755 - -hostAliases: [] -#- ip: "127.0.0.1" -# hostnames: -# - "foo.local" -# - "bar.local" - -image: "docker.elastic.co/elasticsearch/elasticsearch" -imageTag: "7.17.3" -imagePullPolicy: "IfNotPresent" - -podAnnotations: - {} - # iam.amazonaws.com/role: es-cluster - -# additionals labels -labels: {} - -esJavaOpts: "" # example: "-Xmx1g -Xms1g" - -resources: - requests: - cpu: "1000m" - memory: "2Gi" - limits: - cpu: "1000m" - memory: "2Gi" - -initResources: - {} - # limits: - # cpu: "25m" - # # memory: "128Mi" - # requests: - # cpu: "25m" - # memory: "128Mi" - -networkHost: "0.0.0.0" - -volumeClaimTemplate: - accessModes: ["ReadWriteOnce"] - resources: - requests: - storage: 30Gi - -rbac: - create: false - serviceAccountAnnotations: {} - serviceAccountName: "" - automountToken: true - -podSecurityPolicy: - create: false - name: "" - spec: - privileged: true - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - secret - - configMap - - persistentVolumeClaim - - emptyDir - -persistence: - enabled: true - labels: - # Add default labels for the volumeClaimTemplate of the StatefulSet - enabled: false - annotations: {} - -extraVolumes: - [] - # - name: extras - # emptyDir: {} - -extraVolumeMounts: - [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -extraContainers: - [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -extraInitContainers: - [] - # - name: do-something - # image: busybox - # command: ['do', 'something'] - -# This is the PriorityClass settings as defined in -# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -# By default this will make sure two pods don't end up on the same node -# Changing this to a region would allow you to spread pods across regions -antiAffinityTopologyKey: "kubernetes.io/hostname" - -# Hard means that by default pods will only be scheduled if there are enough nodes for them -# and that they will never end up on the same node. Setting this to soft will do this "best effort" -antiAffinity: "hard" - -# This is the node affinity settings as defined in -# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature -nodeAffinity: {} - -# The default is to deploy all pods serially. By setting this to parallel all pods are started at -# the same time when bootstrapping the cluster -podManagementPolicy: "Parallel" - -# The environment variables injected by service links are not used, but can lead to slow Elasticsearch boot times when -# there are many services in the current namespace. -# If you experience slow pod startups you probably want to set this to `false`. -enableServiceLinks: true - -protocol: http -httpPort: 9200 -transportPort: 9300 - -service: - enabled: true - labels: {} - labelsHeadless: {} - type: ClusterIP - # Consider that all endpoints are considered "ready" even if the Pods themselves are not - # https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec - publishNotReadyAddresses: false - nodePort: "" - annotations: {} - httpPortName: http - transportPortName: transport - loadBalancerIP: "" - loadBalancerSourceRanges: [] - externalTrafficPolicy: "" - -updateStrategy: RollingUpdate - -# This is the max unavailable setting for the pod disruption budget -# The default value of 1 will make sure that kubernetes won't allow more than 1 -# of your pods to be unavailable during maintenance -maxUnavailable: 1 - -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: - capabilities: - drop: - - ALL - # readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - -# How long to wait for elasticsearch to stop gracefully -terminationGracePeriod: 120 - -sysctlVmMaxMapCount: 262144 - -readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 3 - timeoutSeconds: 5 - -# https://www.elastic.co/guide/en/elasticsearch/reference/7.17/cluster-health.html#request-params wait_for_status -clusterHealthCheckParams: "wait_for_status=green&timeout=1s" - -## Use an alternate scheduler. -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" - -imagePullSecrets: [] -nodeSelector: {} -tolerations: [] - -# Enabling this will publicly expose your Elasticsearch instance. -# Only enable this if you have security enabled on your cluster -ingress: - enabled: false - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - className: "nginx" - pathtype: ImplementationSpecific - hosts: - - host: chart-example.local - paths: - - path: / - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -nameOverride: "" -fullnameOverride: "" -healthNameOverride: "" - -lifecycle: - {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: - # - bash - # - -c - # - | - # #!/bin/bash - # # Add a template to adjust number of shards/replicas - # TEMPLATE_NAME=my_template - # INDEX_PATTERN="logstash-*" - # SHARD_COUNT=8 - # REPLICA_COUNT=1 - # ES_URL=http://localhost:9200 - # while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done - # curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}' - -sysctlInitContainer: - enabled: true - -keystore: [] - -networkPolicy: - ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now. - ## In order for a Pod to access Elasticsearch, it needs to have the following label: - ## {{ template "uname" . }}-client: "true" - ## Example for default configuration to access HTTP port: - ## elasticsearch-master-http-client: "true" - ## Example for default configuration to access transport port: - ## elasticsearch-master-transport-client: "true" - - http: - enabled: false - ## if explicitNamespacesSelector is not set or set to {}, only client Pods being in the networkPolicy's namespace - ## and matching all criteria can reach the DB. - ## But sometimes, we want the Pods to be accessible to clients from other namespaces, in this case, we can use this - ## parameter to select these namespaces - ## - # explicitNamespacesSelector: - # # Accept from namespaces with all those different rules (only from whitelisted Pods) - # matchLabels: - # role: frontend - # matchExpressions: - # - {key: role, operator: In, values: [frontend]} - ## Additional NetworkPolicy Ingress "from" rules to set. Note that all rules are OR-ed. - ## - # additionalRules: - # - podSelector: - # matchLabels: - # role: frontend - # - podSelector: - # matchExpressions: - # - key: role - # operator: In - # values: - # - frontend - - transport: - ## Note that all Elasticsearch Pods can talk to themselves using transport port even if enabled. - enabled: false - # explicitNamespacesSelector: - # matchLabels: - # role: frontend - # matchExpressions: - # - {key: role, operator: In, values: [frontend]} - # additionalRules: - # - podSelector: - # matchLabels: - # role: frontend - # - podSelector: - # matchExpressions: - # - key: role - # operator: In - # values: - # - frontend - -tests: - enabled: true - -# Deprecated -# please use the above podSecurityContext.fsGroup instead -fsGroup: "" diff --git a/composio/charts/temporal/charts/grafana/.helmignore b/composio/charts/temporal/charts/grafana/.helmignore deleted file mode 100644 index 8cade13..0000000 --- a/composio/charts/temporal/charts/grafana/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.vscode -.project -.idea/ -*.tmproj -OWNERS diff --git a/composio/charts/temporal/charts/grafana/Chart.yaml b/composio/charts/temporal/charts/grafana/Chart.yaml deleted file mode 100644 index 2b5d1d5..0000000 --- a/composio/charts/temporal/charts/grafana/Chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/grafana/helm-charts - - name: Upstream Project - url: https://github.com/grafana/grafana -apiVersion: v2 -appVersion: 11.0.0 -description: The leading tool for querying and visualizing time series and metrics. -home: https://grafana.com -icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116 -keywords: -- monitoring -- metric -kubeVersion: ^1.8.0-0 -maintainers: -- email: zanhsieh@gmail.com - name: zanhsieh -- email: rluckie@cisco.com - name: rtluckie -- email: maor.friedman@redhat.com - name: maorfr -- email: miroslav.hadzhiev@gmail.com - name: Xtigyro -- email: mail@torstenwalter.de - name: torstenwalter -name: grafana -sources: -- https://github.com/grafana/grafana -- https://github.com/grafana/helm-charts -type: application -version: 8.0.2 diff --git a/composio/charts/temporal/charts/grafana/README.md b/composio/charts/temporal/charts/grafana/README.md deleted file mode 100644 index dde2a20..0000000 --- a/composio/charts/temporal/charts/grafana/README.md +++ /dev/null @@ -1,771 +0,0 @@ -# Grafana Helm Chart - -* Installs the web dashboarding system [Grafana](http://grafana.org/) - -## Get Repo Info - -```console -helm repo add grafana https://grafana.github.io/helm-charts -helm repo update -``` - -_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release grafana/grafana -``` - -## Uninstalling the Chart - -To uninstall/delete the my-release deployment: - -```console -helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Upgrading an existing Release to a new major version - -A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an -incompatible breaking change needing manual actions. - -### To 4.0.0 (And 3.12.1) - -This version requires Helm >= 2.12.0. - -### To 5.0.0 - -You have to add --force to your helm upgrade command as the labels of the chart have changed. - -### To 6.0.0 - -This version requires Helm >= 3.1.0. - -### To 7.0.0 - -For consistency with other Helm charts, the `global.image.registry` parameter was renamed -to `global.imageRegistry`. If you were not previously setting `global.image.registry`, no action -is required on upgrade. If you were previously setting `global.image.registry`, you will -need to instead set `global.imageRegistry`. - -## Configuration - -| Parameter | Description | Default | -|-------------------------------------------|-----------------------------------------------|---------------------------------------------------------| -| `replicas` | Number of nodes | `1` | -| `podDisruptionBudget.minAvailable` | Pod disruption minimum available | `nil` | -| `podDisruptionBudget.maxUnavailable` | Pod disruption maximum unavailable | `nil` | -| `podDisruptionBudget.apiVersion` | Pod disruption apiVersion | `nil` | -| `deploymentStrategy` | Deployment strategy | `{ "type": "RollingUpdate" }` | -| `livenessProbe` | Liveness Probe settings | `{ "httpGet": { "path": "/api/health", "port": 3000 } "initialDelaySeconds": 60, "timeoutSeconds": 30, "failureThreshold": 10 }` | -| `readinessProbe` | Readiness Probe settings | `{ "httpGet": { "path": "/api/health", "port": 3000 } }`| -| `securityContext` | Deployment securityContext | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}` | -| `priorityClassName` | Name of Priority Class to assign pods | `nil` | -| `image.registry` | Image registry | `docker.io` | -| `image.repository` | Image repository | `grafana/grafana` | -| `image.tag` | Overrides the Grafana image tag whose default is the chart appVersion (`Must be >= 5.0.0`) | `` | -| `image.sha` | Image sha (optional) | `` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Image pull secrets (can be templated) | `[]` | -| `service.enabled` | Enable grafana service | `true` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.port` | Kubernetes port where service is exposed | `80` | -| `service.portName` | Name of the port on the service | `service` | -| `service.appProtocol` | Adds the appProtocol field to the service | `` | -| `service.targetPort` | Internal service is port | `3000` | -| `service.nodePort` | Kubernetes service nodePort | `nil` | -| `service.annotations` | Service annotations (can be templated) | `{}` | -| `service.labels` | Custom labels | `{}` | -| `service.clusterIP` | internal cluster service IP | `nil` | -| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `nil` | -| `service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to lb (if supported) | `[]` | -| `service.externalIPs` | service external IP addresses | `[]` | -| `service.externalTrafficPolicy` | change the default externalTrafficPolicy | `nil` | -| `headlessService` | Create a headless service | `false` | -| `extraExposePorts` | Additional service ports for sidecar containers| `[]` | -| `hostAliases` | adds rules to the pod's /etc/hosts | `[]` | -| `ingress.enabled` | Enables Ingress | `false` | -| `ingress.annotations` | Ingress annotations (values are templated) | `{}` | -| `ingress.labels` | Custom labels | `{}` | -| `ingress.path` | Ingress accepted path | `/` | -| `ingress.pathType` | Ingress type of path | `Prefix` | -| `ingress.hosts` | Ingress accepted hostnames | `["chart-example.local"]` | -| `ingress.extraPaths` | Ingress extra paths to prepend to every host configuration. Useful when configuring [custom actions with AWS ALB Ingress Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/ingress/annotations/#actions). Requires `ingress.hosts` to have one or more host entries. | `[]` | -| `ingress.tls` | Ingress TLS configuration | `[]` | -| `ingress.ingressClassName` | Ingress Class Name. MAY be required for Kubernetes versions >= 1.18 | `""` | -| `resources` | CPU/Memory resource requests/limits | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Toleration labels for pod assignment | `[]` | -| `affinity` | Affinity settings for pod assignment | `{}` | -| `extraInitContainers` | Init containers to add to the grafana pod | `{}` | -| `extraContainers` | Sidecar containers to add to the grafana pod | `""` | -| `extraContainerVolumes` | Volumes that can be mounted in sidecar containers | `[]` | -| `extraLabels` | Custom labels for all manifests | `{}` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | -| `persistence.enabled` | Use persistent volume to store data | `false` | -| `persistence.type` | Type of persistence (`pvc` or `statefulset`) | `pvc` | -| `persistence.size` | Size of persistent volume claim | `10Gi` | -| `persistence.existingClaim` | Use an existing PVC to persist data (can be templated) | `nil` | -| `persistence.storageClassName` | Type of persistent volume claim | `nil` | -| `persistence.accessModes` | Persistence access modes | `[ReadWriteOnce]` | -| `persistence.annotations` | PersistentVolumeClaim annotations | `{}` | -| `persistence.finalizers` | PersistentVolumeClaim finalizers | `[ "kubernetes.io/pvc-protection" ]` | -| `persistence.extraPvcLabels` | Extra labels to apply to a PVC. | `{}` | -| `persistence.subPath` | Mount a sub dir of the persistent volume (can be templated) | `nil` | -| `persistence.inMemory.enabled` | If persistence is not enabled, whether to mount the local storage in-memory to improve performance | `false` | -| `persistence.inMemory.sizeLimit` | SizeLimit for the in-memory local storage | `nil` | -| `initChownData.enabled` | If false, don't reset data ownership at startup | true | -| `initChownData.image.registry` | init-chown-data container image registry | `docker.io` | -| `initChownData.image.repository` | init-chown-data container image repository | `busybox` | -| `initChownData.image.tag` | init-chown-data container image tag | `1.31.1` | -| `initChownData.image.sha` | init-chown-data container image sha (optional)| `""` | -| `initChownData.image.pullPolicy` | init-chown-data container image pull policy | `IfNotPresent` | -| `initChownData.resources` | init-chown-data pod resource requests & limits | `{}` | -| `schedulerName` | Alternate scheduler name | `nil` | -| `env` | Extra environment variables passed to pods | `{}` | -| `envValueFrom` | Environment variables from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` | -| `envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` | -| `envFromSecrets` | List of Kubernetes secrets (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` | -| `envFromConfigMaps` | List of Kubernetes ConfigMaps (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` | -| `envRenderSecret` | Sensible environment variables passed to pods and stored as secret. (passed through [tpl](https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function)) | `{}` | -| `enableServiceLinks` | Inject Kubernetes services as environment variables. | `true` | -| `extraSecretMounts` | Additional grafana server secret mounts | `[]` | -| `extraVolumeMounts` | Additional grafana server volume mounts | `[]` | -| `extraVolumes` | Additional Grafana server volumes | `[]` | -| `automountServiceAccountToken` | Mounted the service account token on the grafana pod. Mandatory, if sidecars are enabled | `true` | -| `createConfigmap` | Enable creating the grafana configmap | `true` | -| `extraConfigmapMounts` | Additional grafana server configMap volume mounts (values are templated) | `[]` | -| `extraEmptyDirMounts` | Additional grafana server emptyDir volume mounts | `[]` | -| `plugins` | Plugins to be loaded along with Grafana | `[]` | -| `datasources` | Configure grafana datasources (passed through tpl) | `{}` | -| `alerting` | Configure grafana alerting (passed through tpl) | `{}` | -| `notifiers` | Configure grafana notifiers | `{}` | -| `dashboardProviders` | Configure grafana dashboard providers | `{}` | -| `dashboards` | Dashboards to import | `{}` | -| `dashboardsConfigMaps` | ConfigMaps reference that contains dashboards | `{}` | -| `grafana.ini` | Grafana's primary configuration | `{}` | -| `global.imageRegistry` | Global image pull registry for all images. | `null` | -| `global.imagePullSecrets` | Global image pull secrets (can be templated). Allows either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). | `[]` | -| `ldap.enabled` | Enable LDAP authentication | `false` | -| `ldap.existingSecret` | The name of an existing secret containing the `ldap.toml` file, this must have the key `ldap-toml`. | `""` | -| `ldap.config` | Grafana's LDAP configuration | `""` | -| `annotations` | Deployment annotations | `{}` | -| `labels` | Deployment labels | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod labels | `{}` | -| `podPortName` | Name of the grafana port on the pod | `grafana` | -| `lifecycleHooks` | Lifecycle hooks for podStart and preStop [Example](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/#define-poststart-and-prestop-handlers) | `{}` | -| `sidecar.image.registry` | Sidecar image registry | `quay.io` | -| `sidecar.image.repository` | Sidecar image repository | `kiwigrid/k8s-sidecar` | -| `sidecar.image.tag` | Sidecar image tag | `1.26.0` | -| `sidecar.image.sha` | Sidecar image sha (optional) | `""` | -| `sidecar.imagePullPolicy` | Sidecar image pull policy | `IfNotPresent` | -| `sidecar.resources` | Sidecar resources | `{}` | -| `sidecar.securityContext` | Sidecar securityContext | `{}` | -| `sidecar.enableUniqueFilenames` | Sets the kiwigrid/k8s-sidecar UNIQUE_FILENAMES environment variable. If set to `true` the sidecar will create unique filenames where duplicate data keys exist between ConfigMaps and/or Secrets within the same or multiple Namespaces. | `false` | -| `sidecar.alerts.enabled` | Enables the cluster wide search for alerts and adds/updates/deletes them in grafana |`false` | -| `sidecar.alerts.label` | Label that config maps with alerts should have to be added | `grafana_alert` | -| `sidecar.alerts.labelValue` | Label value that config maps with alerts should have to be added | `""` | -| `sidecar.alerts.searchNamespace` | Namespaces list. If specified, the sidecar will search for alerts config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | -| `sidecar.alerts.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | -| `sidecar.alerts.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | -| `sidecar.alerts.reloadURL` | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/alerting/reload"` | -| `sidecar.alerts.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | -| `sidecar.alerts.initAlerts` | Set to true to deploy the alerts sidecar as an initContainer. This is needed if skipReload is true, to load any alerts defined at startup time. | `false` | -| `sidecar.alerts.extraMounts` | Additional alerts sidecar volume mounts. | `[]` | -| `sidecar.dashboards.enabled` | Enables the cluster wide search for dashboards and adds/updates/deletes them in grafana | `false` | -| `sidecar.dashboards.SCProvider` | Enables creation of sidecar provider | `true` | -| `sidecar.dashboards.provider.name` | Unique name of the grafana provider | `sidecarProvider` | -| `sidecar.dashboards.provider.orgid` | Id of the organisation, to which the dashboards should be added | `1` | -| `sidecar.dashboards.provider.folder` | Logical folder in which grafana groups dashboards | `""` | -| `sidecar.dashboards.provider.folderUid` | Allows you to specify the static UID for the logical folder above | `""` | -| `sidecar.dashboards.provider.disableDelete` | Activate to avoid the deletion of imported dashboards | `false` | -| `sidecar.dashboards.provider.allowUiUpdates` | Allow updating provisioned dashboards from the UI | `false` | -| `sidecar.dashboards.provider.type` | Provider type | `file` | -| `sidecar.dashboards.provider.foldersFromFilesStructure` | Allow Grafana to replicate dashboard structure from filesystem. | `false` | -| `sidecar.dashboards.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | -| `sidecar.skipTlsVerify` | Set to true to skip tls verification for kube api calls | `nil` | -| `sidecar.dashboards.label` | Label that config maps with dashboards should have to be added | `grafana_dashboard` | -| `sidecar.dashboards.labelValue` | Label value that config maps with dashboards should have to be added | `""` | -| `sidecar.dashboards.folder` | Folder in the pod that should hold the collected dashboards (unless `sidecar.dashboards.defaultFolderName` is set). This path will be mounted. | `/tmp/dashboards` | -| `sidecar.dashboards.folderAnnotation` | The annotation the sidecar will look for in configmaps to override the destination folder for files | `nil` | -| `sidecar.dashboards.defaultFolderName` | The default folder name, it will create a subfolder under the `sidecar.dashboards.folder` and put dashboards in there instead | `nil` | -| `sidecar.dashboards.searchNamespace` | Namespaces list. If specified, the sidecar will search for dashboards config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | -| `sidecar.dashboards.script` | Absolute path to shell script to execute after a configmap got reloaded. | `nil` | -| `sidecar.dashboards.reloadURL` | Full url of dashboards configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/dashboards/reload"` | -| `sidecar.dashboards.skipReload` | Enabling this omits defining the REQ_USERNAME, REQ_PASSWORD, REQ_URL and REQ_METHOD environment variables | `false` | -| `sidecar.dashboards.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | -| `sidecar.dashboards.extraMounts` | Additional dashboard sidecar volume mounts. | `[]` | -| `sidecar.datasources.enabled` | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false` | -| `sidecar.datasources.label` | Label that config maps with datasources should have to be added | `grafana_datasource` | -| `sidecar.datasources.labelValue` | Label value that config maps with datasources should have to be added | `""` | -| `sidecar.datasources.searchNamespace` | Namespaces list. If specified, the sidecar will search for datasources config-maps inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | -| `sidecar.datasources.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | -| `sidecar.datasources.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | -| `sidecar.datasources.reloadURL` | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/datasources/reload"` | -| `sidecar.datasources.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | -| `sidecar.datasources.initDatasources` | Set to true to deploy the datasource sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any datasources defined at startup time. | `false` | -| `sidecar.notifiers.enabled` | Enables the cluster wide search for notifiers and adds/updates/deletes them in grafana | `false` | -| `sidecar.notifiers.label` | Label that config maps with notifiers should have to be added | `grafana_notifier` | -| `sidecar.notifiers.labelValue` | Label value that config maps with notifiers should have to be added | `""` | -| `sidecar.notifiers.searchNamespace` | Namespaces list. If specified, the sidecar will search for notifiers config-maps (or secrets) inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil` | -| `sidecar.notifiers.watchMethod` | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` | -| `sidecar.notifiers.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` | -| `sidecar.notifiers.reloadURL` | Full url of notifier configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/notifications/reload"` | -| `sidecar.notifiers.skipReload` | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` | -| `sidecar.notifiers.initNotifiers` | Set to true to deploy the notifier sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any notifiers defined at startup time. | `false` | -| `smtp.existingSecret` | The name of an existing secret containing the SMTP credentials. | `""` | -| `smtp.userKey` | The key in the existing SMTP secret containing the username. | `"user"` | -| `smtp.passwordKey` | The key in the existing SMTP secret containing the password. | `"password"` | -| `admin.existingSecret` | The name of an existing secret containing the admin credentials (can be templated). | `""` | -| `admin.userKey` | The key in the existing admin secret containing the username. | `"admin-user"` | -| `admin.passwordKey` | The key in the existing admin secret containing the password. | `"admin-password"` | -| `serviceAccount.automountServiceAccountToken` | Automount the service account token on all pods where is service account is used | `false` | -| `serviceAccount.annotations` | ServiceAccount annotations | | -| `serviceAccount.create` | Create service account | `true` | -| `serviceAccount.labels` | ServiceAccount labels | `{}` | -| `serviceAccount.name` | Service account name to use, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `` | -| `serviceAccount.nameTest` | Service account name to use for test, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `nil` | -| `rbac.create` | Create and use RBAC resources | `true` | -| `rbac.namespaced` | Creates Role and Rolebinding instead of the default ClusterRole and ClusteRoleBindings for the grafana instance | `false` | -| `rbac.useExistingRole` | Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to the rolename set here. | `nil` | -| `rbac.pspEnabled` | Create PodSecurityPolicy (with `rbac.create`, grant roles permissions as well) | `false` | -| `rbac.pspUseAppArmor` | Enforce AppArmor in created PodSecurityPolicy (requires `rbac.pspEnabled`) | `false` | -| `rbac.extraRoleRules` | Additional rules to add to the Role | [] | -| `rbac.extraClusterRoleRules` | Additional rules to add to the ClusterRole | [] | -| `command` | Define command to be executed by grafana container at startup | `nil` | -| `args` | Define additional args if command is used | `nil` | -| `testFramework.enabled` | Whether to create test-related resources | `true` | -| `testFramework.image.registry` | `test-framework` image registry. | `docker.io` | -| `testFramework.image.repository` | `test-framework` image repository. | `bats/bats` | -| `testFramework.image.tag` | `test-framework` image tag. | `v1.4.1` | -| `testFramework.imagePullPolicy` | `test-framework` image pull policy. | `IfNotPresent` | -| `testFramework.securityContext` | `test-framework` securityContext | `{}` | -| `downloadDashboards.env` | Environment variables to be passed to the `download-dashboards` container | `{}` | -| `downloadDashboards.envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` | -| `downloadDashboards.resources` | Resources of `download-dashboards` container | `{}` | -| `downloadDashboardsImage.registry` | Curl docker image registry | `docker.io` | -| `downloadDashboardsImage.repository` | Curl docker image repository | `curlimages/curl` | -| `downloadDashboardsImage.tag` | Curl docker image tag | `7.73.0` | -| `downloadDashboardsImage.sha` | Curl docker image sha (optional) | `""` | -| `downloadDashboardsImage.pullPolicy` | Curl docker image pull policy | `IfNotPresent` | -| `namespaceOverride` | Override the deployment namespace | `""` (`Release.Namespace`) | -| `serviceMonitor.enabled` | Use servicemonitor from prometheus operator | `false` | -| `serviceMonitor.namespace` | Namespace this servicemonitor is installed in | | -| `serviceMonitor.interval` | How frequently Prometheus should scrape | `1m` | -| `serviceMonitor.path` | Path to scrape | `/metrics` | -| `serviceMonitor.scheme` | Scheme to use for metrics scraping | `http` | -| `serviceMonitor.tlsConfig` | TLS configuration block for the endpoint | `{}` | -| `serviceMonitor.labels` | Labels for the servicemonitor passed to Prometheus Operator | `{}` | -| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `30s` | -| `serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` | -| `serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion. | `[]` | -| `revisionHistoryLimit` | Number of old ReplicaSets to retain | `10` | -| `imageRenderer.enabled` | Enable the image-renderer deployment & service | `false` | -| `imageRenderer.image.registry` | image-renderer Image registry | `docker.io` | -| `imageRenderer.image.repository` | image-renderer Image repository | `grafana/grafana-image-renderer` | -| `imageRenderer.image.tag` | image-renderer Image tag | `latest` | -| `imageRenderer.image.sha` | image-renderer Image sha (optional) | `""` | -| `imageRenderer.image.pullPolicy` | image-renderer ImagePullPolicy | `Always` | -| `imageRenderer.env` | extra env-vars for image-renderer | `{}` | -| `imageRenderer.envValueFrom` | Environment variables for image-renderer from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` | -| `imageRenderer.serviceAccountName` | image-renderer deployment serviceAccountName | `""` | -| `imageRenderer.securityContext` | image-renderer deployment securityContext | `{}` | -| `imageRenderer.podAnnotations ` | image-renderer image-renderer pod annotation | `{}` | -| `imageRenderer.hostAliases` | image-renderer deployment Host Aliases | `[]` | -| `imageRenderer.priorityClassName` | image-renderer deployment priority class | `''` | -| `imageRenderer.service.enabled` | Enable the image-renderer service | `true` | -| `imageRenderer.service.portName` | image-renderer service port name | `http` | -| `imageRenderer.service.port` | image-renderer port used by deployment | `8081` | -| `imageRenderer.service.targetPort` | image-renderer service port used by service | `8081` | -| `imageRenderer.appProtocol` | Adds the appProtocol field to the service | `` | -| `imageRenderer.grafanaSubPath` | Grafana sub path to use for image renderer callback url | `''` | -| `imageRenderer.podPortName` | name of the image-renderer port on the pod | `http` | -| `imageRenderer.revisionHistoryLimit` | number of image-renderer replica sets to keep | `10` | -| `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true` | -| `imageRenderer.networkPolicy.limitEgress` | Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods | `false` | -| `imageRenderer.resources` | Set resource limits for image-renderer pods | `{}` | -| `imageRenderer.nodeSelector` | Node labels for pod assignment | `{}` | -| `imageRenderer.tolerations` | Toleration labels for pod assignment | `[]` | -| `imageRenderer.affinity` | Affinity settings for pod assignment | `{}` | -| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources. | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` | -| `networkPolicy.ingress` | Enable the creation of an ingress network policy | `true` | -| `networkPolicy.egress.enabled` | Enable the creation of an egress network policy | `false` | -| `networkPolicy.egress.ports` | An array of ports to allow for the egress | `[]` | -| `enableKubeBackwardCompatibility` | Enable backward compatibility of kubernetes where pod's defintion version below 1.13 doesn't have the enableServiceLinks option | `false` | - -### Example ingress with path - -With grafana 6.3 and above - -```yaml -grafana.ini: - server: - domain: monitoring.example.com - root_url: "%(protocol)s://%(domain)s/grafana" - serve_from_sub_path: true -ingress: - enabled: true - hosts: - - "monitoring.example.com" - path: "/grafana" -``` - -### Example of extraVolumeMounts and extraVolumes - -Configure additional volumes with `extraVolumes` and volume mounts with `extraVolumeMounts`. - -Example for `extraVolumeMounts` and corresponding `extraVolumes`: - -```yaml -extraVolumeMounts: - - name: plugins - mountPath: /var/lib/grafana/plugins - subPath: configs/grafana/plugins - readOnly: false - - name: dashboards - mountPath: /var/lib/grafana/dashboards - hostPath: /usr/shared/grafana/dashboards - readOnly: false - -extraVolumes: - - name: plugins - existingClaim: existing-grafana-claim - - name: dashboards - hostPath: /usr/shared/grafana/dashboards -``` - -Volumes default to `emptyDir`. Set to `persistentVolumeClaim`, -`hostPath`, `csi`, or `configMap` for other types. For a -`persistentVolumeClaim`, specify an existing claim name with -`existingClaim`. - -## Import dashboards - -There are a few methods to import dashboards to Grafana. Below are some examples and explanations as to how to use each method: - -```yaml -dashboards: - default: - some-dashboard: - json: | - { - "annotations": - - ... - # Complete json file here - ... - - "title": "Some Dashboard", - "uid": "abcd1234", - "version": 1 - } - custom-dashboard: - # This is a path to a file inside the dashboards directory inside the chart directory - file: dashboards/custom-dashboard.json - prometheus-stats: - # Ref: https://grafana.com/dashboards/2 - gnetId: 2 - revision: 2 - datasource: Prometheus - loki-dashboard-quick-search: - gnetId: 12019 - revision: 2 - datasource: - - name: DS_PROMETHEUS - value: Prometheus - - name: DS_LOKI - value: Loki - local-dashboard: - url: https://raw.githubusercontent.com/user/repository/master/dashboards/dashboard.json -``` - -## BASE64 dashboards - -Dashboards could be stored on a server that does not return JSON directly and instead of it returns a Base64 encoded file (e.g. Gerrit) -A new parameter has been added to the url use case so if you specify a b64content value equals to true after the url entry a Base64 decoding is applied before save the file to disk. -If this entry is not set or is equals to false not decoding is applied to the file before saving it to disk. - -### Gerrit use case - -Gerrit API for download files has the following schema: where {project-name} and -{file-id} usually has '/' in their values and so they MUST be replaced by %2F so if project-name is user/repo, branch-id is master and file-id is equals to dir1/dir2/dashboard -the url value is - -## Sidecar for dashboards - -If the parameter `sidecar.dashboards.enabled` is set, a sidecar container is deployed in the grafana -pod. This container watches all configmaps (or secrets) in the cluster and filters out the ones with -a label as defined in `sidecar.dashboards.label`. The files defined in those configmaps are written -to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported -dashboards are deleted/updated. - -A recommendation is to use one configmap per dashboard, as a reduction of multiple dashboards inside -one configmap is currently not properly mirrored in grafana. - -Example dashboard config: - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: sample-grafana-dashboard - labels: - grafana_dashboard: "1" -data: - k8s-dashboard.json: |- - [...] -``` - -## Sidecar for datasources - -If the parameter `sidecar.datasources.enabled` is set, an init container is deployed in the grafana -pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and -filters out the ones with a label as defined in `sidecar.datasources.label`. The files defined in -those secrets are written to a folder and accessed by grafana on startup. Using these yaml files, -the data sources in grafana can be imported. - -Should you aim for reloading datasources in Grafana each time the config is changed, set `sidecar.datasources.skipReload: false` and adjust `sidecar.datasources.reloadURL` to `http://..svc.cluster.local/api/admin/provisioning/datasources/reload`. - -Secrets are recommended over configmaps for this usecase because datasources usually contain private -data like usernames and passwords. Secrets are the more appropriate cluster resource to manage those. - -Example values to add a postgres datasource as a kubernetes secret: -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: grafana-datasources - labels: - grafana_datasource: 'true' # default value for: sidecar.datasources.label -stringData: - pg-db.yaml: |- - apiVersion: 1 - datasources: - - name: My pg db datasource - type: postgres - url: my-postgresql-db:5432 - user: db-readonly-user - secureJsonData: - password: 'SUperSEcretPa$$word' - jsonData: - database: my_datase - sslmode: 'disable' # disable/require/verify-ca/verify-full - maxOpenConns: 0 # Grafana v5.4+ - maxIdleConns: 2 # Grafana v5.4+ - connMaxLifetime: 14400 # Grafana v5.4+ - postgresVersion: 1000 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10 - timescaledb: false - # allow users to edit datasources from the UI. - editable: false -``` - -Example values to add a datasource adapted from [Grafana](http://docs.grafana.org/administration/provisioning/#example-datasource-config-file): - -```yaml -datasources: - datasources.yaml: - apiVersion: 1 - datasources: - # name of the datasource. Required - - name: Graphite - # datasource type. Required - type: graphite - # access mode. proxy or direct (Server or Browser in the UI). Required - access: proxy - # org id. will default to orgId 1 if not specified - orgId: 1 - # url - url: http://localhost:8080 - # database password, if used - password: - # database user, if used - user: - # database name, if used - database: - # enable/disable basic auth - basicAuth: - # basic auth username - basicAuthUser: - # basic auth password - basicAuthPassword: - # enable/disable with credentials headers - withCredentials: - # mark as default datasource. Max one per org - isDefault: - # fields that will be converted to json and stored in json_data - jsonData: - graphiteVersion: "1.1" - tlsAuth: true - tlsAuthWithCACert: true - # json object of data that will be encrypted. - secureJsonData: - tlsCACert: "..." - tlsClientCert: "..." - tlsClientKey: "..." - version: 1 - # allow users to edit datasources from the UI. - editable: false -``` - -## Sidecar for notifiers - -If the parameter `sidecar.notifiers.enabled` is set, an init container is deployed in the grafana -pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and -filters out the ones with a label as defined in `sidecar.notifiers.label`. The files defined in -those secrets are written to a folder and accessed by grafana on startup. Using these yaml files, -the notification channels in grafana can be imported. The secrets must be created before -`helm install` so that the notifiers init container can list the secrets. - -Secrets are recommended over configmaps for this usecase because alert notification channels usually contain -private data like SMTP usernames and passwords. Secrets are the more appropriate cluster resource to manage those. - -Example datasource config adapted from [Grafana](https://grafana.com/docs/grafana/latest/administration/provisioning/#alert-notification-channels): - -```yaml -notifiers: - - name: notification-channel-1 - type: slack - uid: notifier1 - # either - org_id: 2 - # or - org_name: Main Org. - is_default: true - send_reminder: true - frequency: 1h - disable_resolve_message: false - # See `Supported Settings` section for settings supporter for each - # alert notification type. - settings: - recipient: 'XXX' - token: 'xoxb' - uploadImage: true - url: https://slack.com - -delete_notifiers: - - name: notification-channel-1 - uid: notifier1 - org_id: 2 - - name: notification-channel-2 - # default org_id: 1 -``` - -## Sidecar for alerting resources - -If the parameter `sidecar.alerts.enabled` is set, a sidecar container is deployed in the grafana -pod. This container watches all configmaps (or secrets) in the cluster (namespace defined by `sidecar.alerts.searchNamespace`) and filters out the ones with -a label as defined in `sidecar.alerts.label` (default is `grafana_alert`). The files defined in those configmaps are written -to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported alerting resources are updated, however, deletions are a little more complicated (see below). - -This sidecar can be used to provision alert rules, contact points, notification policies, notification templates and mute timings as shown in [Grafana Documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/). - -To fetch the alert config which will be provisioned, use the alert provisioning API ([Grafana Documentation](https://grafana.com/docs/grafana/next/developers/http_api/alerting_provisioning/)). -You can use either JSON or YAML format. - -Example config for an alert rule: - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: sample-grafana-alert - labels: - grafana_alert: "1" -data: - k8s-alert.yml: |- - apiVersion: 1 - groups: - - orgId: 1 - name: k8s-alert - [...] -``` - -To delete provisioned alert rules is a two step process, you need to delete the configmap which defined the alert rule -and then create a configuration which deletes the alert rule. - -Example deletion configuration: -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: delete-sample-grafana-alert - namespace: monitoring - labels: - grafana_alert: "1" -data: - delete-k8s-alert.yml: |- - apiVersion: 1 - deleteRules: - - orgId: 1 - uid: 16624780-6564-45dc-825c-8bded4ad92d3 -``` - -## Statically provision alerting resources -If you don't need to change alerting resources (alert rules, contact points, notification policies and notification templates) regularly you could use the `alerting` config option instead of the sidecar option above. -This will grab the alerting config and apply it statically at build time for the helm file. - -There are two methods to statically provision alerting configuration in Grafana. Below are some examples and explanations as to how to use each method: - -```yaml -alerting: - team1-alert-rules.yaml: - file: alerting/team1/rules.yaml - team2-alert-rules.yaml: - file: alerting/team2/rules.yaml - team3-alert-rules.yaml: - file: alerting/team3/rules.yaml - notification-policies.yaml: - file: alerting/shared/notification-policies.yaml - notification-templates.yaml: - file: alerting/shared/notification-templates.yaml - contactpoints.yaml: - apiVersion: 1 - contactPoints: - - orgId: 1 - name: Slack channel - receivers: - - uid: default-receiver - type: slack - settings: - # Webhook URL to be filled in - url: "" - # We need to escape double curly braces for the tpl function. - text: '{{ `{{ template "default.message" . }}` }}' - title: '{{ `{{ template "default.title" . }}` }}' -``` - -The two possibilities for static alerting resource provisioning are: - -* Inlining the file contents as shown for contact points in the above example. -* Importing a file using a relative path starting from the chart root directory as shown for the alert rules in the above example. - -### Important notes on file provisioning - -* The format of the files is defined in the [Grafana documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/) on file provisioning. -* The chart supports importing YAML and JSON files. -* The filename must be unique, otherwise one volume mount will overwrite the other. -* In case of inlining, double curly braces that arise from the Grafana configuration format and are not intended as templates for the chart must be escaped. -* The number of total files under `alerting:` is not limited. Each file will end up as a volume mount in the corresponding provisioning folder of the deployed Grafana instance. -* The file size for each import is limited by what the function `.Files.Get` can handle, which suffices for most cases. - -## How to serve Grafana with a path prefix (/grafana) - -In order to serve Grafana with a prefix (e.g., ), add the following to your values.yaml. - -```yaml -ingress: - enabled: true - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/rewrite-target: /$1 - nginx.ingress.kubernetes.io/use-regex: "true" - - path: /grafana/?(.*) - hosts: - - k8s.example.dev - -grafana.ini: - server: - root_url: http://localhost:3000/grafana # this host can be localhost -``` - -## How to securely reference secrets in grafana.ini - -This example uses Grafana [file providers](https://grafana.com/docs/grafana/latest/administration/configuration/#file-provider) for secret values and the `extraSecretMounts` configuration flag (Additional grafana server secret mounts) to mount the secrets. - -In grafana.ini: - -```yaml -grafana.ini: - [auth.generic_oauth] - enabled = true - client_id = $__file{/etc/secrets/auth_generic_oauth/client_id} - client_secret = $__file{/etc/secrets/auth_generic_oauth/client_secret} -``` - -Existing secret, or created along with helm: - -```yaml ---- -apiVersion: v1 -kind: Secret -metadata: - name: auth-generic-oauth-secret -type: Opaque -stringData: - client_id: - client_secret: -``` - -Include in the `extraSecretMounts` configuration flag: - -```yaml -- extraSecretMounts: - - name: auth-generic-oauth-secret-mount - secretName: auth-generic-oauth-secret - defaultMode: 0440 - mountPath: /etc/secrets/auth_generic_oauth - readOnly: true -``` - -### extraSecretMounts using a Container Storage Interface (CSI) provider - -This example uses a CSI driver e.g. retrieving secrets using [Azure Key Vault Provider](https://github.com/Azure/secrets-store-csi-driver-provider-azure) - -```yaml -- extraSecretMounts: - - name: secrets-store-inline - mountPath: /run/secrets - readOnly: true - csi: - driver: secrets-store.csi.k8s.io - readOnly: true - volumeAttributes: - secretProviderClass: "my-provider" - nodePublishSecretRef: - name: akv-creds -``` - -## Image Renderer Plug-In - -This chart supports enabling [remote image rendering](https://github.com/grafana/grafana-image-renderer/blob/master/README.md#run-in-docker) - -```yaml -imageRenderer: - enabled: true -``` - -### Image Renderer NetworkPolicy - -By default the image-renderer pods will have a network policy which only allows ingress traffic from the created grafana instance - -### High Availability for unified alerting - -If you want to run Grafana in a high availability cluster you need to enable -the headless service by setting `headlessService: true` in your `values.yaml` -file. - -As next step you have to setup the `grafana.ini` in your `values.yaml` in a way -that it will make use of the headless service to obtain all the IPs of the -cluster. You should replace ``{{ Name }}`` with the name of your helm deployment. - -```yaml -grafana.ini: - ... - unified_alerting: - enabled: true - ha_peers: {{ Name }}-headless:9094 - ha_listen_address: ${POD_IP}:9094 - ha_advertise_address: ${POD_IP}:9094 - - alerting: - enabled: false -``` diff --git a/composio/charts/temporal/charts/grafana/ci/default-values.yaml b/composio/charts/temporal/charts/grafana/ci/default-values.yaml deleted file mode 100644 index fc2ba60..0000000 --- a/composio/charts/temporal/charts/grafana/ci/default-values.yaml +++ /dev/null @@ -1 +0,0 @@ -# Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. diff --git a/composio/charts/temporal/charts/grafana/ci/with-affinity-values.yaml b/composio/charts/temporal/charts/grafana/ci/with-affinity-values.yaml deleted file mode 100644 index f5b9b53..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-affinity-values.yaml +++ /dev/null @@ -1,16 +0,0 @@ -affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/instance: grafana-test - app.kubernetes.io/name: grafana - topologyKey: failure-domain.beta.kubernetes.io/zone - weight: 100 - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchLabels: - app.kubernetes.io/instance: grafana-test - app.kubernetes.io/name: grafana - topologyKey: kubernetes.io/hostname diff --git a/composio/charts/temporal/charts/grafana/ci/with-dashboard-json-values.yaml b/composio/charts/temporal/charts/grafana/ci/with-dashboard-json-values.yaml deleted file mode 100644 index e0c4e41..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-dashboard-json-values.yaml +++ /dev/null @@ -1,53 +0,0 @@ -dashboards: - my-provider: - my-awesome-dashboard: - # An empty but valid dashboard - json: | - { - "__inputs": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "6.3.5" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "gnetId": null, - "graphTooltip": 0, - "id": null, - "links": [], - "panels": [], - "schemaVersion": 19, - "style": "dark", - "tags": [], - "templating": { - "list": [] - }, - "time": { - "from": "now-6h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": ["5s"] - }, - "timezone": "", - "title": "Dummy Dashboard", - "uid": "IdcYQooWk", - "version": 1 - } - datasource: Prometheus diff --git a/composio/charts/temporal/charts/grafana/ci/with-dashboard-values.yaml b/composio/charts/temporal/charts/grafana/ci/with-dashboard-values.yaml deleted file mode 100644 index 7b662c5..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-dashboard-values.yaml +++ /dev/null @@ -1,19 +0,0 @@ -dashboards: - my-provider: - my-awesome-dashboard: - gnetId: 10000 - revision: 1 - datasource: Prometheus -dashboardProviders: - dashboardproviders.yaml: - apiVersion: 1 - providers: - - name: 'my-provider' - orgId: 1 - folder: '' - type: file - updateIntervalSeconds: 10 - disableDeletion: true - editable: true - options: - path: /var/lib/grafana/dashboards/my-provider diff --git a/composio/charts/temporal/charts/grafana/ci/with-extraconfigmapmounts-values.yaml b/composio/charts/temporal/charts/grafana/ci/with-extraconfigmapmounts-values.yaml deleted file mode 100644 index 5cc44a0..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-extraconfigmapmounts-values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -extraConfigmapMounts: - - name: '{{ include "grafana.fullname" . }}' - configMap: '{{ include "grafana.fullname" . }}' - mountPath: /var/lib/grafana/dashboards/test-dashboard.json - # This is not a realistic test, but for this we only care about extraConfigmapMounts not being empty and pointing to an existing ConfigMap - subPath: grafana.ini - readOnly: true diff --git a/composio/charts/temporal/charts/grafana/ci/with-image-renderer-values.yaml b/composio/charts/temporal/charts/grafana/ci/with-image-renderer-values.yaml deleted file mode 100644 index 32f3074..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-image-renderer-values.yaml +++ /dev/null @@ -1,19 +0,0 @@ -podLabels: - customLableA: Aaaaa -imageRenderer: - enabled: true - env: - RENDERING_ARGS: --disable-gpu,--window-size=1280x758 - RENDERING_MODE: clustered - podLabels: - customLableB: Bbbbb - networkPolicy: - limitIngress: true - limitEgress: true - resources: - limits: - cpu: 1000m - memory: 1000Mi - requests: - cpu: 500m - memory: 50Mi diff --git a/composio/charts/temporal/charts/grafana/ci/with-persistence.yaml b/composio/charts/temporal/charts/grafana/ci/with-persistence.yaml deleted file mode 100644 index b92ca02..0000000 --- a/composio/charts/temporal/charts/grafana/ci/with-persistence.yaml +++ /dev/null @@ -1,3 +0,0 @@ -persistence: - type: pvc - enabled: true diff --git a/composio/charts/temporal/charts/grafana/dashboards/custom-dashboard.json b/composio/charts/temporal/charts/grafana/dashboards/custom-dashboard.json deleted file mode 100644 index 9e26dfe..0000000 --- a/composio/charts/temporal/charts/grafana/dashboards/custom-dashboard.json +++ /dev/null @@ -1 +0,0 @@ -{} \ No newline at end of file diff --git a/composio/charts/temporal/charts/grafana/templates/NOTES.txt b/composio/charts/temporal/charts/grafana/templates/NOTES.txt deleted file mode 100644 index d86419f..0000000 --- a/composio/charts/temporal/charts/grafana/templates/NOTES.txt +++ /dev/null @@ -1,55 +0,0 @@ -1. Get your '{{ .Values.adminUser }}' user password by running: - - kubectl get secret --namespace {{ include "grafana.namespace" . }} {{ .Values.admin.existingSecret | default (include "grafana.fullname" .) }} -o jsonpath="{.data.{{ .Values.admin.passwordKey | default "admin-password" }}}" | base64 --decode ; echo - - -2. The Grafana server can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster: - - {{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}.svc.cluster.local -{{ if .Values.ingress.enabled }} - If you bind grafana to 80, please update values in values.yaml and reinstall: - ``` - securityContext: - runAsUser: 0 - runAsGroup: 0 - fsGroup: 0 - - command: - - "setcap" - - "'cap_net_bind_service=+ep'" - - "/usr/sbin/grafana-server &&" - - "sh" - - "/run.sh" - ``` - Details refer to https://grafana.com/docs/installation/configuration/#http-port. - Or grafana would always crash. - - From outside the cluster, the server URL(s) are: - {{- range .Values.ingress.hosts }} - http://{{ . }} - {{- end }} -{{- else }} - Get the Grafana URL to visit by running these commands in the same shell: - {{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "grafana.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT - {{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc --namespace {{ include "grafana.namespace" . }} -w {{ include "grafana.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "grafana.namespace" . }} {{ include "grafana.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - http://$SERVICE_IP:{{ .Values.service.port -}} - {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "grafana.namespace" . }} -l "app.kubernetes.io/name={{ include "grafana.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - kubectl --namespace {{ include "grafana.namespace" . }} port-forward $POD_NAME 3000 - {{- end }} -{{- end }} - -3. Login with the password from step 1 and the username: {{ .Values.adminUser }} - -{{- if not .Values.persistence.enabled }} -################################################################################# -###### WARNING: Persistence is disabled!!! You will lose your data when ##### -###### the Grafana pod is terminated. ##### -################################################################################# -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/_config.tpl b/composio/charts/temporal/charts/grafana/templates/_config.tpl deleted file mode 100644 index b866217..0000000 --- a/composio/charts/temporal/charts/grafana/templates/_config.tpl +++ /dev/null @@ -1,172 +0,0 @@ -{{/* - Generate config map data - */}} -{{- define "grafana.configData" -}} -{{ include "grafana.assertNoLeakedSecrets" . }} -{{- $files := .Files }} -{{- $root := . -}} -{{- with .Values.plugins }} -plugins: {{ join "," . }} -{{- end }} -grafana.ini: | -{{- range $elem, $elemVal := index .Values "grafana.ini" }} - {{- if not (kindIs "map" $elemVal) }} - {{- if kindIs "invalid" $elemVal }} - {{ $elem }} = - {{- else if kindIs "string" $elemVal }} - {{ $elem }} = {{ tpl $elemVal $ }} - {{- else }} - {{ $elem }} = {{ $elemVal }} - {{- end }} - {{- end }} -{{- end }} -{{- range $key, $value := index .Values "grafana.ini" }} - {{- if kindIs "map" $value }} - [{{ $key }}] - {{- range $elem, $elemVal := $value }} - {{- if kindIs "invalid" $elemVal }} - {{ $elem }} = - {{- else if kindIs "string" $elemVal }} - {{ $elem }} = {{ tpl $elemVal $ }} - {{- else }} - {{ $elem }} = {{ $elemVal }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} - -{{- range $key, $value := .Values.datasources }} -{{- if not (hasKey $value "secret") }} -{{ $key }}: | - {{- tpl (toYaml $value | nindent 2) $root }} -{{- end }} -{{- end }} - -{{- range $key, $value := .Values.notifiers }} -{{- if not (hasKey $value "secret") }} -{{ $key }}: | - {{- toYaml $value | nindent 2 }} -{{- end }} -{{- end }} - -{{- range $key, $value := .Values.alerting }} -{{- if (hasKey $value "file") }} -{{ $key }}: -{{- toYaml ( $files.Get $value.file ) | nindent 2 }} -{{- else if (or (hasKey $value "secret") (hasKey $value "secretFile"))}} -{{/* will be stored inside secret generated by "configSecret.yaml"*/}} -{{- else }} -{{ $key }}: | - {{- tpl (toYaml $value | nindent 2) $root }} -{{- end }} -{{- end }} - -{{- range $key, $value := .Values.dashboardProviders }} -{{ $key }}: | - {{- toYaml $value | nindent 2 }} -{{- end }} - -{{- if .Values.dashboards }} -download_dashboards.sh: | - #!/usr/bin/env sh - set -euf - {{- if .Values.dashboardProviders }} - {{- range $key, $value := .Values.dashboardProviders }} - {{- range $value.providers }} - mkdir -p {{ .options.path }} - {{- end }} - {{- end }} - {{- end }} -{{ $dashboardProviders := .Values.dashboardProviders }} -{{- range $provider, $dashboards := .Values.dashboards }} - {{- range $key, $value := $dashboards }} - {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }} - curl -skf \ - --connect-timeout 60 \ - --max-time 60 \ - {{- if not $value.b64content }} - {{- if not $value.acceptHeader }} - -H "Accept: application/json" \ - {{- else }} - -H "Accept: {{ $value.acceptHeader }}" \ - {{- end }} - {{- if $value.token }} - -H "Authorization: token {{ $value.token }}" \ - {{- end }} - {{- if $value.bearerToken }} - -H "Authorization: Bearer {{ $value.bearerToken }}" \ - {{- end }} - {{- if $value.basic }} - -H "Authorization: Basic {{ $value.basic }}" \ - {{- end }} - {{- if $value.gitlabToken }} - -H "PRIVATE-TOKEN: {{ $value.gitlabToken }}" \ - {{- end }} - -H "Content-Type: application/json;charset=UTF-8" \ - {{- end }} - {{- $dpPath := "" -}} - {{- range $kd := (index $dashboardProviders "dashboardproviders.yaml").providers }} - {{- if eq $kd.name $provider }} - {{- $dpPath = $kd.options.path }} - {{- end }} - {{- end }} - {{- if $value.url }} - "{{ $value.url }}" \ - {{- else }} - "https://grafana.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download" \ - {{- end }} - {{- if $value.datasource }} - {{- if kindIs "string" $value.datasource }} - | sed '/-- .* --/! s/"datasource":.*,/"datasource": "{{ $value.datasource }}",/g' \ - {{- end }} - {{- if kindIs "slice" $value.datasource }} - {{- range $value.datasource }} - | sed '/-- .* --/! s/${{"{"}}{{ .name }}}/{{ .value }}/g' \ - {{- end }} - {{- end }} - {{- end }} - {{- if $value.b64content }} - | base64 -d \ - {{- end }} - > "{{- if $dpPath -}}{{ $dpPath }}{{- else -}}/var/lib/grafana/dashboards/{{ $provider }}{{- end -}}/{{ $key }}.json" - {{ end }} - {{- end }} -{{- end }} -{{- end }} -{{- end -}} - -{{/* - Generate dashboard json config map data - */}} -{{- define "grafana.configDashboardProviderData" -}} -provider.yaml: |- - apiVersion: 1 - providers: - - name: '{{ .Values.sidecar.dashboards.provider.name }}' - orgId: {{ .Values.sidecar.dashboards.provider.orgid }} - {{- if not .Values.sidecar.dashboards.provider.foldersFromFilesStructure }} - folder: '{{ .Values.sidecar.dashboards.provider.folder }}' - folderUid: '{{ .Values.sidecar.dashboards.provider.folderUid }}' - {{- end }} - type: {{ .Values.sidecar.dashboards.provider.type }} - disableDeletion: {{ .Values.sidecar.dashboards.provider.disableDelete }} - allowUiUpdates: {{ .Values.sidecar.dashboards.provider.allowUiUpdates }} - updateIntervalSeconds: {{ .Values.sidecar.dashboards.provider.updateIntervalSeconds | default 30 }} - options: - foldersFromFilesStructure: {{ .Values.sidecar.dashboards.provider.foldersFromFilesStructure }} - path: {{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }} -{{- end -}} - -{{- define "grafana.secretsData" -}} -{{- if and (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) }} -admin-user: {{ .Values.adminUser | b64enc | quote }} -{{- if .Values.adminPassword }} -admin-password: {{ .Values.adminPassword | b64enc | quote }} -{{- else }} -admin-password: {{ include "grafana.password" . }} -{{- end }} -{{- end }} -{{- if not .Values.ldap.existingSecret }} -ldap-toml: {{ tpl .Values.ldap.config $ | b64enc | quote }} -{{- end }} -{{- end -}} diff --git a/composio/charts/temporal/charts/grafana/templates/_helpers.tpl b/composio/charts/temporal/charts/grafana/templates/_helpers.tpl deleted file mode 100644 index f3ebc37..0000000 --- a/composio/charts/temporal/charts/grafana/templates/_helpers.tpl +++ /dev/null @@ -1,276 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "grafana.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "grafana.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "grafana.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create the name of the service account -*/}} -{{- define "grafana.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{- define "grafana.serviceAccountNameTest" -}} -{{- if .Values.serviceAccount.create }} -{{- default (print (include "grafana.fullname" .) "-test") .Values.serviceAccount.nameTest }} -{{- else }} -{{- default "default" .Values.serviceAccount.nameTest }} -{{- end }} -{{- end }} - -{{/* -Allow the release namespace to be overridden for multi-namespace deployments in combined charts -*/}} -{{- define "grafana.namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "grafana.labels" -}} -helm.sh/chart: {{ include "grafana.chart" . }} -{{ include "grafana.selectorLabels" . }} -{{- if or .Chart.AppVersion .Values.image.tag }} -app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.extraLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "grafana.selectorLabels" -}} -app.kubernetes.io/name: {{ include "grafana.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "grafana.imageRenderer.labels" -}} -helm.sh/chart: {{ include "grafana.chart" . }} -{{ include "grafana.imageRenderer.selectorLabels" . }} -{{- if or .Chart.AppVersion .Values.image.tag }} -app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels ImageRenderer -*/}} -{{- define "grafana.imageRenderer.selectorLabels" -}} -app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Looks if there's an existing secret and reuse its password. If not it generates -new password and use it. -*/}} -{{- define "grafana.password" -}} -{{- $secret := (lookup "v1" "Secret" (include "grafana.namespace" .) (include "grafana.fullname" .) ) }} -{{- if $secret }} -{{- index $secret "data" "admin-password" }} -{{- else }} -{{- (randAlphaNum 40) | b64enc | quote }} -{{- end }} -{{- end }} - -{{/* -Return the appropriate apiVersion for rbac. -*/}} -{{- define "grafana.rbac.apiVersion" -}} -{{- if $.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }} -{{- print "rbac.authorization.k8s.io/v1" }} -{{- else }} -{{- print "rbac.authorization.k8s.io/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "grafana.ingress.apiVersion" -}} -{{- if and ($.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) }} -{{- print "networking.k8s.io/v1" }} -{{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -{{- print "networking.k8s.io/v1beta1" }} -{{- else }} -{{- print "extensions/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Return the appropriate apiVersion for Horizontal Pod Autoscaler. -*/}} -{{- define "grafana.hpa.apiVersion" -}} -{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }} -{{- print "autoscaling/v2" }} -{{- else }} -{{- print "autoscaling/v2beta2" }} -{{- end }} -{{- end }} - -{{/* -Return the appropriate apiVersion for podDisruptionBudget. -*/}} -{{- define "grafana.podDisruptionBudget.apiVersion" -}} -{{- if $.Values.podDisruptionBudget.apiVersion }} -{{- print $.Values.podDisruptionBudget.apiVersion }} -{{- else if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} -{{- print "policy/v1" }} -{{- else }} -{{- print "policy/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Return if ingress is stable. -*/}} -{{- define "grafana.ingress.isStable" -}} -{{- eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1" }} -{{- end }} - -{{/* -Return if ingress supports ingressClassName. -*/}} -{{- define "grafana.ingress.supportsIngressClassName" -}} -{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }} -{{- end }} - -{{/* -Return if ingress supports pathType. -*/}} -{{- define "grafana.ingress.supportsPathType" -}} -{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }} -{{- end }} - -{{/* -Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific imagePullSecrets}) -*/}} -{{- define "grafana.imagePullSecrets" -}} -{{- $root := .root }} -{{- range (concat .root.Values.global.imagePullSecrets .imagePullSecrets) }} -{{- if eq (typeOf .) "map[string]interface {}" }} -- {{ toYaml (dict "name" (tpl .name $root)) | trim }} -{{- else }} -- name: {{ tpl . $root }} -{{- end }} -{{- end }} -{{- end }} - - -{{/* - Checks whether or not the configSecret secret has to be created - */}} -{{- define "grafana.shouldCreateConfigSecret" -}} -{{- $secretFound := false -}} -{{- range $key, $value := .Values.datasources }} - {{- if hasKey $value "secret" }} - {{- $secretFound = true}} - {{- end }} -{{- end }} -{{- range $key, $value := .Values.notifiers }} - {{- if hasKey $value "secret" }} - {{- $secretFound = true}} - {{- end }} -{{- end }} -{{- range $key, $value := .Values.alerting }} - {{- if (or (hasKey $value "secret") (hasKey $value "secretFile")) }} - {{- $secretFound = true}} - {{- end }} -{{- end }} -{{- $secretFound}} -{{- end -}} - -{{/* - Checks whether the user is attempting to store secrets in plaintext - in the grafana.ini configmap -*/}} -{{/* grafana.assertNoLeakedSecrets checks for sensitive keys in values */}} -{{- define "grafana.assertNoLeakedSecrets" -}} - {{- $sensitiveKeysYaml := ` -sensitiveKeys: -- path: ["database", "password"] -- path: ["smtp", "password"] -- path: ["security", "secret_key"] -- path: ["security", "admin_password"] -- path: ["auth.basic", "password"] -- path: ["auth.ldap", "bind_password"] -- path: ["auth.google", "client_secret"] -- path: ["auth.github", "client_secret"] -- path: ["auth.gitlab", "client_secret"] -- path: ["auth.generic_oauth", "client_secret"] -- path: ["auth.okta", "client_secret"] -- path: ["auth.azuread", "client_secret"] -- path: ["auth.grafana_com", "client_secret"] -- path: ["auth.grafananet", "client_secret"] -- path: ["azure", "user_identity_client_secret"] -- path: ["unified_alerting", "ha_redis_password"] -- path: ["metrics", "basic_auth_password"] -- path: ["external_image_storage.s3", "secret_key"] -- path: ["external_image_storage.webdav", "password"] -- path: ["external_image_storage.azure_blob", "account_key"] -` | fromYaml -}} - {{- if $.Values.assertNoLeakedSecrets -}} - {{- $grafanaIni := index .Values "grafana.ini" -}} - {{- range $_, $secret := $sensitiveKeysYaml.sensitiveKeys -}} - {{- $currentMap := $grafanaIni -}} - {{- $shouldContinue := true -}} - {{- range $index, $elem := $secret.path -}} - {{- if and $shouldContinue (hasKey $currentMap $elem) -}} - {{- if eq (len $secret.path) (add1 $index) -}} - {{- if not (regexMatch "\\$(?:__(?:env|file|vault))?{[^}]+}" (index $currentMap $elem)) -}} - {{- fail (printf "Sensitive key '%s' should not be defined explicitly in values. Use variable expansion instead. You can disable this client-side validation by changing the value of assertNoLeakedSecrets." (join "." $secret.path)) -}} - {{- end -}} - {{- else -}} - {{- $currentMap = index $currentMap $elem -}} - {{- end -}} - {{- else -}} - {{- $shouldContinue = false -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/grafana/templates/_pod.tpl b/composio/charts/temporal/charts/grafana/templates/_pod.tpl deleted file mode 100644 index ed22993..0000000 --- a/composio/charts/temporal/charts/grafana/templates/_pod.tpl +++ /dev/null @@ -1,1296 +0,0 @@ -{{- define "grafana.pod" -}} -{{- $sts := list "sts" "StatefulSet" "statefulset" -}} -{{- $root := . -}} -{{- with .Values.schedulerName }} -schedulerName: "{{ . }}" -{{- end }} -serviceAccountName: {{ include "grafana.serviceAccountName" . }} -automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} -{{- with .Values.securityContext }} -securityContext: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.hostAliases }} -hostAliases: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- if .Values.dnsPolicy }} -dnsPolicy: {{ .Values.dnsPolicy }} -{{- end }} -{{- with .Values.dnsConfig }} -dnsConfig: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.priorityClassName }} -priorityClassName: {{ . }} -{{- end }} -{{- if ( or .Values.persistence.enabled .Values.dashboards .Values.extraInitContainers (and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts) (and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources) (and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers)) }} -initContainers: -{{- end }} -{{- if ( and .Values.persistence.enabled .Values.initChownData.enabled ) }} - - name: init-chown-data - {{- $registry := .Values.global.imageRegistry | default .Values.initChownData.image.registry -}} - {{- if .Values.initChownData.image.sha }} - image: "{{ $registry }}/{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}@sha256:{{ .Values.initChownData.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }} - {{- with .Values.initChownData.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - command: - - chown - - -R - - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} - - /var/lib/grafana - {{- with .Values.initChownData.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: storage - mountPath: "/var/lib/grafana" - {{- with .Values.persistence.subPath }} - subPath: {{ tpl . $root }} - {{- end }} -{{- end }} -{{- if .Values.dashboards }} - - name: download-dashboards - {{- $registry := .Values.global.imageRegistry | default .Values.downloadDashboardsImage.registry -}} - {{- if .Values.downloadDashboardsImage.sha }} - image: "{{ $registry }}/{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}@sha256:{{ .Values.downloadDashboardsImage.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.downloadDashboardsImage.pullPolicy }} - command: ["/bin/sh"] - args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh" ] - {{- with .Values.downloadDashboards.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - env: - {{- range $key, $value := .Values.downloadDashboards.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- range $key, $value := .Values.downloadDashboards.envValueFrom }} - - name: {{ $key | quote }} - valueFrom: - {{- tpl (toYaml $value) $ | nindent 10 }} - {{- end }} - {{- with .Values.downloadDashboards.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.downloadDashboards.envFromSecret }} - envFrom: - - secretRef: - name: {{ tpl . $root }} - {{- end }} - volumeMounts: - - name: config - mountPath: "/etc/grafana/download_dashboards.sh" - subPath: download_dashboards.sh - - name: storage - mountPath: "/var/lib/grafana" - {{- with .Values.persistence.subPath }} - subPath: {{ tpl . $root }} - {{- end }} - {{- range .Values.extraSecretMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - readOnly: {{ .readOnly }} - {{- end }} -{{- end }} -{{- if and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts }} - - name: {{ include "grafana.name" . }}-init-sc-alerts - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.alerts.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: "LIST" - - name: LABEL - value: "{{ .Values.sidecar.alerts.label }}" - {{- with .Values.sidecar.alerts.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/alerting" - - name: RESOURCE - value: {{ quote .Values.sidecar.alerts.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.alerts.searchNamespace }} - - name: NAMESPACE - value: {{ . | join "," | quote }} - {{- end }} - {{- with .Values.sidecar.alerts.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: {{ quote . }} - {{- end }} - {{- with .Values.sidecar.alerts.script }} - - name: SCRIPT - value: {{ quote . }} - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-alerts-volume - mountPath: "/etc/grafana/provisioning/alerting" - {{- with .Values.sidecar.alerts.extraMounts }} - {{- toYaml . | trim | nindent 6 }} - {{- end }} -{{- end }} -{{- if and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources }} - - name: {{ include "grafana.name" . }}-init-sc-datasources - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.datasources.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: "LIST" - - name: LABEL - value: "{{ .Values.sidecar.datasources.label }}" - {{- with .Values.sidecar.datasources.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/datasources" - - name: RESOURCE - value: {{ quote .Values.sidecar.datasources.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- if .Values.sidecar.datasources.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (.Values.sidecar.datasources.searchNamespace | join ",") . }}" - {{- end }} - {{- with .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-datasources-volume - mountPath: "/etc/grafana/provisioning/datasources" -{{- end }} -{{- if and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers }} - - name: {{ include "grafana.name" . }}-init-sc-notifiers - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.notifiers.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: LIST - - name: LABEL - value: "{{ .Values.sidecar.notifiers.label }}" - {{- with .Values.sidecar.notifiers.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/notifiers" - - name: RESOURCE - value: {{ quote .Values.sidecar.notifiers.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.notifiers.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (. | join ",") $root }}" - {{- end }} - {{- with .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-notifiers-volume - mountPath: "/etc/grafana/provisioning/notifiers" -{{- end}} -{{- with .Values.extraInitContainers }} - {{- tpl (toYaml .) $root | nindent 2 }} -{{- end }} -{{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 2 }} -{{- end }} -{{- if not .Values.enableKubeBackwardCompatibility }} -enableServiceLinks: {{ .Values.enableServiceLinks }} -{{- end }} -containers: -{{- if and .Values.sidecar.alerts.enabled (not .Values.sidecar.alerts.initAlerts) }} - - name: {{ include "grafana.name" . }}-sc-alerts - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.alerts.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: {{ .Values.sidecar.alerts.watchMethod }} - - name: LABEL - value: "{{ .Values.sidecar.alerts.label }}" - {{- with .Values.sidecar.alerts.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/alerting" - - name: RESOURCE - value: {{ quote .Values.sidecar.alerts.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.alerts.searchNamespace }} - - name: NAMESPACE - value: {{ . | join "," | quote }} - {{- end }} - {{- with .Values.sidecar.alerts.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: {{ quote . }} - {{- end }} - {{- with .Values.sidecar.alerts.script }} - - name: SCRIPT - value: {{ quote . }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - {{- if not .Values.sidecar.alerts.skipReload }} - - name: REQ_URL - value: {{ .Values.sidecar.alerts.reloadURL }} - - name: REQ_METHOD - value: POST - {{- end }} - {{- if .Values.sidecar.alerts.watchServerTimeout }} - {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.alerts.watchServerTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }} - {{- end }} - - name: WATCH_SERVER_TIMEOUT - value: "{{ .Values.sidecar.alerts.watchServerTimeout }}" - {{- end }} - {{- if .Values.sidecar.alerts.watchClientTimeout }} - {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.alerts.watchClientTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }} - {{- end }} - - name: WATCH_CLIENT_TIMEOUT - value: "{{ .Values.sidecar.alerts.watchClientTimeout }}" - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-alerts-volume - mountPath: "/etc/grafana/provisioning/alerting" - {{- with .Values.sidecar.alerts.extraMounts }} - {{- toYaml . | trim | nindent 6 }} - {{- end }} -{{- end}} -{{- if .Values.sidecar.dashboards.enabled }} - - name: {{ include "grafana.name" . }}-sc-dashboard - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.dashboards.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- range $key, $value := .Values.sidecar.datasources.envValueFrom }} - - name: {{ $key | quote }} - valueFrom: - {{- tpl (toYaml $value) $ | nindent 10 }} - {{- end }} - {{- if .Values.sidecar.dashboards.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: {{ .Values.sidecar.dashboards.watchMethod }} - - name: LABEL - value: "{{ .Values.sidecar.dashboards.label }}" - {{- with .Values.sidecar.dashboards.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }} - {{- end }} - - name: FOLDER - value: "{{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}" - - name: RESOURCE - value: {{ quote .Values.sidecar.dashboards.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.dashboards.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (. | join ",") $root }}" - {{- end }} - {{- with .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.dashboards.folderAnnotation }} - - name: FOLDER_ANNOTATION - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.dashboards.script }} - - name: SCRIPT - value: "{{ . }}" - {{- end }} - {{- if not .Values.sidecar.dashboards.skipReload }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - - name: REQ_URL - value: {{ .Values.sidecar.dashboards.reloadURL }} - - name: REQ_METHOD - value: POST - {{- end }} - {{- if .Values.sidecar.dashboards.watchServerTimeout }} - {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchServerTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }} - {{- end }} - - name: WATCH_SERVER_TIMEOUT - value: "{{ .Values.sidecar.dashboards.watchServerTimeout }}" - {{- end }} - {{- if .Values.sidecar.dashboards.watchClientTimeout }} - {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchClientTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }} - {{- end }} - - name: WATCH_CLIENT_TIMEOUT - value: {{ .Values.sidecar.dashboards.watchClientTimeout | quote }} - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-dashboard-volume - mountPath: {{ .Values.sidecar.dashboards.folder | quote }} - {{- with .Values.sidecar.dashboards.extraMounts }} - {{- toYaml . | trim | nindent 6 }} - {{- end }} -{{- end}} -{{- if and .Values.sidecar.datasources.enabled (not .Values.sidecar.datasources.initDatasources) }} - - name: {{ include "grafana.name" . }}-sc-datasources - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.datasources.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: {{ .Values.sidecar.datasources.watchMethod }} - - name: LABEL - value: "{{ .Values.sidecar.datasources.label }}" - {{- with .Values.sidecar.datasources.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/datasources" - - name: RESOURCE - value: {{ quote .Values.sidecar.datasources.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.datasources.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (. | join ",") $root }}" - {{- end }} - {{- if .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ .Values.sidecar.skipTlsVerify }}" - {{- end }} - {{- if .Values.sidecar.datasources.script }} - - name: SCRIPT - value: "{{ .Values.sidecar.datasources.script }}" - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - {{- if not .Values.sidecar.datasources.skipReload }} - - name: REQ_URL - value: {{ .Values.sidecar.datasources.reloadURL }} - - name: REQ_METHOD - value: POST - {{- end }} - {{- if .Values.sidecar.datasources.watchServerTimeout }} - {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.datasources.watchServerTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }} - {{- end }} - - name: WATCH_SERVER_TIMEOUT - value: "{{ .Values.sidecar.datasources.watchServerTimeout }}" - {{- end }} - {{- if .Values.sidecar.datasources.watchClientTimeout }} - {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.datasources.watchClientTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }} - {{- end }} - - name: WATCH_CLIENT_TIMEOUT - value: "{{ .Values.sidecar.datasources.watchClientTimeout }}" - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-datasources-volume - mountPath: "/etc/grafana/provisioning/datasources" -{{- end}} -{{- if .Values.sidecar.notifiers.enabled }} - - name: {{ include "grafana.name" . }}-sc-notifiers - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.notifiers.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: {{ .Values.sidecar.notifiers.watchMethod }} - - name: LABEL - value: "{{ .Values.sidecar.notifiers.label }}" - {{- with .Values.sidecar.notifiers.labelValue }} - - name: LABEL_VALUE - value: {{ quote . }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/notifiers" - - name: RESOURCE - value: {{ quote .Values.sidecar.notifiers.resource }} - {{- if .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ .Values.sidecar.enableUniqueFilenames }}" - {{- end }} - {{- with .Values.sidecar.notifiers.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (. | join ",") $root }}" - {{- end }} - {{- with .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ . }}" - {{- end }} - {{- if .Values.sidecar.notifiers.script }} - - name: SCRIPT - value: "{{ .Values.sidecar.notifiers.script }}" - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - {{- if not .Values.sidecar.notifiers.skipReload }} - - name: REQ_URL - value: {{ .Values.sidecar.notifiers.reloadURL }} - - name: REQ_METHOD - value: POST - {{- end }} - {{- if .Values.sidecar.notifiers.watchServerTimeout }} - {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchServerTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }} - {{- end }} - - name: WATCH_SERVER_TIMEOUT - value: "{{ .Values.sidecar.notifiers.watchServerTimeout }}" - {{- end }} - {{- if .Values.sidecar.notifiers.watchClientTimeout }} - {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchClientTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }} - {{- end }} - - name: WATCH_CLIENT_TIMEOUT - value: "{{ .Values.sidecar.notifiers.watchClientTimeout }}" - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-notifiers-volume - mountPath: "/etc/grafana/provisioning/notifiers" -{{- end}} -{{- if .Values.sidecar.plugins.enabled }} - - name: {{ include "grafana.name" . }}-sc-plugins - {{- $registry := .Values.global.imageRegistry | default .Values.sidecar.image.registry -}} - {{- if .Values.sidecar.image.sha }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }} - env: - {{- range $key, $value := .Values.sidecar.plugins.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- if .Values.sidecar.plugins.ignoreAlreadyProcessed }} - - name: IGNORE_ALREADY_PROCESSED - value: "true" - {{- end }} - - name: METHOD - value: {{ .Values.sidecar.plugins.watchMethod }} - - name: LABEL - value: "{{ .Values.sidecar.plugins.label }}" - {{- if .Values.sidecar.plugins.labelValue }} - - name: LABEL_VALUE - value: {{ quote .Values.sidecar.plugins.labelValue }} - {{- end }} - {{- if or .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }} - - name: LOG_LEVEL - value: {{ default .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }} - {{- end }} - - name: FOLDER - value: "/etc/grafana/provisioning/plugins" - - name: RESOURCE - value: {{ quote .Values.sidecar.plugins.resource }} - {{- with .Values.sidecar.enableUniqueFilenames }} - - name: UNIQUE_FILENAMES - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.plugins.searchNamespace }} - - name: NAMESPACE - value: "{{ tpl (. | join ",") $root }}" - {{- end }} - {{- with .Values.sidecar.plugins.script }} - - name: SCRIPT - value: "{{ . }}" - {{- end }} - {{- with .Values.sidecar.skipTlsVerify }} - - name: SKIP_TLS_VERIFY - value: "{{ . }}" - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_USERNAME - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: REQ_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - {{- if not .Values.sidecar.plugins.skipReload }} - - name: REQ_URL - value: {{ .Values.sidecar.plugins.reloadURL }} - - name: REQ_METHOD - value: POST - {{- end }} - {{- if .Values.sidecar.plugins.watchServerTimeout }} - {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.plugins.watchServerTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }} - {{- end }} - - name: WATCH_SERVER_TIMEOUT - value: "{{ .Values.sidecar.plugins.watchServerTimeout }}" - {{- end }} - {{- if .Values.sidecar.plugins.watchClientTimeout }} - {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }} - {{- fail (printf "Cannot use .Values.sidecar.plugins.watchClientTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }} - {{- end }} - - name: WATCH_CLIENT_TIMEOUT - value: "{{ .Values.sidecar.plugins.watchClientTimeout }}" - {{- end }} - {{- with .Values.sidecar.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.sidecar.securityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: sc-plugins-volume - mountPath: "/etc/grafana/provisioning/plugins" -{{- end}} - - name: {{ .Chart.Name }} - {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} - {{- if .Values.image.sha }} - image: "{{ $registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.command }} - command: - {{- range .Values.command }} - - {{ . | quote }} - {{- end }} - {{- end }} - {{- if .Values.args }} - args: - {{- range .Values.args }} - - {{ . | quote }} - {{- end }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: config - mountPath: "/etc/grafana/grafana.ini" - subPath: grafana.ini - {{- if .Values.ldap.enabled }} - - name: ldap - mountPath: "/etc/grafana/ldap.toml" - subPath: ldap.toml - {{- end }} - {{- range .Values.extraConfigmapMounts }} - - name: {{ tpl .name $root }} - mountPath: {{ tpl .mountPath $root }} - subPath: {{ tpl (.subPath | default "") $root }} - readOnly: {{ .readOnly }} - {{- end }} - - name: storage - mountPath: "/var/lib/grafana" - {{- with .Values.persistence.subPath }} - subPath: {{ tpl . $root }} - {{- end }} - {{- with .Values.dashboards }} - {{- range $provider, $dashboards := . }} - {{- range $key, $value := $dashboards }} - {{- if (or (hasKey $value "json") (hasKey $value "file")) }} - - name: dashboards-{{ $provider }} - mountPath: "/var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json" - subPath: "{{ $key }}.json" - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.dashboardsConfigMaps }} - {{- range (keys . | sortAlpha) }} - - name: dashboards-{{ . }} - mountPath: "/var/lib/grafana/dashboards/{{ . }}" - {{- end }} - {{- end }} - {{- with .Values.datasources }} - {{- $datasources := . }} - {{- range (keys . | sortAlpha) }} - {{- if (or (hasKey (index $datasources .) "secret")) }} {{/*check if current datasource should be handeled as secret */}} - - name: config-secret - mountPath: "/etc/grafana/provisioning/datasources/{{ . }}" - subPath: {{ . | quote }} - {{- else }} - - name: config - mountPath: "/etc/grafana/provisioning/datasources/{{ . }}" - subPath: {{ . | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.notifiers }} - {{- $notifiers := . }} - {{- range (keys . | sortAlpha) }} - {{- if (or (hasKey (index $notifiers .) "secret")) }} {{/*check if current notifier should be handeled as secret */}} - - name: config-secret - mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}" - subPath: {{ . | quote }} - {{- else }} - - name: config - mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}" - subPath: {{ . | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.alerting }} - {{- $alertingmap := .}} - {{- range (keys . | sortAlpha) }} - {{- if (or (hasKey (index $.Values.alerting .) "secret") (hasKey (index $.Values.alerting .) "secretFile")) }} {{/*check if current alerting entry should be handeled as secret */}} - - name: config-secret - mountPath: "/etc/grafana/provisioning/alerting/{{ . }}" - subPath: {{ . | quote }} - {{- else }} - - name: config - mountPath: "/etc/grafana/provisioning/alerting/{{ . }}" - subPath: {{ . | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.dashboardProviders }} - {{- range (keys . | sortAlpha) }} - - name: config - mountPath: "/etc/grafana/provisioning/dashboards/{{ . }}" - subPath: {{ . | quote }} - {{- end }} - {{- end }} - {{- with .Values.sidecar.alerts.enabled }} - - name: sc-alerts-volume - mountPath: "/etc/grafana/provisioning/alerting" - {{- end}} - {{- if .Values.sidecar.dashboards.enabled }} - - name: sc-dashboard-volume - mountPath: {{ .Values.sidecar.dashboards.folder | quote }} - {{- if .Values.sidecar.dashboards.SCProvider }} - - name: sc-dashboard-provider - mountPath: "/etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml" - subPath: provider.yaml - {{- end}} - {{- end}} - {{- if .Values.sidecar.datasources.enabled }} - - name: sc-datasources-volume - mountPath: "/etc/grafana/provisioning/datasources" - {{- end}} - {{- if .Values.sidecar.plugins.enabled }} - - name: sc-plugins-volume - mountPath: "/etc/grafana/provisioning/plugins" - {{- end}} - {{- if .Values.sidecar.notifiers.enabled }} - - name: sc-notifiers-volume - mountPath: "/etc/grafana/provisioning/notifiers" - {{- end}} - {{- range .Values.extraSecretMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - readOnly: {{ .readOnly }} - subPath: {{ .subPath | default "" }} - {{- end }} - {{- range .Values.extraVolumeMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath | default "" }} - readOnly: {{ .readOnly }} - {{- end }} - {{- range .Values.extraEmptyDirMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - {{- end }} - ports: - - name: {{ .Values.podPortName }} - containerPort: {{ .Values.service.targetPort }} - protocol: TCP - - name: {{ .Values.gossipPortName }}-tcp - containerPort: 9094 - protocol: TCP - - name: {{ .Values.gossipPortName }}-udp - containerPort: 9094 - protocol: UDP - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: GF_SECURITY_ADMIN_USER - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.userKey | default "admin-user" }} - {{- end }} - {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - - name: GF_SECURITY_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }} - key: {{ .Values.admin.passwordKey | default "admin-password" }} - {{- end }} - {{- if .Values.plugins }} - - name: GF_INSTALL_PLUGINS - valueFrom: - configMapKeyRef: - name: {{ include "grafana.fullname" . }} - key: plugins - {{- end }} - {{- if .Values.smtp.existingSecret }} - - name: GF_SMTP_USER - valueFrom: - secretKeyRef: - name: {{ .Values.smtp.existingSecret }} - key: {{ .Values.smtp.userKey | default "user" }} - - name: GF_SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.smtp.existingSecret }} - key: {{ .Values.smtp.passwordKey | default "password" }} - {{- end }} - {{- if .Values.imageRenderer.enabled }} - - name: GF_RENDERING_SERVER_URL - value: http://{{ include "grafana.fullname" . }}-image-renderer.{{ include "grafana.namespace" . }}:{{ .Values.imageRenderer.service.port }}/render - - name: GF_RENDERING_CALLBACK_URL - value: {{ .Values.imageRenderer.grafanaProtocol }}://{{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}:{{ .Values.service.port }}/{{ .Values.imageRenderer.grafanaSubPath }} - {{- end }} - - name: GF_PATHS_DATA - value: {{ (get .Values "grafana.ini").paths.data }} - - name: GF_PATHS_LOGS - value: {{ (get .Values "grafana.ini").paths.logs }} - - name: GF_PATHS_PLUGINS - value: {{ (get .Values "grafana.ini").paths.plugins }} - - name: GF_PATHS_PROVISIONING - value: {{ (get .Values "grafana.ini").paths.provisioning }} - {{- range $key, $value := .Values.envValueFrom }} - - name: {{ $key | quote }} - valueFrom: - {{- tpl (toYaml $value) $ | nindent 10 }} - {{- end }} - {{- range $key, $value := .Values.env }} - - name: "{{ tpl $key $ }}" - value: "{{ tpl (print $value) $ }}" - {{- end }} - {{- if or .Values.envFromSecret (or .Values.envRenderSecret .Values.envFromSecrets) .Values.envFromConfigMaps }} - envFrom: - {{- if .Values.envFromSecret }} - - secretRef: - name: {{ tpl .Values.envFromSecret . }} - {{- end }} - {{- if .Values.envRenderSecret }} - - secretRef: - name: {{ include "grafana.fullname" . }}-env - {{- end }} - {{- range .Values.envFromSecrets }} - - secretRef: - name: {{ tpl .name $ }} - optional: {{ .optional | default false }} - {{- if .prefix }} - prefix: {{ tpl .prefix $ }} - {{- end }} - {{- end }} - {{- range .Values.envFromConfigMaps }} - - configMapRef: - name: {{ tpl .name $ }} - optional: {{ .optional | default false }} - {{- if .prefix }} - prefix: {{ tpl .prefix $ }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.livenessProbe }} - livenessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.readinessProbe }} - readinessProbe: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.lifecycleHooks }} - lifecycle: - {{- tpl (toYaml .) $root | nindent 6 }} - {{- end }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} -{{- with .Values.extraContainers }} - {{- tpl . $ | nindent 2 }} -{{- end }} -{{- with .Values.nodeSelector }} -nodeSelector: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.affinity }} -affinity: - {{- tpl (toYaml .) $root | nindent 2 }} -{{- end }} -{{- with .Values.topologySpreadConstraints }} -topologySpreadConstraints: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.tolerations }} -tolerations: - {{- toYaml . | nindent 2 }} -{{- end }} -volumes: - - name: config - configMap: - name: {{ include "grafana.fullname" . }} - {{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}} - {{- if and .Values.createConfigmap $createConfigSecret }} - - name: config-secret - secret: - secretName: {{ include "grafana.fullname" . }}-config-secret - {{- end }} - {{- range .Values.extraConfigmapMounts }} - - name: {{ tpl .name $root }} - configMap: - name: {{ tpl .configMap $root }} - {{- with .items }} - items: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if .Values.dashboards }} - {{- range (keys .Values.dashboards | sortAlpha) }} - - name: dashboards-{{ . }} - configMap: - name: {{ include "grafana.fullname" $ }}-dashboards-{{ . }} - {{- end }} - {{- end }} - {{- if .Values.dashboardsConfigMaps }} - {{- range $provider, $name := .Values.dashboardsConfigMaps }} - - name: dashboards-{{ $provider }} - configMap: - name: {{ tpl $name $root }} - {{- end }} - {{- end }} - {{- if .Values.ldap.enabled }} - - name: ldap - secret: - {{- if .Values.ldap.existingSecret }} - secretName: {{ .Values.ldap.existingSecret }} - {{- else }} - secretName: {{ include "grafana.fullname" . }} - {{- end }} - items: - - key: ldap-toml - path: ldap.toml - {{- end }} - {{- if and .Values.persistence.enabled (eq .Values.persistence.type "pvc") }} - - name: storage - persistentVolumeClaim: - claimName: {{ tpl (.Values.persistence.existingClaim | default (include "grafana.fullname" .)) . }} - {{- else if and .Values.persistence.enabled (has .Values.persistence.type $sts) }} - {{/* nothing */}} - {{- else }} - - name: storage - {{- if .Values.persistence.inMemory.enabled }} - emptyDir: - medium: Memory - {{- with .Values.persistence.inMemory.sizeLimit }} - sizeLimit: {{ . }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - {{- if .Values.sidecar.alerts.enabled }} - - name: sc-alerts-volume - emptyDir: - {{- with .Values.sidecar.alerts.sizeLimit }} - sizeLimit: {{ . }} - {{- else }} - {} - {{- end }} - {{- end }} - {{- if .Values.sidecar.dashboards.enabled }} - - name: sc-dashboard-volume - emptyDir: - {{- with .Values.sidecar.dashboards.sizeLimit }} - sizeLimit: {{ . }} - {{- else }} - {} - {{- end }} - {{- if .Values.sidecar.dashboards.SCProvider }} - - name: sc-dashboard-provider - configMap: - name: {{ include "grafana.fullname" . }}-config-dashboards - {{- end }} - {{- end }} - {{- if .Values.sidecar.datasources.enabled }} - - name: sc-datasources-volume - emptyDir: - {{- with .Values.sidecar.datasources.sizeLimit }} - sizeLimit: {{ . }} - {{- else }} - {} - {{- end }} - {{- end }} - {{- if .Values.sidecar.plugins.enabled }} - - name: sc-plugins-volume - emptyDir: - {{- with .Values.sidecar.plugins.sizeLimit }} - sizeLimit: {{ . }} - {{- else }} - {} - {{- end }} - {{- end }} - {{- if .Values.sidecar.notifiers.enabled }} - - name: sc-notifiers-volume - emptyDir: - {{- with .Values.sidecar.notifiers.sizeLimit }} - sizeLimit: {{ . }} - {{- else }} - {} - {{- end }} - {{- end }} - {{- range .Values.extraSecretMounts }} - {{- if .secretName }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - defaultMode: {{ .defaultMode }} - {{- with .items }} - items: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- else if .projected }} - - name: {{ .name }} - projected: - {{- toYaml .projected | nindent 6 }} - {{- else if .csi }} - - name: {{ .name }} - csi: - {{- toYaml .csi | nindent 6 }} - {{- end }} - {{- end }} - {{- range .Values.extraVolumes }} - - name: {{ .name }} - {{- if .existingClaim }} - persistentVolumeClaim: - claimName: {{ .existingClaim }} - {{- else if .hostPath }} - hostPath: - {{ toYaml .hostPath | nindent 6 }} - {{- else if .csi }} - csi: - {{- toYaml .csi | nindent 6 }} - {{- else if .configMap }} - configMap: - {{- toYaml .configMap | nindent 6 }} - {{- else if .emptyDir }} - emptyDir: - {{- toYaml .emptyDir | nindent 6 }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - {{- range .Values.extraEmptyDirMounts }} - - name: {{ .name }} - emptyDir: {} - {{- end }} - {{- with .Values.extraContainerVolumes }} - {{- tpl (toYaml .) $root | nindent 2 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/clusterrole.yaml b/composio/charts/temporal/charts/grafana/templates/clusterrole.yaml deleted file mode 100644 index 3af4b62..0000000 --- a/composio/charts/temporal/charts/grafana/templates/clusterrole.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) (not .Values.rbac.useExistingClusterRole) }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ include "grafana.fullname" . }}-clusterrole -{{- if or .Values.sidecar.dashboards.enabled .Values.rbac.extraClusterRoleRules .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }} -rules: - {{- if or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }} - - apiGroups: [""] # "" indicates the core API group - resources: ["configmaps", "secrets"] - verbs: ["get", "watch", "list"] - {{- end}} - {{- with .Values.rbac.extraClusterRoleRules }} - {{- toYaml . | nindent 2 }} - {{- end}} -{{- else }} -rules: [] -{{- end}} -{{- end}} diff --git a/composio/charts/temporal/charts/grafana/templates/clusterrolebinding.yaml b/composio/charts/temporal/charts/grafana/templates/clusterrolebinding.yaml deleted file mode 100644 index bda9431..0000000 --- a/composio/charts/temporal/charts/grafana/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "grafana.fullname" . }}-clusterrolebinding - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -subjects: - - kind: ServiceAccount - name: {{ include "grafana.serviceAccountName" . }} - namespace: {{ include "grafana.namespace" . }} -roleRef: - kind: ClusterRole - {{- if .Values.rbac.useExistingClusterRole }} - name: {{ .Values.rbac.useExistingClusterRole }} - {{- else }} - name: {{ include "grafana.fullname" . }}-clusterrole - {{- end }} - apiGroup: rbac.authorization.k8s.io -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/configSecret.yaml b/composio/charts/temporal/charts/grafana/templates/configSecret.yaml deleted file mode 100644 index 55574b9..0000000 --- a/composio/charts/temporal/charts/grafana/templates/configSecret.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}} -{{- if and .Values.createConfigmap $createConfigSecret }} -{{- $files := .Files }} -{{- $root := . -}} -apiVersion: v1 -kind: Secret -metadata: - name: "{{ include "grafana.fullname" . }}-config-secret" - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -data: -{{- range $key, $value := .Values.alerting }} - {{- if (hasKey $value "secretFile") }} - {{- $key | nindent 2 }}: - {{- toYaml ( $files.Get $value.secretFile ) | b64enc | nindent 4}} - {{/* as of https://helm.sh/docs/chart_template_guide/accessing_files/ this will only work if you fork this chart and add files to it*/}} - {{- end }} -{{- end }} -stringData: -{{- range $key, $value := .Values.datasources }} -{{- if (hasKey $value "secret") }} -{{- $key | nindent 2 }}: | - {{- tpl (toYaml $value.secret | nindent 4) $root }} -{{- end }} -{{- end }} -{{- range $key, $value := .Values.notifiers }} -{{- if (hasKey $value "secret") }} -{{- $key | nindent 2 }}: | - {{- tpl (toYaml $value.secret | nindent 4) $root }} -{{- end }} -{{- end }} -{{- range $key, $value := .Values.alerting }} -{{ if (hasKey $value "secret") }} - {{- $key | nindent 2 }}: | - {{- tpl (toYaml $value.secret | nindent 4) $root }} - {{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/configmap-dashboard-provider.yaml b/composio/charts/temporal/charts/grafana/templates/configmap-dashboard-provider.yaml deleted file mode 100644 index b412c4d..0000000 --- a/composio/charts/temporal/charts/grafana/templates/configmap-dashboard-provider.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if and .Values.sidecar.dashboards.enabled .Values.sidecar.dashboards.SCProvider }} -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ include "grafana.fullname" . }}-config-dashboards - namespace: {{ include "grafana.namespace" . }} -data: - {{- include "grafana.configDashboardProviderData" . | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/configmap.yaml b/composio/charts/temporal/charts/grafana/templates/configmap.yaml deleted file mode 100644 index 0a2edf4..0000000 --- a/composio/charts/temporal/charts/grafana/templates/configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.createConfigmap }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- if or .Values.configMapAnnotations .Values.annotations }} - annotations: - {{- with .Values.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.configMapAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -data: - {{- include "grafana.configData" . | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/dashboards-json-configmap.yaml b/composio/charts/temporal/charts/grafana/templates/dashboards-json-configmap.yaml deleted file mode 100644 index b96ce72..0000000 --- a/composio/charts/temporal/charts/grafana/templates/dashboards-json-configmap.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if .Values.dashboards }} -{{ $files := .Files }} -{{- range $provider, $dashboards := .Values.dashboards }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "grafana.fullname" $ }}-dashboards-{{ $provider }} - namespace: {{ include "grafana.namespace" $ }} - labels: - {{- include "grafana.labels" $ | nindent 4 }} - dashboard-provider: {{ $provider }} - {{- if $.Values.sidecar.dashboards.enabled }} - {{ $.Values.sidecar.dashboards.label }}: {{ $.Values.sidecar.dashboards.labelValue | quote }} - {{- end }} -{{- if $dashboards }} -data: -{{- $dashboardFound := false }} -{{- range $key, $value := $dashboards }} -{{- if (or (hasKey $value "json") (hasKey $value "file")) }} -{{- $dashboardFound = true }} - {{- print $key | nindent 2 }}.json: - {{- if hasKey $value "json" }} - |- - {{- $value.json | nindent 6 }} - {{- end }} - {{- if hasKey $value "file" }} - {{- toYaml ( $files.Get $value.file ) | nindent 4}} - {{- end }} -{{- end }} -{{- end }} -{{- if not $dashboardFound }} - {} -{{- end }} -{{- end }} ---- -{{- end }} - -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/deployment.yaml b/composio/charts/temporal/charts/grafana/templates/deployment.yaml deleted file mode 100644 index 46c016f..0000000 --- a/composio/charts/temporal/charts/grafana/templates/deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{- if (and (not .Values.useStatefulSet) (or (not .Values.persistence.enabled) (eq .Values.persistence.type "pvc"))) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }} - replicas: {{ .Values.replicas }} - {{- end }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 6 }} - {{- with .Values.deploymentStrategy }} - strategy: - {{- toYaml . | trim | nindent 4 }} - {{- end }} - template: - metadata: - labels: - {{- include "grafana.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - annotations: - checksum/config: {{ include "grafana.configData" . | sha256sum }} - {{- if .Values.dashboards }} - checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }} - {{- end }} - checksum/sc-dashboard-provider-config: {{ include "grafana.configDashboardProviderData" . | sha256sum }} - {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - checksum/secret: {{ include "grafana.secretsData" . | sha256sum }} - {{- end }} - {{- if .Values.envRenderSecret }} - checksum/secret-env: {{ tpl (toYaml .Values.envRenderSecret) . | sha256sum }} - {{- end }} - kubectl.kubernetes.io/default-container: {{ .Chart.Name }} - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- include "grafana.pod" . | nindent 6 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/extra-manifests.yaml b/composio/charts/temporal/charts/grafana/templates/extra-manifests.yaml deleted file mode 100644 index a9bb3b6..0000000 --- a/composio/charts/temporal/charts/grafana/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraObjects }} ---- -{{ tpl (toYaml .) $ }} -{{ end }} diff --git a/composio/charts/temporal/charts/grafana/templates/headless-service.yaml b/composio/charts/temporal/charts/grafana/templates/headless-service.yaml deleted file mode 100644 index 3028589..0000000 --- a/composio/charts/temporal/charts/grafana/templates/headless-service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- $sts := list "sts" "StatefulSet" "statefulset" -}} -{{- if or .Values.headlessService (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "grafana.fullname" . }}-headless - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - clusterIP: None - selector: - {{- include "grafana.selectorLabels" . | nindent 4 }} - type: ClusterIP - ports: - - name: {{ .Values.gossipPortName }}-tcp - port: 9094 -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/hpa.yaml b/composio/charts/temporal/charts/grafana/templates/hpa.yaml deleted file mode 100644 index 46bbcb4..0000000 --- a/composio/charts/temporal/charts/grafana/templates/hpa.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- $sts := list "sts" "StatefulSet" "statefulset" -}} -{{- if .Values.autoscaling.enabled }} -apiVersion: {{ include "grafana.hpa.apiVersion" . }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - app.kubernetes.io/name: {{ include "grafana.name" . }} - helm.sh/chart: {{ include "grafana.chart" . }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/instance: {{ .Release.Name }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - {{- if has .Values.persistence.type $sts }} - kind: StatefulSet - {{- else }} - kind: Deployment - {{- end }} - name: {{ include "grafana.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetMemory }} - - type: Resource - resource: - name: memory - {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ .Values.autoscaling.targetMemory }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetMemory }} - {{- end }} - {{- end }} - {{- if .Values.autoscaling.targetCPU }} - - type: Resource - resource: - name: cpu - {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ .Values.autoscaling.targetCPU }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetCPU }} - {{- end }} - {{- end }} - {{- if .Values.autoscaling.behavior }} - behavior: {{ toYaml .Values.autoscaling.behavior | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/image-renderer-deployment.yaml b/composio/charts/temporal/charts/grafana/templates/image-renderer-deployment.yaml deleted file mode 100644 index ea97969..0000000 --- a/composio/charts/temporal/charts/grafana/templates/image-renderer-deployment.yaml +++ /dev/null @@ -1,131 +0,0 @@ -{{ if .Values.imageRenderer.enabled }} -{{- $root := . -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.imageRenderer.labels" . | nindent 4 }} - {{- with .Values.imageRenderer.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.imageRenderer.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and (not .Values.imageRenderer.autoscaling.enabled) (.Values.imageRenderer.replicas) }} - replicas: {{ .Values.imageRenderer.replicas }} - {{- end }} - revisionHistoryLimit: {{ .Values.imageRenderer.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} - - {{- with .Values.imageRenderer.deploymentStrategy }} - strategy: - {{- toYaml . | trim | nindent 4 }} - {{- end }} - template: - metadata: - labels: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 8 }} - {{- with .Values.imageRenderer.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - {{- with .Values.imageRenderer.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imageRenderer.schedulerName }} - schedulerName: "{{ . }}" - {{- end }} - {{- with .Values.imageRenderer.serviceAccountName }} - serviceAccountName: "{{ . }}" - {{- end }} - {{- with .Values.imageRenderer.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imageRenderer.hostAliases }} - hostAliases: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imageRenderer.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} - {{- with .Values.imageRenderer.image.pullSecrets }} - imagePullSecrets: - {{- range . }} - - name: {{ tpl . $root }} - {{- end}} - {{- end }} - containers: - - name: {{ .Chart.Name }}-image-renderer - {{- $registry := .Values.global.imageRegistry | default .Values.imageRenderer.image.registry -}} - {{- if .Values.imageRenderer.image.sha }} - image: "{{ $registry }}/{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}@sha256:{{ .Values.imageRenderer.image.sha }}" - {{- else }} - image: "{{ $registry }}/{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.imageRenderer.image.pullPolicy }} - {{- if .Values.imageRenderer.command }} - command: - {{- range .Values.imageRenderer.command }} - - {{ . }} - {{- end }} - {{- end}} - ports: - - name: {{ .Values.imageRenderer.service.portName }} - containerPort: {{ .Values.imageRenderer.service.targetPort }} - protocol: TCP - livenessProbe: - httpGet: - path: / - port: {{ .Values.imageRenderer.service.portName }} - env: - - name: HTTP_PORT - value: {{ .Values.imageRenderer.service.targetPort | quote }} - {{- if .Values.imageRenderer.serviceMonitor.enabled }} - - name: ENABLE_METRICS - value: "true" - {{- end }} - {{- range $key, $value := .Values.imageRenderer.envValueFrom }} - - name: {{ $key | quote }} - valueFrom: - {{- tpl (toYaml $value) $ | nindent 16 }} - {{- end }} - {{- range $key, $value := .Values.imageRenderer.env }} - - name: {{ $key | quote }} - value: {{ $value | quote }} - {{- end }} - {{- with .Values.imageRenderer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - mountPath: /tmp - name: image-renderer-tmpfs - {{- with .Values.imageRenderer.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.imageRenderer.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imageRenderer.affinity }} - affinity: - {{- tpl (toYaml .) $root | nindent 8 }} - {{- end }} - {{- with .Values.imageRenderer.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: image-renderer-tmpfs - emptyDir: {} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/image-renderer-hpa.yaml b/composio/charts/temporal/charts/grafana/templates/image-renderer-hpa.yaml deleted file mode 100644 index b0f0059..0000000 --- a/composio/charts/temporal/charts/grafana/templates/image-renderer-hpa.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.autoscaling.enabled }} -apiVersion: {{ include "grafana.hpa.apiVersion" . }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer - namespace: {{ include "grafana.namespace" . }} - labels: - app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer - helm.sh/chart: {{ include "grafana.chart" . }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/instance: {{ .Release.Name }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "grafana.fullname" . }}-image-renderer - minReplicas: {{ .Values.imageRenderer.autoscaling.minReplicas }} - maxReplicas: {{ .Values.imageRenderer.autoscaling.maxReplicas }} - metrics: - {{- if .Values.imageRenderer.autoscaling.targetMemory }} - - type: Resource - resource: - name: memory - {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }} - {{- end }} - {{- end }} - {{- if .Values.imageRenderer.autoscaling.targetCPU }} - - type: Resource - resource: - name: cpu - {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }} - {{- end }} - {{- end }} - {{- if .Values.imageRenderer.autoscaling.behavior }} - behavior: {{ toYaml .Values.imageRenderer.autoscaling.behavior | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/image-renderer-network-policy.yaml b/composio/charts/temporal/charts/grafana/templates/image-renderer-network-policy.yaml deleted file mode 100644 index d1a0eb3..0000000 --- a/composio/charts/temporal/charts/grafana/templates/image-renderer-network-policy.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitIngress }} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer-ingress - namespace: {{ include "grafana.namespace" . }} - annotations: - comment: Limit image-renderer ingress traffic from grafana -spec: - podSelector: - matchLabels: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} - {{- with .Values.imageRenderer.podLabels }} - {{- toYaml . | nindent 6 }} - {{- end }} - - policyTypes: - - Ingress - ingress: - - ports: - - port: {{ .Values.imageRenderer.service.targetPort }} - protocol: TCP - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: {{ include "grafana.namespace" . }} - podSelector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 14 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 14 }} - {{- end }} - {{- with .Values.imageRenderer.networkPolicy.extraIngressSelectors -}} - {{ toYaml . | nindent 8 }} - {{- end }} -{{- end }} - -{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitEgress }} ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer-egress - namespace: {{ include "grafana.namespace" . }} - annotations: - comment: Limit image-renderer egress traffic to grafana -spec: - podSelector: - matchLabels: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} - {{- with .Values.imageRenderer.podLabels }} - {{- toYaml . | nindent 6 }} - {{- end }} - - policyTypes: - - Egress - egress: - # allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # talk only to grafana - - ports: - - port: {{ .Values.service.targetPort }} - protocol: TCP - to: - - namespaceSelector: - matchLabels: - name: {{ include "grafana.namespace" . }} - podSelector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 14 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 14 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/image-renderer-service.yaml b/composio/charts/temporal/charts/grafana/templates/image-renderer-service.yaml deleted file mode 100644 index f8da127..0000000 --- a/composio/charts/temporal/charts/grafana/templates/image-renderer-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.imageRenderer.labels" . | nindent 4 }} - {{- with .Values.imageRenderer.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.imageRenderer.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - {{- with .Values.imageRenderer.service.clusterIP }} - clusterIP: {{ . }} - {{- end }} - ports: - - name: {{ .Values.imageRenderer.service.portName }} - port: {{ .Values.imageRenderer.service.port }} - protocol: TCP - targetPort: {{ .Values.imageRenderer.service.targetPort }} - {{- with .Values.imageRenderer.appProtocol }} - appProtocol: {{ . }} - {{- end }} - selector: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/image-renderer-servicemonitor.yaml b/composio/charts/temporal/charts/grafana/templates/image-renderer-servicemonitor.yaml deleted file mode 100644 index 5d9f09d..0000000 --- a/composio/charts/temporal/charts/grafana/templates/image-renderer-servicemonitor.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if .Values.imageRenderer.serviceMonitor.enabled }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "grafana.fullname" . }}-image-renderer - {{- if .Values.imageRenderer.serviceMonitor.namespace }} - namespace: {{ tpl .Values.imageRenderer.serviceMonitor.namespace . }} - {{- else }} - namespace: {{ include "grafana.namespace" . }} - {{- end }} - labels: - {{- include "grafana.imageRenderer.labels" . | nindent 4 }} - {{- with .Values.imageRenderer.serviceMonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: {{ .Values.imageRenderer.service.portName }} - {{- with .Values.imageRenderer.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.imageRenderer.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - honorLabels: true - path: {{ .Values.imageRenderer.serviceMonitor.path }} - scheme: {{ .Values.imageRenderer.serviceMonitor.scheme }} - {{- with .Values.imageRenderer.serviceMonitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.imageRenderer.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - jobLabel: "{{ .Release.Name }}-image-renderer" - selector: - matchLabels: - {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }} - namespaceSelector: - matchNames: - - {{ include "grafana.namespace" . }} - {{- with .Values.imageRenderer.serviceMonitor.targetLabels }} - targetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/ingress.yaml b/composio/charts/temporal/charts/grafana/templates/ingress.yaml deleted file mode 100644 index b2ffd81..0000000 --- a/composio/charts/temporal/charts/grafana/templates/ingress.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $ingressApiIsStable := eq (include "grafana.ingress.isStable" .) "true" -}} -{{- $ingressSupportsIngressClassName := eq (include "grafana.ingress.supportsIngressClassName" .) "true" -}} -{{- $ingressSupportsPathType := eq (include "grafana.ingress.supportsPathType" .) "true" -}} -{{- $fullName := include "grafana.fullname" . -}} -{{- $servicePort := .Values.service.port -}} -{{- $ingressPath := .Values.ingress.path -}} -{{- $ingressPathType := .Values.ingress.pathType -}} -{{- $extraPaths := .Values.ingress.extraPaths -}} -apiVersion: {{ include "grafana.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ $fullName }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.ingress.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.ingress.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} - {{- end }} -spec: - {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }} - ingressClassName: {{ .Values.ingress.ingressClassName }} - {{- end -}} - {{- with .Values.ingress.tls }} - tls: - {{- tpl (toYaml .) $ | nindent 4 }} - {{- end }} - rules: - {{- if .Values.ingress.hosts }} - {{- range .Values.ingress.hosts }} - - host: {{ tpl . $ | quote }} - http: - paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - - path: {{ $ingressPath }} - {{- if $ingressSupportsPathType }} - pathType: {{ $ingressPathType }} - {{- end }} - backend: - {{- if $ingressApiIsStable }} - service: - name: {{ $fullName }} - port: - number: {{ $servicePort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- end }} - {{- else }} - - http: - paths: - - backend: - {{- if $ingressApiIsStable }} - service: - name: {{ $fullName }} - port: - number: {{ $servicePort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- with $ingressPath }} - path: {{ . }} - {{- end }} - {{- if $ingressSupportsPathType }} - pathType: {{ $ingressPathType }} - {{- end }} - {{- end -}} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/networkpolicy.yaml b/composio/charts/temporal/charts/grafana/templates/networkpolicy.yaml deleted file mode 100644 index 4cd3ed6..0000000 --- a/composio/charts/temporal/charts/grafana/templates/networkpolicy.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - policyTypes: - {{- if .Values.networkPolicy.ingress }} - - Ingress - {{- end }} - {{- if .Values.networkPolicy.egress.enabled }} - - Egress - {{- end }} - podSelector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 6 }} - - {{- if .Values.networkPolicy.egress.enabled }} - egress: - {{- if not .Values.networkPolicy.egress.blockDNSResolution }} - - ports: - - port: 53 - protocol: UDP - {{- end }} - - ports: - {{ .Values.networkPolicy.egress.ports | toJson }} - {{- with .Values.networkPolicy.egress.to }} - to: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.networkPolicy.ingress }} - ingress: - - ports: - - port: {{ .Values.service.targetPort }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{ include "grafana.fullname" . }}-client: "true" - {{- with .Values.networkPolicy.explicitNamespacesSelector }} - - namespaceSelector: - {{- toYaml . | nindent 12 }} - {{- end }} - - podSelector: - matchLabels: - {{- include "grafana.labels" . | nindent 14 }} - role: read - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/poddisruptionbudget.yaml b/composio/charts/temporal/charts/grafana/templates/poddisruptionbudget.yaml deleted file mode 100644 index 0525121..0000000 --- a/composio/charts/temporal/charts/grafana/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.podDisruptionBudget }} -apiVersion: {{ include "grafana.podDisruptionBudget.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- with .Values.podDisruptionBudget.minAvailable }} - minAvailable: {{ . }} - {{- end }} - {{- with .Values.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ . }} - {{- end }} - selector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/podsecuritypolicy.yaml b/composio/charts/temporal/charts/grafana/templates/podsecuritypolicy.yaml deleted file mode 100644 index eed7af9..0000000 --- a/composio/charts/temporal/charts/grafana/templates/podsecuritypolicy.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "grafana.fullname" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' - seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - {{- if .Values.rbac.pspUseAppArmor }} - apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' - apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - requiredDropCapabilities: - # Default set from Docker, with DAC_OVERRIDE and CHOWN - - ALL - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'csi' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'RunAsAny' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/pvc.yaml b/composio/charts/temporal/charts/grafana/templates/pvc.yaml deleted file mode 100644 index c0edad2..0000000 --- a/composio/charts/temporal/charts/grafana/templates/pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.type "pvc")}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.persistence.extraPvcLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.persistence.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.persistence.finalizers }} - finalizers: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- if (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)) }} - volumeName: {{ (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)).spec.volumeName }} - {{- end }} - {{- with .Values.persistence.storageClassName }} - storageClassName: {{ . }} - {{- end }} - {{- with .Values.persistence.selectorLabels }} - selector: - matchLabels: - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/role.yaml b/composio/charts/temporal/charts/grafana/templates/role.yaml deleted file mode 100644 index 4b5edd9..0000000 --- a/composio/charts/temporal/charts/grafana/templates/role.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- if or .Values.rbac.pspEnabled (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)) }} -rules: - {{- if and .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} - - apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: [{{ include "grafana.fullname" . }}] - {{- end }} - {{- if and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled) }} - - apiGroups: [""] # "" indicates the core API group - resources: ["configmaps", "secrets"] - verbs: ["get", "watch", "list"] - {{- end }} - {{- with .Values.rbac.extraRoleRules }} - {{- toYaml . | nindent 2 }} - {{- end}} -{{- else }} -rules: [] -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/rolebinding.yaml b/composio/charts/temporal/charts/grafana/templates/rolebinding.yaml deleted file mode 100644 index 58f77c6..0000000 --- a/composio/charts/temporal/charts/grafana/templates/rolebinding.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - {{- if .Values.rbac.useExistingRole }} - name: {{ .Values.rbac.useExistingRole }} - {{- else }} - name: {{ include "grafana.fullname" . }} - {{- end }} -subjects: -- kind: ServiceAccount - name: {{ include "grafana.serviceAccountName" . }} - namespace: {{ include "grafana.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/secret-env.yaml b/composio/charts/temporal/charts/grafana/templates/secret-env.yaml deleted file mode 100644 index eb14aac..0000000 --- a/composio/charts/temporal/charts/grafana/templates/secret-env.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.envRenderSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "grafana.fullname" . }}-env - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} -type: Opaque -data: -{{- range $key, $val := .Values.envRenderSecret }} - {{ $key }}: {{ tpl ($val | toString) $ | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/secret.yaml b/composio/charts/temporal/charts/grafana/templates/secret.yaml deleted file mode 100644 index fd2ca50..0000000 --- a/composio/charts/temporal/charts/grafana/templates/secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret)) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- include "grafana.secretsData" . | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/service.yaml b/composio/charts/temporal/charts/grafana/templates/service.yaml deleted file mode 100644 index e9396a1..0000000 --- a/composio/charts/temporal/charts/grafana/templates/service.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.service.enabled }} -{{- $root := . }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.service.annotations }} - annotations: - {{- tpl (toYaml . | nindent 4) $root }} - {{- end }} -spec: - {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }} - type: ClusterIP - {{- with .Values.service.clusterIP }} - clusterIP: {{ . }} - {{- end }} - {{- else if eq .Values.service.type "LoadBalancer" }} - type: LoadBalancer - {{- with .Values.service.loadBalancerIP }} - loadBalancerIP: {{ . }} - {{- end }} - {{- with .Values.service.loadBalancerClass }} - loadBalancerClass: {{ . }} - {{- end }} - {{- with .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- else }} - type: {{ .Values.service.type }} - {{- end }} - {{- with .Values.service.externalIPs }} - externalIPs: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.service.externalTrafficPolicy }} - externalTrafficPolicy: {{ . }} - {{- end }} - ports: - - name: {{ .Values.service.portName }} - port: {{ .Values.service.port }} - protocol: TCP - targetPort: {{ .Values.service.targetPort }} - {{- with .Values.service.appProtocol }} - appProtocol: {{ . }} - {{- end }} - {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - {{- with .Values.extraExposePorts }} - {{- tpl (toYaml . | nindent 4) $root }} - {{- end }} - selector: - {{- include "grafana.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/serviceaccount.yaml b/composio/charts/temporal/charts/grafana/templates/serviceaccount.yaml deleted file mode 100644 index ffca071..0000000 --- a/composio/charts/temporal/charts/grafana/templates/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.serviceAccount.autoMount | default .Values.serviceAccount.automountServiceAccountToken }} -metadata: - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- tpl (toYaml . | nindent 4) $ }} - {{- end }} - name: {{ include "grafana.serviceAccountName" . }} - namespace: {{ include "grafana.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/servicemonitor.yaml b/composio/charts/temporal/charts/grafana/templates/servicemonitor.yaml deleted file mode 100644 index 0359013..0000000 --- a/composio/charts/temporal/charts/grafana/templates/servicemonitor.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "grafana.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ tpl .Values.serviceMonitor.namespace . }} - {{- else }} - namespace: {{ include "grafana.namespace" . }} - {{- end }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.serviceMonitor.labels }} - {{- tpl (toYaml . | nindent 4) $ }} - {{- end }} -spec: - endpoints: - - port: {{ .Values.service.portName }} - {{- with .Values.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - honorLabels: true - path: {{ .Values.serviceMonitor.path }} - scheme: {{ .Values.serviceMonitor.scheme }} - {{- with .Values.serviceMonitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - jobLabel: "{{ .Release.Name }}" - selector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 6 }} - namespaceSelector: - matchNames: - - {{ include "grafana.namespace" . }} - {{- with .Values.serviceMonitor.targetLabels }} - targetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/statefulset.yaml b/composio/charts/temporal/charts/grafana/templates/statefulset.yaml deleted file mode 100644 index e6c944a..0000000 --- a/composio/charts/temporal/charts/grafana/templates/statefulset.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- $sts := list "sts" "StatefulSet" "statefulset" -}} -{{- if (or (.Values.useStatefulSet) (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)))}} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "grafana.fullname" . }} - namespace: {{ include "grafana.namespace" . }} - labels: - {{- include "grafana.labels" . | nindent 4 }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: - {{- include "grafana.selectorLabels" . | nindent 6 }} - serviceName: {{ include "grafana.fullname" . }}-headless - template: - metadata: - labels: - {{- include "grafana.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }} - checksum/sc-dashboard-provider-config: {{ include (print $.Template.BasePath "/configmap-dashboard-provider.yaml") . | sha256sum }} - {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }} - checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} - {{- end }} - kubectl.kubernetes.io/default-container: {{ .Chart.Name }} - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- include "grafana.pod" . | nindent 6 }} - {{- if .Values.persistence.enabled}} - volumeClaimTemplates: - - metadata: - name: storage - spec: - accessModes: {{ .Values.persistence.accessModes }} - storageClassName: {{ .Values.persistence.storageClassName }} - resources: - requests: - storage: {{ .Values.persistence.size }} - {{- with .Values.persistence.selectorLabels }} - selector: - matchLabels: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test-configmap.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test-configmap.yaml deleted file mode 100644 index 01c96c9..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test-configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.testFramework.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "grafana.fullname" . }}-test - namespace: {{ include "grafana.namespace" . }} - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" - labels: - {{- include "grafana.labels" . | nindent 4 }} -data: - run.sh: |- - @test "Test Health" { - url="http://{{ include "grafana.fullname" . }}/api/health" - - code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^ HTTP/{print $2}') - [ "$code" == "200" ] - } -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test-podsecuritypolicy.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test-podsecuritypolicy.yaml deleted file mode 100644 index 1821772..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test-podsecuritypolicy.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "grafana.fullname" . }}-test - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" - labels: - {{- include "grafana.labels" . | nindent 4 }} -spec: - allowPrivilegeEscalation: true - privileged: false - hostNetwork: false - hostIPC: false - hostPID: false - fsGroup: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - runAsUser: - rule: RunAsAny - volumes: - - configMap - - downwardAPI - - emptyDir - - projected - - csi - - secret -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test-role.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test-role.yaml deleted file mode 100644 index cb4c782..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test-role.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "grafana.fullname" . }}-test - namespace: {{ include "grafana.namespace" . }} - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" - labels: - {{- include "grafana.labels" . | nindent 4 }} -rules: - - apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: [{{ include "grafana.fullname" . }}-test] -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test-rolebinding.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test-rolebinding.yaml deleted file mode 100644 index f40d791..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test-rolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled .Values.rbac.pspEnabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "grafana.fullname" . }}-test - namespace: {{ include "grafana.namespace" . }} - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" - labels: - {{- include "grafana.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "grafana.fullname" . }}-test -subjects: - - kind: ServiceAccount - name: {{ include "grafana.serviceAccountNameTest" . }} - namespace: {{ include "grafana.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test-serviceaccount.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test-serviceaccount.yaml deleted file mode 100644 index 38fba35..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if and .Values.testFramework.enabled .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - {{- include "grafana.labels" . | nindent 4 }} - name: {{ include "grafana.serviceAccountNameTest" . }} - namespace: {{ include "grafana.namespace" . }} - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/templates/tests/test.yaml b/composio/charts/temporal/charts/grafana/templates/tests/test.yaml deleted file mode 100644 index 9e88afc..0000000 --- a/composio/charts/temporal/charts/grafana/templates/tests/test.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{- if .Values.testFramework.enabled }} -{{- $root := . }} -apiVersion: v1 -kind: Pod -metadata: - name: {{ include "grafana.fullname" . }}-test - labels: - {{- include "grafana.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test-success - "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" - namespace: {{ include "grafana.namespace" . }} -spec: - serviceAccountName: {{ include "grafana.serviceAccountNameTest" . }} - {{- with .Values.testFramework.securityContext }} - securityContext: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 4 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- tpl (toYaml .) $root | nindent 4 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 4 }} - {{- end }} - containers: - - name: {{ .Release.Name }}-test - image: "{{ .Values.global.imageRegistry | default .Values.testFramework.image.registry }}/{{ .Values.testFramework.image.repository }}:{{ .Values.testFramework.image.tag }}" - imagePullPolicy: "{{ .Values.testFramework.imagePullPolicy}}" - command: ["/opt/bats/bin/bats", "-t", "/tests/run.sh"] - volumeMounts: - - mountPath: /tests - name: tests - readOnly: true - {{- with .Values.testFramework.resources }} - resources: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: tests - configMap: - name: {{ include "grafana.fullname" . }}-test - restartPolicy: Never -{{- end }} diff --git a/composio/charts/temporal/charts/grafana/values.yaml b/composio/charts/temporal/charts/grafana/values.yaml deleted file mode 100644 index 1d6ebda..0000000 --- a/composio/charts/temporal/charts/grafana/values.yaml +++ /dev/null @@ -1,1334 +0,0 @@ -global: - # -- Overrides the Docker registry globally for all images - imageRegistry: null - - # To help compatibility with other charts which use global.imagePullSecrets. - # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). - # Can be tempalted. - # global: - # imagePullSecrets: - # - name: pullSecret1 - # - name: pullSecret2 - # or - # global: - # imagePullSecrets: - # - pullSecret1 - # - pullSecret2 - imagePullSecrets: [] - -rbac: - create: true - ## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true) - # useExistingRole: name-of-some-role - # useExistingClusterRole: name-of-some-clusterRole - pspEnabled: false - pspUseAppArmor: false - namespaced: false - extraRoleRules: [] - # - apiGroups: [] - # resources: [] - # verbs: [] - extraClusterRoleRules: [] - # - apiGroups: [] - # resources: [] - # verbs: [] -serviceAccount: - create: true - name: - nameTest: - ## ServiceAccount labels. - labels: {} - ## Service account annotations. Can be templated. - # annotations: - # eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here - - ## autoMount is deprecated in favor of automountServiceAccountToken - # autoMount: false - automountServiceAccountToken: false - -replicas: 1 - -## Create a headless service for the deployment -headlessService: false - -## Should the service account be auto mounted on the pod -automountServiceAccountToken: true - -## Create HorizontalPodAutoscaler object for deployment type -# -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 5 - targetCPU: "60" - targetMemory: "" - behavior: {} - -## See `kubectl explain poddisruptionbudget.spec` for more -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -podDisruptionBudget: {} -# apiVersion: "" -# minAvailable: 1 -# maxUnavailable: 1 - -## See `kubectl explain deployment.spec.strategy` for more -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy -deploymentStrategy: - type: RollingUpdate - -readinessProbe: - httpGet: - path: /api/health - port: 3000 - -livenessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 60 - timeoutSeconds: 30 - failureThreshold: 10 - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: "default-scheduler" - -image: - # -- The Docker registry - registry: docker.io - # -- Docker image repository - repository: grafana/grafana - # Overrides the Grafana image tag whose default is the chart appVersion - tag: "" - sha: "" - pullPolicy: IfNotPresent - - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Can be templated. - ## - pullSecrets: [] - # - myRegistrKeySecretName - -testFramework: - enabled: true - image: - # -- The Docker registry - registry: docker.io - repository: bats/bats - tag: "v1.4.1" - imagePullPolicy: IfNotPresent - securityContext: {} - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -# dns configuration for pod -dnsPolicy: ~ -dnsConfig: {} - # nameservers: - # - 8.8.8.8 - # options: - # - name: ndots - # value: "2" - # - name: edns0 - -securityContext: - runAsNonRoot: true - runAsUser: 472 - runAsGroup: 472 - fsGroup: 472 - -containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - -# Enable creating the grafana configmap -createConfigmap: true - -# Extra configmaps to mount in grafana pods -# Values are templated. -extraConfigmapMounts: [] - # - name: certs-configmap - # mountPath: /etc/grafana/ssl/ - # subPath: certificates.crt # (optional) - # configMap: certs-configmap - # readOnly: true - - -extraEmptyDirMounts: [] - # - name: provisioning-notifiers - # mountPath: /etc/grafana/provisioning/notifiers - - -# Apply extra labels to common labels. -extraLabels: {} - -## Assign a PriorityClassName to pods if set -# priorityClassName: - -downloadDashboardsImage: - # -- The Docker registry - registry: docker.io - repository: curlimages/curl - tag: 7.85.0 - sha: "" - pullPolicy: IfNotPresent - -downloadDashboards: - env: {} - envFromSecret: "" - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - -## Pod Annotations -# podAnnotations: {} - -## ConfigMap Annotations -# configMapAnnotations: {} - # argocd.argoproj.io/sync-options: Replace=true - -## Pod Labels -# podLabels: {} - -podPortName: grafana -gossipPortName: gossip -## Deployment annotations -# annotations: {} - -## Expose the grafana service to be accessed from outside the cluster (LoadBalancer service). -## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. -## ref: http://kubernetes.io/docs/user-guide/services/ -## -service: - enabled: true - type: ClusterIP - loadBalancerIP: "" - loadBalancerClass: "" - loadBalancerSourceRanges: [] - port: 80 - targetPort: 3000 - # targetPort: 4181 To be used with a proxy extraContainer - ## Service annotations. Can be templated. - annotations: {} - labels: {} - portName: service - # Adds the appProtocol field to the service. This allows to work with istio protocol selection. Ex: "http" or "tcp" - appProtocol: "" - -serviceMonitor: - ## If true, a ServiceMonitor CRD is created for a prometheus operator - ## https://github.com/coreos/prometheus-operator - ## - enabled: false - path: /metrics - # namespace: monitoring (defaults to use the namespace this chart is deployed to) - labels: {} - interval: 30s - scheme: http - tlsConfig: {} - scrapeTimeout: 30s - relabelings: [] - metricRelabelings: [] - targetLabels: [] - -extraExposePorts: [] - # - name: keycloak - # port: 8080 - # targetPort: 8080 - -# overrides pod.spec.hostAliases in the grafana deployment's pods -hostAliases: [] - # - ip: "1.2.3.4" - # hostnames: - # - "my.host.com" - -ingress: - enabled: false - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - # Values can be templated - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - labels: {} - path: / - - # pathType is only for k8s >= 1.1= - pathType: Prefix - - hosts: - - chart-example.local - ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## Or for k8s > 1.19 - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: use-annotation - - - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -# -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] - -## Affinity for pod assignment (evaluated as template) -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Topology Spread Constraints -## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -## -topologySpreadConstraints: [] - -## Additional init containers (evaluated as template) -## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ -## -extraInitContainers: [] - -## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod -extraContainers: "" -# extraContainers: | -# - name: proxy -# image: quay.io/gambol99/keycloak-proxy:latest -# args: -# - -provider=github -# - -client-id= -# - -client-secret= -# - -github-org= -# - -email-domain=* -# - -cookie-secret= -# - -http-address=http://0.0.0.0:4181 -# - -upstream-url=http://127.0.0.1:3000 -# ports: -# - name: proxy-web -# containerPort: 4181 - -## Volumes that can be used in init containers that will not be mounted to deployment pods -extraContainerVolumes: [] -# - name: volume-from-secret -# secret: -# secretName: secret-to-mount -# - name: empty-dir-volume -# emptyDir: {} - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - type: pvc - enabled: false - # storageClassName: default - accessModes: - - ReadWriteOnce - size: 10Gi - # annotations: {} - finalizers: - - kubernetes.io/pvc-protection - # selectorLabels: {} - ## Sub-directory of the PV to mount. Can be templated. - # subPath: "" - ## Name of an existing PVC. Can be templated. - # existingClaim: - ## Extra labels to apply to a PVC. - extraPvcLabels: {} - - ## If persistence is not enabled, this allows to mount the - ## local storage in-memory to improve performance - ## - inMemory: - enabled: false - ## The maximum usage on memory medium EmptyDir would be - ## the minimum value between the SizeLimit specified - ## here and the sum of memory limits of all containers in a pod - ## - # sizeLimit: 300Mi - -initChownData: - ## If false, data ownership will not be reset at startup - ## This allows the grafana-server to be run with an arbitrary user - ## - enabled: true - - ## initChownData container image - ## - image: - # -- The Docker registry - registry: docker.io - repository: library/busybox - tag: "1.31.1" - sha: "" - pullPolicy: IfNotPresent - - ## initChownData resource requests and limits - ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - securityContext: - runAsNonRoot: false - runAsUser: 0 - seccompProfile: - type: RuntimeDefault - capabilities: - add: - - CHOWN - -# Administrator credentials when not using an existing secret (see below) -adminUser: admin -# adminPassword: strongpassword - -# Use an existing secret for the admin user. -admin: - ## Name of the secret. Can be templated. - existingSecret: "" - userKey: admin-user - passwordKey: admin-password - -## Define command to be executed at startup by grafana container -## Needed if using `vault-env` to manage secrets (ref: https://banzaicloud.com/blog/inject-secrets-into-pods-vault/) -## Default is "run.sh" as defined in grafana's Dockerfile -# command: -# - "sh" -# - "/run.sh" - -## Optionally define args if command is used -## Needed if using `hashicorp/envconsul` to manage secrets -## By default no arguments are set -# args: -# - "-secret" -# - "secret/grafana" -# - "./grafana" - -## Extra environment variables that will be pass onto deployment pods -## -## to provide grafana with access to CloudWatch on AWS EKS: -## 1. create an iam role of type "Web identity" with provider oidc.eks.* (note the provider for later) -## 2. edit the "Trust relationships" of the role, add a line inside the StringEquals clause using the -## same oidc eks provider as noted before (same as the existing line) -## also, replace NAMESPACE and prometheus-operator-grafana with the service account namespace and name -## -## "oidc.eks.us-east-1.amazonaws.com/id/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:sub": "system:serviceaccount:NAMESPACE:prometheus-operator-grafana", -## -## 3. attach a policy to the role, you can use a built in policy called CloudWatchReadOnlyAccess -## 4. use the following env: (replace 123456789000 and iam-role-name-here with your aws account number and role name) -## -## env: -## AWS_ROLE_ARN: arn:aws:iam::123456789000:role/iam-role-name-here -## AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token -## AWS_REGION: us-east-1 -## -## 5. uncomment the EKS section in extraSecretMounts: below -## 6. uncomment the annotation section in the serviceAccount: above -## make sure to replace arn:aws:iam::123456789000:role/iam-role-name-here with your role arn - -env: {} - -## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. -## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core -## Renders in container spec as: -## env: -## ... -## - name: -## valueFrom: -## -envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - -## The name of a secret in the same kubernetes namespace which contain values to be added to the environment -## This can be useful for auth tokens, etc. Value is templated. -envFromSecret: "" - -## Sensible environment variables that will be rendered as new secret object -## This can be useful for auth tokens, etc. -## If the secret values contains "{{", they'll need to be properly escaped so that they are not interpreted by Helm -## ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function -envRenderSecret: {} - -## The names of secrets in the same kubernetes namespace which contain values to be added to the environment -## Each entry should contain a name key, and can optionally specify whether the secret must be defined with an optional key. -## Name is templated. -envFromSecrets: [] -## - name: secret-name -## prefix: prefix -## optional: true - -## The names of conifgmaps in the same kubernetes namespace which contain values to be added to the environment -## Each entry should contain a name key, and can optionally specify whether the configmap must be defined with an optional key. -## Name is templated. -## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#configmapenvsource-v1-core -envFromConfigMaps: [] -## - name: configmap-name -## prefix: prefix -## optional: true - -# Inject Kubernetes services as environment variables. -# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#environment-variables -enableServiceLinks: true - -## Additional grafana server secret mounts -# Defines additional mounts with secrets. Secrets must be manually created in the namespace. -extraSecretMounts: [] - # - name: secret-files - # mountPath: /etc/secrets - # secretName: grafana-secret-files - # readOnly: true - # subPath: "" - # - # for AWS EKS (cloudwatch) use the following (see also instruction in env: above) - # - name: aws-iam-token - # mountPath: /var/run/secrets/eks.amazonaws.com/serviceaccount - # readOnly: true - # projected: - # defaultMode: 420 - # sources: - # - serviceAccountToken: - # audience: sts.amazonaws.com - # expirationSeconds: 86400 - # path: token - # - # for CSI e.g. Azure Key Vault use the following - # - name: secrets-store-inline - # mountPath: /run/secrets - # readOnly: true - # csi: - # driver: secrets-store.csi.k8s.io - # readOnly: true - # volumeAttributes: - # secretProviderClass: "akv-grafana-spc" - # nodePublishSecretRef: # Only required when using service principal mode - # name: grafana-akv-creds # Only required when using service principal mode - -## Additional grafana server volume mounts -# Defines additional volume mounts. -extraVolumeMounts: [] - # - name: extra-volume-0 - # mountPath: /mnt/volume0 - # readOnly: true - # - name: extra-volume-1 - # mountPath: /mnt/volume1 - # readOnly: true - # - name: grafana-secrets - # mountPath: /mnt/volume2 - -## Additional Grafana server volumes -extraVolumes: [] - # - name: extra-volume-0 - # existingClaim: volume-claim - # - name: extra-volume-1 - # hostPath: - # path: /usr/shared/ - # type: "" - # - name: grafana-secrets - # csi: - # driver: secrets-store.csi.k8s.io - # readOnly: true - # volumeAttributes: - # secretProviderClass: "grafana-env-spc" - -## Container Lifecycle Hooks. Execute a specific bash command or make an HTTP request -lifecycleHooks: {} - # postStart: - # exec: - # command: [] - -## Pass the plugins you want installed as a list. -## -plugins: [] - # - digrich-bubblechart-panel - # - grafana-clock-panel - ## You can also use other plugin download URL, as long as they are valid zip files, - ## and specify the name of the plugin after the semicolon. Like this: - # - https://grafana.com/api/plugins/marcusolsson-json-datasource/versions/1.3.2/download;marcusolsson-json-datasource - -## Configure grafana datasources -## ref: http://docs.grafana.org/administration/provisioning/#datasources -## -datasources: {} -# datasources.yaml: -# apiVersion: 1 -# datasources: -# - name: Prometheus -# type: prometheus -# url: http://prometheus-prometheus-server -# access: proxy -# isDefault: true -# - name: CloudWatch -# type: cloudwatch -# access: proxy -# uid: cloudwatch -# editable: false -# jsonData: -# authType: default -# defaultRegion: us-east-1 -# deleteDatasources: [] -# - name: Prometheus - -## Configure grafana alerting (can be templated) -## ref: http://docs.grafana.org/administration/provisioning/#alerting -## -alerting: {} - # rules.yaml: - # apiVersion: 1 - # groups: - # - orgId: 1 - # name: '{{ .Chart.Name }}_my_rule_group' - # folder: my_first_folder - # interval: 60s - # rules: - # - uid: my_id_1 - # title: my_first_rule - # condition: A - # data: - # - refId: A - # datasourceUid: '-100' - # model: - # conditions: - # - evaluator: - # params: - # - 3 - # type: gt - # operator: - # type: and - # query: - # params: - # - A - # reducer: - # type: last - # type: query - # datasource: - # type: __expr__ - # uid: '-100' - # expression: 1==0 - # intervalMs: 1000 - # maxDataPoints: 43200 - # refId: A - # type: math - # dashboardUid: my_dashboard - # panelId: 123 - # noDataState: Alerting - # for: 60s - # annotations: - # some_key: some_value - # labels: - # team: sre_team_1 - # contactpoints.yaml: - # secret: - # apiVersion: 1 - # contactPoints: - # - orgId: 1 - # name: cp_1 - # receivers: - # - uid: first_uid - # type: pagerduty - # settings: - # integrationKey: XXX - # severity: critical - # class: ping failure - # component: Grafana - # group: app-stack - # summary: | - # {{ `{{ include "default.message" . }}` }} - -## Configure notifiers -## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels -## -notifiers: {} -# notifiers.yaml: -# notifiers: -# - name: email-notifier -# type: email -# uid: email1 -# # either: -# org_id: 1 -# # or -# org_name: Main Org. -# is_default: true -# settings: -# addresses: an_email_address@example.com -# delete_notifiers: - -## Configure grafana dashboard providers -## ref: http://docs.grafana.org/administration/provisioning/#dashboards -## -## `path` must be /var/lib/grafana/dashboards/ -## -dashboardProviders: {} -# dashboardproviders.yaml: -# apiVersion: 1 -# providers: -# - name: 'default' -# orgId: 1 -# folder: '' -# type: file -# disableDeletion: false -# editable: true -# options: -# path: /var/lib/grafana/dashboards/default - -## Configure grafana dashboard to import -## NOTE: To use dashboards you must also enable/configure dashboardProviders -## ref: https://grafana.com/dashboards -## -## dashboards per provider, use provider name as key. -## -dashboards: {} - # default: - # some-dashboard: - # json: | - # $RAW_JSON - # custom-dashboard: - # file: dashboards/custom-dashboard.json - # prometheus-stats: - # gnetId: 2 - # revision: 2 - # datasource: Prometheus - # local-dashboard: - # url: https://example.com/repository/test.json - # token: '' - # local-dashboard-base64: - # url: https://example.com/repository/test-b64.json - # token: '' - # b64content: true - # local-dashboard-gitlab: - # url: https://example.com/repository/test-gitlab.json - # gitlabToken: '' - # local-dashboard-bitbucket: - # url: https://example.com/repository/test-bitbucket.json - # bearerToken: '' - # local-dashboard-azure: - # url: https://example.com/repository/test-azure.json - # basic: '' - # acceptHeader: '*/*' - -## Reference to external ConfigMap per provider. Use provider name as key and ConfigMap name as value. -## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both. -## ConfigMap data example: -## -## data: -## example-dashboard.json: | -## RAW_JSON -## -dashboardsConfigMaps: {} -# default: "" - -## Grafana's primary configuration -## NOTE: values in map will be converted to ini format -## ref: http://docs.grafana.org/installation/configuration/ -## -grafana.ini: - paths: - data: /var/lib/grafana/ - logs: /var/log/grafana - plugins: /var/lib/grafana/plugins - provisioning: /etc/grafana/provisioning - analytics: - check_for_updates: true - log: - mode: console - grafana_net: - url: https://grafana.net - server: - domain: "{{ if (and .Values.ingress.enabled .Values.ingress.hosts) }}{{ .Values.ingress.hosts | first }}{{ else }}''{{ end }}" -## grafana Authentication can be enabled with the following values on grafana.ini - # server: - # The full public facing url you use in browser, used for redirects and emails - # root_url: - # https://grafana.com/docs/grafana/latest/auth/github/#enable-github-in-grafana - # auth.github: - # enabled: false - # allow_sign_up: false - # scopes: user:email,read:org - # auth_url: https://github.com/login/oauth/authorize - # token_url: https://github.com/login/oauth/access_token - # api_url: https://api.github.com/user - # team_ids: - # allowed_organizations: - # client_id: - # client_secret: -## LDAP Authentication can be enabled with the following values on grafana.ini -## NOTE: Grafana will fail to start if the value for ldap.toml is invalid - # auth.ldap: - # enabled: true - # allow_sign_up: true - # config_file: /etc/grafana/ldap.toml - -## Grafana's LDAP configuration -## Templated by the template in _helpers.tpl -## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled -## ref: http://docs.grafana.org/installation/configuration/#auth-ldap -## ref: http://docs.grafana.org/installation/ldap/#configuration -ldap: - enabled: false - # `existingSecret` is a reference to an existing secret containing the ldap configuration - # for Grafana in a key `ldap-toml`. - existingSecret: "" - # `config` is the content of `ldap.toml` that will be stored in the created secret - config: "" - # config: |- - # verbose_logging = true - - # [[servers]] - # host = "my-ldap-server" - # port = 636 - # use_ssl = true - # start_tls = false - # ssl_skip_verify = false - # bind_dn = "uid=%s,ou=users,dc=myorg,dc=com" - -## Grafana's SMTP configuration -## NOTE: To enable, grafana.ini must be configured with smtp.enabled -## ref: http://docs.grafana.org/installation/configuration/#smtp -smtp: - # `existingSecret` is a reference to an existing secret containing the smtp configuration - # for Grafana. - existingSecret: "" - userKey: "user" - passwordKey: "password" - -## Sidecars that collect the configmaps with specified label and stores the included files them into the respective folders -## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards -sidecar: - image: - # -- The Docker registry - registry: quay.io - repository: kiwigrid/k8s-sidecar - tag: 1.26.1 - sha: "" - imagePullPolicy: IfNotPresent - resources: {} -# limits: -# cpu: 100m -# memory: 100Mi -# requests: -# cpu: 50m -# memory: 50Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - # skipTlsVerify Set to true to skip tls verification for kube api calls - # skipTlsVerify: true - enableUniqueFilenames: false - readinessProbe: {} - livenessProbe: {} - # Log level default for all sidecars. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. Defaults to INFO - # logLevel: INFO - alerts: - enabled: false - # Additional environment variables for the alerts sidecar - env: {} - # Do not reprocess already processed unchanged resources on k8s API reconnect. - # ignoreAlreadyProcessed: true - # label that the configmaps with alert are marked with - label: grafana_alert - # value of label that the configmaps with alert are set to - labelValue: "" - # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. - # logLevel: INFO - # If specified, the sidecar will search for alert config-maps inside this namespace. - # Otherwise the namespace in which the sidecar is running will be used. - # It's also possible to specify ALL to search in all namespaces - searchNamespace: null - # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. - watchMethod: WATCH - # search in configmap, secret or both - resource: both - # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. - # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S - # watchServerTimeout: 3600 - # - # watchClientTimeout: is a client-side timeout, configuring your local socket. - # If you have a network outage dropping all packets with no RST/FIN, - # this is how long your client waits before realizing & dropping the connection. - # defaults to 66sec (sic!) - # watchClientTimeout: 60 - # - # Endpoint to send request to reload alerts - reloadURL: "http://localhost:3000/api/admin/provisioning/alerting/reload" - # Absolute path to shell script to execute after a alert got reloaded - script: null - skipReload: false - # This is needed if skipReload is true, to load any alerts defined at startup time. - # Deploy the alert sidecar as an initContainer. - initAlerts: false - # Additional alert sidecar volume mounts - extraMounts: [] - # Sets the size limit of the alert sidecar emptyDir volume - sizeLimit: {} - dashboards: - enabled: false - # Additional environment variables for the dashboards sidecar - env: {} - # Do not reprocess already processed unchanged resources on k8s API reconnect. - # ignoreAlreadyProcessed: true - SCProvider: true - # label that the configmaps with dashboards are marked with - label: grafana_dashboard - # value of label that the configmaps with dashboards are set to - labelValue: "" - # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. - # logLevel: INFO - # folder in the pod that should hold the collected dashboards (unless `defaultFolderName` is set) - folder: /tmp/dashboards - # The default folder name, it will create a subfolder under the `folder` and put dashboards in there instead - defaultFolderName: null - # Namespaces list. If specified, the sidecar will search for config-maps/secrets inside these namespaces. - # Otherwise the namespace in which the sidecar is running will be used. - # It's also possible to specify ALL to search in all namespaces. - searchNamespace: null - # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. - watchMethod: WATCH - # search in configmap, secret or both - resource: both - # If specified, the sidecar will look for annotation with this name to create folder and put graph here. - # You can use this parameter together with `provider.foldersFromFilesStructure`to annotate configmaps and create folder structure. - folderAnnotation: null - # Endpoint to send request to reload alerts - reloadURL: "http://localhost:3000/api/admin/provisioning/dashboards/reload" - # Absolute path to shell script to execute after a configmap got reloaded - script: null - skipReload: false - # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. - # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S - # watchServerTimeout: 3600 - # - # watchClientTimeout: is a client-side timeout, configuring your local socket. - # If you have a network outage dropping all packets with no RST/FIN, - # this is how long your client waits before realizing & dropping the connection. - # defaults to 66sec (sic!) - # watchClientTimeout: 60 - # - # provider configuration that lets grafana manage the dashboards - provider: - # name of the provider, should be unique - name: sidecarProvider - # orgid as configured in grafana - orgid: 1 - # folder in which the dashboards should be imported in grafana - folder: '' - # folder UID. will be automatically generated if not specified - folderUid: '' - # type of the provider - type: file - # disableDelete to activate a import-only behaviour - disableDelete: false - # allow updating provisioned dashboards from the UI - allowUiUpdates: false - # allow Grafana to replicate dashboard structure from filesystem - foldersFromFilesStructure: false - # Additional dashboard sidecar volume mounts - extraMounts: [] - # Sets the size limit of the dashboard sidecar emptyDir volume - sizeLimit: {} - datasources: - enabled: false - # Additional environment variables for the datasourcessidecar - env: {} - envValueFrom: {} - # Do not reprocess already processed unchanged resources on k8s API reconnect. - # ignoreAlreadyProcessed: true - # label that the configmaps with datasources are marked with - label: grafana_datasource - # value of label that the configmaps with datasources are set to - labelValue: "" - # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. - # logLevel: INFO - # If specified, the sidecar will search for datasource config-maps inside this namespace. - # Otherwise the namespace in which the sidecar is running will be used. - # It's also possible to specify ALL to search in all namespaces - searchNamespace: null - # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. - watchMethod: WATCH - # search in configmap, secret or both - resource: both - # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. - # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S - # watchServerTimeout: 3600 - # - # watchClientTimeout: is a client-side timeout, configuring your local socket. - # If you have a network outage dropping all packets with no RST/FIN, - # this is how long your client waits before realizing & dropping the connection. - # defaults to 66sec (sic!) - # watchClientTimeout: 60 - # - # Endpoint to send request to reload datasources - reloadURL: "http://localhost:3000/api/admin/provisioning/datasources/reload" - # Absolute path to shell script to execute after a datasource got reloaded - script: null - skipReload: false - # This is needed if skipReload is true, to load any datasources defined at startup time. - # Deploy the datasources sidecar as an initContainer. - initDatasources: false - # Sets the size limit of the datasource sidecar emptyDir volume - sizeLimit: {} - plugins: - enabled: false - # Additional environment variables for the plugins sidecar - env: {} - # Do not reprocess already processed unchanged resources on k8s API reconnect. - # ignoreAlreadyProcessed: true - # label that the configmaps with plugins are marked with - label: grafana_plugin - # value of label that the configmaps with plugins are set to - labelValue: "" - # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. - # logLevel: INFO - # If specified, the sidecar will search for plugin config-maps inside this namespace. - # Otherwise the namespace in which the sidecar is running will be used. - # It's also possible to specify ALL to search in all namespaces - searchNamespace: null - # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. - watchMethod: WATCH - # search in configmap, secret or both - resource: both - # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. - # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S - # watchServerTimeout: 3600 - # - # watchClientTimeout: is a client-side timeout, configuring your local socket. - # If you have a network outage dropping all packets with no RST/FIN, - # this is how long your client waits before realizing & dropping the connection. - # defaults to 66sec (sic!) - # watchClientTimeout: 60 - # - # Endpoint to send request to reload plugins - reloadURL: "http://localhost:3000/api/admin/provisioning/plugins/reload" - # Absolute path to shell script to execute after a plugin got reloaded - script: null - skipReload: false - # Deploy the datasource sidecar as an initContainer in addition to a container. - # This is needed if skipReload is true, to load any plugins defined at startup time. - initPlugins: false - # Sets the size limit of the plugin sidecar emptyDir volume - sizeLimit: {} - notifiers: - enabled: false - # Additional environment variables for the notifierssidecar - env: {} - # Do not reprocess already processed unchanged resources on k8s API reconnect. - # ignoreAlreadyProcessed: true - # label that the configmaps with notifiers are marked with - label: grafana_notifier - # value of label that the configmaps with notifiers are set to - labelValue: "" - # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. - # logLevel: INFO - # If specified, the sidecar will search for notifier config-maps inside this namespace. - # Otherwise the namespace in which the sidecar is running will be used. - # It's also possible to specify ALL to search in all namespaces - searchNamespace: null - # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. - watchMethod: WATCH - # search in configmap, secret or both - resource: both - # watchServerTimeout: request to the server, asking it to cleanly close the connection after that. - # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S - # watchServerTimeout: 3600 - # - # watchClientTimeout: is a client-side timeout, configuring your local socket. - # If you have a network outage dropping all packets with no RST/FIN, - # this is how long your client waits before realizing & dropping the connection. - # defaults to 66sec (sic!) - # watchClientTimeout: 60 - # - # Endpoint to send request to reload notifiers - reloadURL: "http://localhost:3000/api/admin/provisioning/notifications/reload" - # Absolute path to shell script to execute after a notifier got reloaded - script: null - skipReload: false - # Deploy the notifier sidecar as an initContainer in addition to a container. - # This is needed if skipReload is true, to load any notifiers defined at startup time. - initNotifiers: false - # Sets the size limit of the notifier sidecar emptyDir volume - sizeLimit: {} - -## Override the deployment namespace -## -namespaceOverride: "" - -## Number of old ReplicaSets to retain -## -revisionHistoryLimit: 10 - -## Add a seperate remote image renderer deployment/service -imageRenderer: - deploymentStrategy: {} - # Enable the image-renderer deployment & service - enabled: false - replicas: 1 - autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 5 - targetCPU: "60" - targetMemory: "" - behavior: {} - image: - # -- The Docker registry - registry: docker.io - # image-renderer Image repository - repository: grafana/grafana-image-renderer - # image-renderer Image tag - tag: latest - # image-renderer Image sha (optional) - sha: "" - # image-renderer ImagePullPolicy - pullPolicy: Always - # extra environment variables - env: - HTTP_HOST: "0.0.0.0" - # RENDERING_ARGS: --no-sandbox,--disable-gpu,--window-size=1280x758 - # RENDERING_MODE: clustered - # IGNORE_HTTPS_ERRORS: true - - ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated. - ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core - ## Renders in container spec as: - ## env: - ## ... - ## - name: - ## valueFrom: - ## - envValueFrom: {} - # ENV_NAME: - # configMapKeyRef: - # name: configmap-name - # key: value_key - - # image-renderer deployment serviceAccount - serviceAccountName: "" - # image-renderer deployment securityContext - securityContext: {} - # image-renderer deployment container securityContext - containerSecurityContext: - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ['ALL'] - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - ## image-renderer pod annotation - podAnnotations: {} - # image-renderer deployment Host Aliases - hostAliases: [] - # image-renderer deployment priority class - priorityClassName: '' - service: - # Enable the image-renderer service - enabled: true - # image-renderer service port name - portName: 'http' - # image-renderer service port used by both service and deployment - port: 8081 - targetPort: 8081 - # Adds the appProtocol field to the image-renderer service. This allows to work with istio protocol selection. Ex: "http" or "tcp" - appProtocol: "" - serviceMonitor: - ## If true, a ServiceMonitor CRD is created for a prometheus operator - ## https://github.com/coreos/prometheus-operator - ## - enabled: false - path: /metrics - # namespace: monitoring (defaults to use the namespace this chart is deployed to) - labels: {} - interval: 1m - scheme: http - tlsConfig: {} - scrapeTimeout: 30s - relabelings: [] - # See: https://doc.crds.dev/github.com/prometheus-operator/kube-prometheus/monitoring.coreos.com/ServiceMonitor/v1@v0.11.0#spec-targetLabels - targetLabels: [] - # - targetLabel1 - # - targetLabel2 - # If https is enabled in Grafana, this needs to be set as 'https' to correctly configure the callback used in Grafana - grafanaProtocol: http - # In case a sub_path is used this needs to be added to the image renderer callback - grafanaSubPath: "" - # name of the image-renderer port on the pod - podPortName: http - # number of image-renderer replica sets to keep - revisionHistoryLimit: 10 - networkPolicy: - # Enable a NetworkPolicy to limit inbound traffic to only the created grafana pods - limitIngress: true - # Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods - limitEgress: false - # Allow additional services to access image-renderer (eg. Prometheus operator when ServiceMonitor is enabled) - extraIngressSelectors: [] - resources: {} -# limits: -# cpu: 100m -# memory: 100Mi -# requests: -# cpu: 50m -# memory: 50Mi - ## Node labels for pod assignment - ## ref: https://kubernetes.io/docs/user-guide/node-selection/ - # - nodeSelector: {} - - ## Tolerations for pod assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - - ## Affinity for pod assignment (evaluated as template) - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## - affinity: {} - - ## Use an alternate scheduler, e.g. "stork". - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - # schedulerName: "default-scheduler" - -networkPolicy: - ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now. - ## - enabled: false - ## @param networkPolicy.allowExternal Don't require client label for connections - ## The Policy model to apply. When set to false, only pods with the correct - ## client label will have network access to grafana port defined. - ## When true, grafana will accept connections from any source - ## (with the correct destination port). - ## - ingress: true - ## @param networkPolicy.ingress When true enables the creation - ## an ingress network policy - ## - allowExternal: true - ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed - ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace - ## and that match other criteria, the ones that have the good label, can reach the grafana. - ## But sometimes, we want the grafana to be accessible to clients from other namespaces, in this case, we can use this - ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added. - ## - ## Example: - ## explicitNamespacesSelector: - ## matchLabels: - ## role: frontend - ## matchExpressions: - ## - {key: role, operator: In, values: [frontend]} - ## - explicitNamespacesSelector: {} - ## - ## - ## - ## - ## - ## - egress: - ## @param networkPolicy.egress.enabled When enabled, an egress network policy will be - ## created allowing grafana to connect to external data sources from kubernetes cluster. - enabled: false - ## - ## @param networkPolicy.egress.blockDNSResolution When enabled, DNS resolution will be blocked - ## for all pods in the grafana namespace. - blockDNSResolution: false - ## - ## @param networkPolicy.egress.ports Add individual ports to be allowed by the egress - ports: [] - ## Add ports to the egress by specifying - port: - ## E.X. - ## - port: 80 - ## - port: 443 - ## - ## @param networkPolicy.egress.to Allow egress traffic to specific destinations - to: [] - ## Add destinations to the egress by specifying - ipBlock: - ## E.X. - ## to: - ## - namespaceSelector: - ## matchExpressions: - ## - {key: role, operator: In, values: [grafana]} - ## - ## - ## - ## - ## - -# Enable backward compatibility of kubernetes where version below 1.13 doesn't have the enableServiceLinks option -enableKubeBackwardCompatibility: false -useStatefulSet: false -# Create a dynamic manifests via values: -extraObjects: [] - # - apiVersion: "kubernetes-client.io/v1" - # kind: ExternalSecret - # metadata: - # name: grafana-secrets - # spec: - # backendType: gcpSecretsManager - # data: - # - key: grafana-admin-password - # name: adminPassword - -# assertNoLeakedSecrets is a helper function defined in _helpers.tpl that checks if secret -# values are not exposed in the rendered grafana.ini configmap. It is enabled by default. -# -# To pass values into grafana.ini without exposing them in a configmap, use variable expansion: -# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion -# -# Alternatively, if you wish to allow secret values to be exposed in the rendered grafana.ini configmap, -# you can disable this check by setting assertNoLeakedSecrets to false. -assertNoLeakedSecrets: true diff --git a/composio/charts/temporal/charts/prometheus/.helmignore b/composio/charts/temporal/charts/prometheus/.helmignore deleted file mode 100644 index 825c007..0000000 --- a/composio/charts/temporal/charts/prometheus/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj - -OWNERS diff --git a/composio/charts/temporal/charts/prometheus/Chart.lock b/composio/charts/temporal/charts/prometheus/Chart.lock deleted file mode 100644 index 7b16879..0000000 --- a/composio/charts/temporal/charts/prometheus/Chart.lock +++ /dev/null @@ -1,15 +0,0 @@ -dependencies: -- name: alertmanager - repository: https://prometheus-community.github.io/helm-charts - version: 1.11.0 -- name: kube-state-metrics - repository: https://prometheus-community.github.io/helm-charts - version: 5.20.0 -- name: prometheus-node-exporter - repository: https://prometheus-community.github.io/helm-charts - version: 4.36.0 -- name: prometheus-pushgateway - repository: https://prometheus-community.github.io/helm-charts - version: 2.13.0 -digest: sha256:8f1387d60956c6fc6fcd6edf298de20e777d9ac44246c3fb1b8f6739155139b1 -generated: "2024-06-20T13:32:55.586733-04:00" diff --git a/composio/charts/temporal/charts/prometheus/Chart.yaml b/composio/charts/temporal/charts/prometheus/Chart.yaml deleted file mode 100644 index ca095b4..0000000 --- a/composio/charts/temporal/charts/prometheus/Chart.yaml +++ /dev/null @@ -1,53 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts - - name: Upstream Project - url: https://github.com/prometheus/prometheus -apiVersion: v2 -appVersion: v2.53.0 -dependencies: -- condition: alertmanager.enabled - name: alertmanager - repository: https://prometheus-community.github.io/helm-charts - version: 1.11.* -- condition: kube-state-metrics.enabled - name: kube-state-metrics - repository: https://prometheus-community.github.io/helm-charts - version: 5.20.* -- condition: prometheus-node-exporter.enabled - name: prometheus-node-exporter - repository: https://prometheus-community.github.io/helm-charts - version: 4.36.* -- condition: prometheus-pushgateway.enabled - name: prometheus-pushgateway - repository: https://prometheus-community.github.io/helm-charts - version: 2.13.* -description: Prometheus is a monitoring system and time series database. -home: https://prometheus.io/ -icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png -keywords: -- monitoring -- prometheus -kubeVersion: '>=1.19.0-0' -maintainers: -- email: gianrubio@gmail.com - name: gianrubio -- email: zanhsieh@gmail.com - name: zanhsieh -- email: miroslav.hadzhiev@gmail.com - name: Xtigyro -- email: naseem@transit.app - name: naseemkullah -- email: rootsandtrees@posteo.de - name: zeritti -name: prometheus -sources: -- https://github.com/prometheus/alertmanager -- https://github.com/prometheus/prometheus -- https://github.com/prometheus/pushgateway -- https://github.com/prometheus/node_exporter -- https://github.com/kubernetes/kube-state-metrics -type: application -version: 25.22.0 diff --git a/composio/charts/temporal/charts/prometheus/README.md b/composio/charts/temporal/charts/prometheus/README.md deleted file mode 100644 index 2cb744c..0000000 --- a/composio/charts/temporal/charts/prometheus/README.md +++ /dev/null @@ -1,382 +0,0 @@ -# Prometheus - -[Prometheus](https://prometheus.io/), a [Cloud Native Computing Foundation](https://cncf.io/) project, is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is observed to be true. - -This chart bootstraps a [Prometheus](https://prometheus.io/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Prerequisites - -- Kubernetes 1.19+ -- Helm 3.7+ - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [helm repository](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Install Chart - -Starting with version 16.0, the Prometheus chart requires Helm 3.7+ in order to install successfully. Please check your `helm` release before installation. - -```console -helm install [RELEASE_NAME] prometheus-community/prometheus -``` - -_See [configuration](#configuration) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Dependencies - -By default this chart installs additional, dependent charts: - -- [alertmanager](https://github.com/prometheus-community/helm-charts/tree/main/charts/alertmanager) -- [kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) -- [prometheus-node-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter) -- [prometheus-pushgateway](https://github.com/walker-tom/helm-charts/tree/main/charts/prometheus-pushgateway) - -To disable the dependency during installation, set `alertmanager.enabled`, `kube-state-metrics.enabled`, `prometheus-node-exporter.enabled` and `prometheus-pushgateway.enabled` to `false`. - -_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Updating values.schema.json - -A [`values.schema.json`](https://helm.sh/docs/topics/charts/#schema-files) file has been added to validate chart values. When `values.yaml` file has a structure change (i.e. add a new field, change value type, etc.), modify `values.schema.json` file manually or run `helm schema-gen values.yaml > values.schema.json` to ensure the schema is aligned with the latest values. Refer to [helm plugin `helm-schema-gen`](https://github.com/karuppiah7890/helm-schema-gen) for plugin installation instructions. - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] prometheus-community/prometheus --install -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### To 25.0 - -The `server.remoteRead[].url` and `server.remoteWrite[].url` fields now support templating. Allowing for `url` values such as `https://{{ .Release.Name }}.example.com`. - -Any entries in these which previously included `{{` or `}}` must be escaped with `{{ "{{" }}` and `{{ "}}" }}` respectively. Entries which did not previously include the template-like syntax will not be affected. - -### To 24.0 - -Require Kubernetes 1.19+ - -Release 1.0.0 of the _alertmanager_ replaced [configmap-reload](https://github.com/jimmidyson/configmap-reload) with [prometheus-config-reloader](https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader). -Extra command-line arguments specified via `configmapReload.prometheus.extraArgs` are not compatible and will break with the new prometheus-config-reloader. Please, refer to the [sources](https://github.com/prometheus-operator/prometheus-operator/blob/main/cmd/prometheus-config-reloader/main.go) in order to make the appropriate adjustment to the extra command-line arguments. - -### To 23.0 - -Release 5.0.0 of the _kube-state-metrics_ chart introduced a separation of the `image.repository` value in two distinct values: - -```console - image: - registry: registry.k8s.io - repository: kube-state-metrics/kube-state-metrics -``` - -If a custom values file or CLI flags set `kube-state.metrics.image.repository`, please, set the new values accordingly. - -If you are upgrading _prometheus-pushgateway_ with the chart and _prometheus-pushgateway_ has been deployed as a statefulset with a persistent volume, the statefulset must be deleted before upgrading the chart, e.g.: - -```bash -kubectl delete sts -l app.kubernetes.io/name=prometheus-pushgateway -n monitoring --cascade=orphan -``` - -Users are advised to review changes in the corresponding chart releases before upgrading. - -### To 22.0 - -The `app.kubernetes.io/version` label has been removed from the pod selector. - -Therefore, you must delete the previous StatefulSet or Deployment before upgrading. Performing this operation will cause **Prometheus to stop functioning** until the upgrade is complete. - -```console -kubectl delete deploy,sts -l app.kubernetes.io/name=prometheus -``` - -### To 21.0 - -The Kubernetes labels have been updated to follow [Helm 3 label and annotation best practices](https://helm.sh/docs/chart_best_practices/labels/). -Specifically, labels mapping is listed below: - -| OLD | NEW | -|--------------------|------------------------------| -|heritage | app.kubernetes.io/managed-by | -|chart | helm.sh/chart | -|[container version] | app.kubernetes.io/version | -|app | app.kubernetes.io/name | -|release | app.kubernetes.io/instance | - -Therefore, depending on the way you've configured the chart, the previous StatefulSet or Deployment need to be deleted before upgrade. - -If `runAsStatefulSet: false` (this is the default): - -```console -kubectl delete deploy -l app=prometheus -``` - -If `runAsStatefulSet: true`: - -```console -kubectl delete sts -l app=prometheus -``` - -After that do the actual upgrade: - -```console -helm upgrade -i prometheus prometheus-community/prometheus -``` - -### To 20.0 - -The [configmap-reload](https://github.com/jimmidyson/configmap-reload) container was replaced by the [prometheus-config-reloader](https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader). -Extra command-line arguments specified via configmapReload.prometheus.extraArgs are not compatible and will break with the new prometheus-config-reloader, refer to the [sources](https://github.com/prometheus-operator/prometheus-operator/blob/main/cmd/prometheus-config-reloader/main.go) in order to make the appropriate adjustment to the extra command-line arguments. - -### To 19.0 - -Prometheus has been updated to version v2.40.5. - -Prometheus-pushgateway was updated to version 2.0.0 which adapted [Helm label and annotation best practices](https://helm.sh/docs/chart_best_practices/labels/). -See the [upgrade docs of the prometheus-pushgateway chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-pushgateway#to-200) to see whats to do, before you upgrade Prometheus! - -The condition in Chart.yaml to disable kube-state-metrics has been changed from `kubeStateMetrics.enabled` to `kube-state-metrics.enabled` - -The Docker image tag is used from appVersion field in Chart.yaml by default. - -Unused subchart configs has been removed and subchart config is now on the bottom of the config file. - -If Prometheus is used as deployment the updatestrategy has been changed to "Recreate" by default, so Helm updates work out of the box. - -`.Values.server.extraTemplates` & `.Values.server.extraObjects` has been removed in favour of `.Values.extraManifests`, which can do the same. - -`.Values.server.enabled` has been removed as it's useless now that all components are created by subcharts. - -All files in `templates/server` directory has been moved to `templates` directory. - -```bash -helm upgrade [RELEASE_NAME] prometheus-community/prometheus --version 19.0.0 -``` - -### To 18.0 - -Version 18.0.0 uses alertmanager service from the [alertmanager chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/alertmanager). If you've made some config changes, please check the old `alertmanager` and the new `alertmanager` configuration section in values.yaml for differences. - -Note that the `configmapReload` section for `alertmanager` was moved out of dedicated section (`configmapReload.alertmanager`) to alertmanager embedded (`alertmanager.configmapReload`). - -Before you update, please scale down the `prometheus-server` deployment to `0` then perform upgrade: - -```bash -# In 17.x -kubectl scale deploy prometheus-server --replicas=0 -# Upgrade -helm upgrade [RELEASE_NAME] prometheus-community/prometheus --version 18.0.0 -``` - -### To 17.0 - -Version 17.0.0 uses pushgateway service from the [prometheus-pushgateway chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-pushgateway). If you've made some config changes, please check the old `pushgateway` and the new `prometheus-pushgateway` configuration section in values.yaml for differences. - -Before you update, please scale down the `prometheus-server` deployment to `0` then perform upgrade: - -```bash -# In 16.x -kubectl scale deploy prometheus-server --replicas=0 -# Upgrade -helm upgrade [RELEASE_NAME] prometheus-community/prometheus --version 17.0.0 -``` - -### To 16.0 - -Starting from version 16.0 embedded services (like alertmanager, node-exporter etc.) are moved out of Prometheus chart and the respecting charts from this repository are used as dependencies. Version 16.0.0 moves node-exporter service to [prometheus-node-exporter chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter). If you've made some config changes, please check the old `nodeExporter` and the new `prometheus-node-exporter` configuration section in values.yaml for differences. - -Before you update, please scale down the `prometheus-server` deployment to `0` then perform upgrade: - -```bash -# In 15.x -kubectl scale deploy prometheus-server --replicas=0 -# Upgrade -helm upgrade [RELEASE_NAME] prometheus-community/prometheus --version 16.0.0 -``` - -### To 15.0 - -Version 15.0.0 changes the relabeling config, aligning it with the [Prometheus community conventions](https://github.com/prometheus/prometheus/pull/9832). If you've made manual changes to the relabeling config, you have to adapt your changes. - -Before you update please execute the following command, to be able to update kube-state-metrics: - -```bash -kubectl delete deployments.apps -l app.kubernetes.io/instance=prometheus,app.kubernetes.io/name=kube-state-metrics --cascade=orphan -``` - -### To 9.0 - -Version 9.0 adds a new option to enable or disable the Prometheus Server. This supports the use case of running a Prometheus server in one k8s cluster and scraping exporters in another cluster while using the same chart for each deployment. To install the server `server.enabled` must be set to `true`. - -### To 5.0 - -As of version 5.0, this chart uses Prometheus 2.x. This version of prometheus introduces a new data format and is not compatible with prometheus 1.x. It is recommended to install this as a new release, as updating existing releases will not work. See the [prometheus docs](https://prometheus.io/docs/prometheus/latest/migration/#storage) for instructions on retaining your old data. - -Prometheus version 2.x has made changes to alertmanager, storage and recording rules. Check out the migration guide [here](https://prometheus.io/docs/prometheus/2.0/migration/). - -Users of this chart will need to update their alerting rules to the new format before they can upgrade. - -### Example Migration - -Assuming you have an existing release of the prometheus chart, named `prometheus-old`. In order to update to prometheus 2.x while keeping your old data do the following: - -1. Update the `prometheus-old` release. Disable scraping on every component besides the prometheus server, similar to the configuration below: - - ```yaml - alertmanager: - enabled: false - alertmanagerFiles: - alertmanager.yml: "" - kubeStateMetrics: - enabled: false - nodeExporter: - enabled: false - pushgateway: - enabled: false - server: - extraArgs: - storage.local.retention: 720h - serverFiles: - alerts: "" - prometheus.yml: "" - rules: "" - ``` - -1. Deploy a new release of the chart with version 5.0+ using prometheus 2.x. In the values.yaml set the scrape config as usual, and also add the `prometheus-old` instance as a remote-read target. - - ```yaml - prometheus.yml: - ... - remote_read: - - url: http://prometheus-old/api/v1/read - ... - ``` - - Old data will be available when you query the new prometheus instance. - -## Configuration - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: - -```console -helm show values prometheus-community/prometheus -``` - -You may similarly use the above configuration commands on each chart [dependency](#dependencies) to see its configurations. - -### Scraping Pod Metrics via Annotations - -This chart uses a default configuration that causes prometheus to scrape a variety of kubernetes resource types, provided they have the correct annotations. In this section we describe how to configure pods to be scraped; for information on how other resource types can be scraped you can do a `helm template` to get the kubernetes resource definitions, and then reference the prometheus configuration in the ConfigMap against the prometheus documentation for [relabel_config](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) and [kubernetes_sd_config](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config). - -In order to get prometheus to scrape pods, you must add annotations to the pods as below: - -```yaml -metadata: - annotations: - prometheus.io/scrape: "true" - prometheus.io/path: /metrics - prometheus.io/port: "8080" -``` - -You should adjust `prometheus.io/path` based on the URL that your pod serves metrics from. `prometheus.io/port` should be set to the port that your pod serves metrics from. Note that the values for `prometheus.io/scrape` and `prometheus.io/port` must be enclosed in double quotes. - -### Sharing Alerts Between Services - -Note that when [installing](#install-chart) or [upgrading](#upgrading-chart) you may use multiple values override files. This is particularly useful when you have alerts belonging to multiple services in the cluster. For example, - -```yaml -# values.yaml -# ... - -# service1-alert.yaml -serverFiles: - alerts: - service1: - - alert: anAlert - # ... - -# service2-alert.yaml -serverFiles: - alerts: - service2: - - alert: anAlert - # ... -``` - -```console -helm install [RELEASE_NAME] prometheus-community/prometheus -f values.yaml -f service1-alert.yaml -f service2-alert.yaml -``` - -### RBAC Configuration - -Roles and RoleBindings resources will be created automatically for `server` service. - -To manually setup RBAC you need to set the parameter `rbac.create=false` and specify the service account to be used for each service by setting the parameters: `serviceAccounts.{{ component }}.create` to `false` and `serviceAccounts.{{ component }}.name` to the name of a pre-existing service account. - -> **Tip**: You can refer to the default `*-clusterrole.yaml` and `*-clusterrolebinding.yaml` files in [templates](templates/) to customize your own. - -### ConfigMap Files - -AlertManager is configured through [alertmanager.yml](https://prometheus.io/docs/alerting/configuration/). This file (and any others listed in `alertmanagerFiles`) will be mounted into the `alertmanager` pod. - -Prometheus is configured through [prometheus.yml](https://prometheus.io/docs/operating/configuration/). This file (and any others listed in `serverFiles`) will be mounted into the `server` pod. - -### Ingress TLS - -If your cluster allows automatic creation/retrieval of TLS certificates (e.g. [cert-manager](https://github.com/jetstack/cert-manager)), please refer to the documentation for that mechanism. - -To manually configure TLS, first create/retrieve a key & certificate pair for the address(es) you wish to protect. Then create a TLS secret in the namespace: - -```console -kubectl create secret tls prometheus-server-tls --cert=path/to/tls.cert --key=path/to/tls.key -``` - -Include the secret's name, along with the desired hostnames, in the alertmanager/server Ingress TLS section of your custom `values.yaml` file: - -```yaml -server: - ingress: - ## If true, Prometheus server Ingress will be created - ## - enabled: true - - ## Prometheus server Ingress hostnames - ## Must be provided if Ingress is enabled - ## - hosts: - - prometheus.domain.com - - ## Prometheus server Ingress TLS configuration - ## Secrets must be manually created in the namespace - ## - tls: - - secretName: prometheus-server-tls - hosts: - - prometheus.domain.com -``` - -### NetworkPolicy - -Enabling Network Policy for Prometheus will secure connections to Alert Manager and Kube State Metrics by only accepting connections from Prometheus Server. All inbound connections to Prometheus Server are still allowed. - -To enable network policy for Prometheus, install a networking plugin that implements the Kubernetes NetworkPolicy spec, and set `networkPolicy.enabled` to true. - -If NetworkPolicy is enabled for Prometheus' scrape targets, you may also need to manually create a networkpolicy which allows it. diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/.helmignore b/composio/charts/temporal/charts/prometheus/charts/alertmanager/.helmignore deleted file mode 100644 index 7653e97..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ - -unittests/ diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/Chart.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/Chart.yaml deleted file mode 100644 index dbdb2ae..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts -apiVersion: v2 -appVersion: v0.27.0 -description: The Alertmanager handles alerts sent by client applications such as the - Prometheus server. -home: https://prometheus.io/ -icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png -keywords: -- monitoring -kubeVersion: '>=1.19.0-0' -maintainers: -- email: monotek23@gmail.com - name: monotek -- email: naseem@transit.app - name: naseemkullah -name: alertmanager -sources: -- https://github.com/prometheus/alertmanager -type: application -version: 1.11.0 diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/README.md b/composio/charts/temporal/charts/prometheus/charts/alertmanager/README.md deleted file mode 100644 index d3f4df7..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/README.md +++ /dev/null @@ -1,62 +0,0 @@ -# Alertmanager - -As per [prometheus.io documentation](https://prometheus.io/docs/alerting/latest/alertmanager/): -> The Alertmanager handles alerts sent by client applications such as the -> Prometheus server. It takes care of deduplicating, grouping, and routing them -> to the correct receiver integration such as email, PagerDuty, or OpsGenie. It -> also takes care of silencing and inhibition of alerts. - -## Prerequisites - -Kubernetes 1.14+ - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Install Chart - -```console -helm install [RELEASE_NAME] prometheus-community/alertmanager -``` - -_See [configuration](#configuration) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] [CHART] --install -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### To 1.0 - -The [configmap-reload](https://github.com/jimmidyson/configmap-reload) container was replaced by the [prometheus-config-reloader](https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader). -Extra command-line arguments specified via configmapReload.prometheus.extraArgs are not compatible and will break with the new prometheus-config-reloader, refer to the [sources](https://github.com/prometheus-operator/prometheus-operator/blob/main/cmd/prometheus-config-reloader/main.go) in order to make the appropriate adjustment to the extea command-line arguments. -The `networking.k8s.io/v1beta1` is no longer supported. use [`networking.k8s.io/v1`](https://kubernetes.io/docs/reference/using-api/deprecation-guide/#ingressclass-v122). - -## Configuration - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: - -```console -helm show values prometheus-community/alertmanager -``` diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/ci/config-reload-values.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/ci/config-reload-values.yaml deleted file mode 100644 index cba5de8..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/ci/config-reload-values.yaml +++ /dev/null @@ -1,2 +0,0 @@ -configmapReload: - enabled: true diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/NOTES.txt b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/NOTES.txt deleted file mode 100644 index 46ea5be..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/NOTES.txt +++ /dev/null @@ -1,21 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "alertmanager.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "alertmanager.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "alertmanager.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ include "alertmanager.namespace" . }} svc -w {{ include "alertmanager.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "alertmanager.namespace" . }} {{ include "alertmanager.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "alertmanager.namespace" . }} -l "app.kubernetes.io/name={{ include "alertmanager.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:{{ .Values.service.port }} to use your application" - kubectl --namespace {{ include "alertmanager.namespace" . }} port-forward $POD_NAME {{ .Values.service.port }}:80 -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/_helpers.tpl b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/_helpers.tpl deleted file mode 100644 index 827b6ee..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/_helpers.tpl +++ /dev/null @@ -1,92 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "alertmanager.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "alertmanager.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "alertmanager.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "alertmanager.labels" -}} -helm.sh/chart: {{ include "alertmanager.chart" . }} -{{ include "alertmanager.selectorLabels" . }} -{{- with .Chart.AppVersion }} -app.kubernetes.io/version: {{ . | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "alertmanager.selectorLabels" -}} -app.kubernetes.io/name: {{ include "alertmanager.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "alertmanager.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "alertmanager.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Define Ingress apiVersion -*/}} -{{- define "alertmanager.ingress.apiVersion" -}} -{{- printf "networking.k8s.io/v1" }} -{{- end }} - -{{/* -Define Pdb apiVersion -*/}} -{{- define "alertmanager.pdb.apiVersion" -}} -{{- if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} -{{- printf "policy/v1" }} -{{- else }} -{{- printf "policy/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Allow overriding alertmanager namespace -*/}} -{{- define "alertmanager.namespace" -}} -{{- if .Values.namespaceOverride -}} -{{- .Values.namespaceOverride -}} -{{- else -}} -{{- .Release.Namespace -}} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/configmap.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/configmap.yaml deleted file mode 100644 index 9e5882d..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.config.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "alertmanager.fullname" . }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.configAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -data: - alertmanager.yml: | - {{- $config := omit .Values.config "enabled" }} - {{- toYaml $config | default "{}" | nindent 4 }} - {{- range $key, $value := .Values.templates }} - {{ $key }}: |- - {{- $value | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingress.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingress.yaml deleted file mode 100644 index e729a8a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingress.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.ingress.enabled }} -{{- $fullName := include "alertmanager.fullname" . }} -{{- $svcPort := .Values.service.port }} -apiVersion: {{ include "alertmanager.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - pathType: {{ .pathType }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingressperreplica.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingressperreplica.yaml deleted file mode 100644 index 6f5a023..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/ingressperreplica.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- if and .Values.servicePerReplica.enabled .Values.ingressPerReplica.enabled }} -{{- $pathType := .Values.ingressPerReplica.pathType }} -{{- $count := .Values.replicaCount | int -}} -{{- $servicePort := .Values.service.port -}} -{{- $ingressValues := .Values.ingressPerReplica -}} -{{- $fullName := include "alertmanager.fullname" . }} -apiVersion: v1 -kind: List -metadata: - name: {{ $fullName }}-ingressperreplica - namespace: {{ include "alertmanager.namespace" . }} -items: -{{- range $i, $e := until $count }} - - kind: Ingress - apiVersion: {{ include "alertmanager.ingress.apiVersion" $ }} - metadata: - name: {{ $fullName }}-{{ $i }} - namespace: {{ include "alertmanager.namespace" $ }} - labels: - {{- include "alertmanager.labels" $ | nindent 8 }} - {{- if $ingressValues.labels }} -{{ toYaml $ingressValues.labels | indent 8 }} - {{- end }} - {{- if $ingressValues.annotations }} - annotations: -{{ toYaml $ingressValues.annotations | indent 8 }} - {{- end }} - spec: - {{- if $ingressValues.className }} - ingressClassName: {{ $ingressValues.className }} - {{- end }} - rules: - - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }} - http: - paths: - {{- range $p := $ingressValues.paths }} - - path: {{ tpl $p $ }} - pathType: {{ $pathType }} - backend: - service: - name: {{ $fullName }}-{{ $i }} - port: - name: http - {{- end -}} - {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }} - tls: - - hosts: - - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }} - {{- if $ingressValues.tlsSecretPerReplica.enabled }} - secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }} - {{- else }} - secretName: {{ $ingressValues.tlsSecretName }} - {{- end }} - {{- end }} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/pdb.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/pdb.yaml deleted file mode 100644 index 103e9ec..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/pdb.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.podDisruptionBudget }} -apiVersion: {{ include "alertmanager.pdb.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "alertmanager.fullname" . }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - selector: - matchLabels: - {{- include "alertmanager.selectorLabels" . | nindent 6 }} - {{- toYaml .Values.podDisruptionBudget | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceaccount.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceaccount.yaml deleted file mode 100644 index bc9ccaa..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceaccount.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "alertmanager.serviceAccountName" . }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceperreplica.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceperreplica.yaml deleted file mode 100644 index faa75b3..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/serviceperreplica.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if and .Values.servicePerReplica.enabled }} -{{- $count := .Values.replicaCount | int -}} -{{- $serviceValues := .Values.servicePerReplica -}} -apiVersion: v1 -kind: List -metadata: - name: {{ include "alertmanager.fullname" . }}-serviceperreplica - namespace: {{ include "alertmanager.namespace" . }} -items: -{{- range $i, $e := until $count }} - - apiVersion: v1 - kind: Service - metadata: - name: {{ include "alertmanager.fullname" $ }}-{{ $i }} - namespace: {{ include "alertmanager.namespace" $ }} - labels: - {{- include "alertmanager.labels" $ | nindent 8 }} - {{- if $serviceValues.annotations }} - annotations: -{{ toYaml $serviceValues.annotations | indent 8 }} - {{- end }} - spec: - {{- if $serviceValues.clusterIP }} - clusterIP: {{ $serviceValues.clusterIP }} - {{- end }} - {{- if $serviceValues.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := $serviceValues.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} - {{- end }} - {{- if ne $serviceValues.type "ClusterIP" }} - externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }} - {{- end }} - ports: - - name: http - port: {{ $.Values.service.port }} - targetPort: http - selector: - {{- include "alertmanager.selectorLabels" $ | nindent 8 }} - statefulset.kubernetes.io/pod-name: {{ include "alertmanager.fullname" $ }}-{{ $i }} - type: "{{ $serviceValues.type }}" -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/services.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/services.yaml deleted file mode 100644 index eefb9ce..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/services.yaml +++ /dev/null @@ -1,75 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "alertmanager.fullname" . }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - {{- if .Values.service.ipDualStack.enabled }} - ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} - ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} - {{- end }} - type: {{ .Values.service.type }} - {{- with .Values.service.loadBalancerIP }} - loadBalancerIP: {{ . }} - {{- end }} - {{- with .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := . }} - - {{ $cidr }} - {{- end }} - {{- end }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if (and (eq .Values.service.type "NodePort") .Values.service.nodePort) }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - {{- with .Values.service.extraPorts }} - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - {{- include "alertmanager.selectorLabels" . | nindent 4 }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "alertmanager.fullname" . }}-headless - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - clusterIP: None - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if or (gt (int .Values.replicaCount) 1) (.Values.additionalPeers) }} - - port: {{ .Values.service.clusterPort }} - targetPort: clusterpeer-tcp - protocol: TCP - name: cluster-tcp - - port: {{ .Values.service.clusterPort }} - targetPort: clusterpeer-udp - protocol: UDP - name: cluster-udp - {{- end }} - {{- with .Values.service.extraPorts }} - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - {{- include "alertmanager.selectorLabels" . | nindent 4 }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/statefulset.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/statefulset.yaml deleted file mode 100644 index 2bdafc8..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/statefulset.yaml +++ /dev/null @@ -1,251 +0,0 @@ -{{- $svcClusterPort := .Values.service.clusterPort }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "alertmanager.fullname" . }} - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.statefulSet.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - replicas: {{ .Values.replicaCount }} - minReadySeconds: {{ .Values.minReadySeconds }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "alertmanager.selectorLabels" . | nindent 6 }} - serviceName: {{ include "alertmanager.fullname" . }}-headless - template: - metadata: - labels: - {{- include "alertmanager.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - annotations: - {{- if not .Values.configmapReload.enabled }} - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - {{- end }} - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "alertmanager.serviceAccountName" . }} - {{- with .Values.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.hostAliases }} - hostAliases: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.schedulerName }} - schedulerName: {{ . }} - {{- end }} - {{- if or .Values.podAntiAffinity .Values.affinity }} - affinity: - {{- end }} - {{- with .Values.affinity }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if eq .Values.podAntiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: {{ .Values.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ include "alertmanager.name" . }}]} - {{- else if eq .Values.podAntiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: {{ .Values.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ include "alertmanager.name" . }}]} - {{- end }} - {{- with .Values.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} - {{- with .Values.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - {{- with .Values.extraInitContainers }} - initContainers: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - {{- if .Values.configmapReload.enabled }} - - name: {{ .Chart.Name }}-{{ .Values.configmapReload.name }} - image: "{{ .Values.configmapReload.image.repository }}:{{ .Values.configmapReload.image.tag }}" - imagePullPolicy: "{{ .Values.configmapReload.image.pullPolicy }}" - {{- with .Values.configmapReload.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - args: - {{- if and (hasKey .Values.configmapReload.extraArgs "config-file" | not) (hasKey .Values.configmapReload.extraArgs "watched-dir" | not) }} - - --watched-dir=/etc/alertmanager - {{- end }} - {{- if not (hasKey .Values.configmapReload.extraArgs "reload-url") }} - - --reload-url=http://127.0.0.1:9093/-/reload - {{- end }} - {{- range $key, $value := .Values.configmapReload.extraArgs }} - - --{{ $key }}={{ $value }} - {{- end }} - resources: - {{- toYaml .Values.configmapReload.resources | nindent 12 }} - {{- with .Values.configmapReload.containerPort }} - ports: - - containerPort: {{ . }} - {{- end }} - {{- with .Values.configmapReload.securityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: config - mountPath: /etc/alertmanager - {{- if .Values.configmapReload.extraVolumeMounts }} - {{- toYaml .Values.configmapReload.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- end }} - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 12 }} - {{- end }} - {{- with .Values.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - args: - - --storage.path=/alertmanager - {{- if not (hasKey .Values.extraArgs "config.file") }} - - --config.file=/etc/alertmanager/alertmanager.yml - {{- end }} - {{- if or (gt (int .Values.replicaCount) 1) (.Values.additionalPeers) }} - - --cluster.advertise-address=[$(POD_IP)]:{{ $svcClusterPort }} - - --cluster.listen-address=0.0.0.0:{{ $svcClusterPort }} - {{- end }} - {{- if gt (int .Values.replicaCount) 1}} - {{- $fullName := include "alertmanager.fullname" . }} - {{- range $i := until (int .Values.replicaCount) }} - - --cluster.peer={{ $fullName }}-{{ $i }}.{{ $fullName }}-headless:{{ $svcClusterPort }} - {{- end }} - {{- end }} - {{- if .Values.additionalPeers }} - {{- range $item := .Values.additionalPeers }} - - --cluster.peer={{ $item }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.extraArgs }} - - --{{ $key }}={{ $value }} - {{- end }} - {{- if .Values.baseURL }} - - --web.external-url={{ .Values.baseURL }} - {{- end }} - ports: - - name: http - containerPort: 9093 - protocol: TCP - {{- if or (gt (int .Values.replicaCount) 1) (.Values.additionalPeers) }} - - name: clusterpeer-tcp - containerPort: {{ $svcClusterPort }} - protocol: TCP - - name: clusterpeer-udp - containerPort: {{ $svcClusterPort }} - protocol: UDP - {{- end }} - livenessProbe: - {{- toYaml .Values.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml .Values.readinessProbe | nindent 12 }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - {{- if .Values.config.enabled }} - - name: config - mountPath: /etc/alertmanager - {{- end }} - {{- range .Values.extraSecretMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - - name: storage - mountPath: /alertmanager - {{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- with .Values.extraContainers }} - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - {{- if .Values.config.enabled }} - - name: config - configMap: - name: {{ include "alertmanager.fullname" . }} - {{- end }} - {{- range .Values.extraSecretMounts }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - {{- with .optional }} - optional: {{ . }} - {{- end }} - {{- end }} - {{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 8 }} - {{- end }} - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: storage - spec: - accessModes: - {{- toYaml .Values.persistence.accessModes | nindent 10 }} - resources: - requests: - storage: {{ .Values.persistence.size }} - {{- if .Values.persistence.storageClass }} - {{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: {{ .Values.persistence.storageClass }} - {{- end }} - {{- end }} - {{- else }} - - name: storage - emptyDir: {} - {{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/tests/test-connection.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/tests/test-connection.yaml deleted file mode 100644 index 410eba5..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/templates/tests/test-connection.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.testFramework.enabled }} -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "alertmanager.fullname" . }}-test-connection" - labels: - {{- include "alertmanager.labels" . | nindent 4 }} - {{- with .Values.testFramework.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - namespace: {{ include "alertmanager.namespace" . }} -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "alertmanager.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.schema.json b/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.schema.json deleted file mode 100644 index 48c6e9a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.schema.json +++ /dev/null @@ -1,923 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema", - "title": "alertmanager", - "description": "The Alertmanager handles alerts sent by client applications such as the Prometheus server.", - "type": "object", - "required": [ - "replicaCount", - "image", - "serviceAccount", - "service", - "persistence", - "config" - ], - "definitions": { - "image": { - "description": "Container image parameters.", - "type": "object", - "required": ["repository"], - "additionalProperties": false, - "properties": { - "repository": { - "description": "Image repository. Path to the image with registry(quay.io) or without(prometheus/alertmanager) for docker.io.", - "type": "string" - }, - "pullPolicy": { - "description": "Image pull policy. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.", - "type": "string", - "enum": [ - "Never", - "IfNotPresent", - "Always" - ], - "default": "IfNotPresent" - }, - "tag": { - "description": "Use chart appVersion by default.", - "type": "string", - "default": "" - } - } - }, - "resources": { - "description": "Resource limits and requests for the Container.", - "type": "object", - "properties": { - "limits": { - "description": "Resource limits for the Container.", - "type": "object", - "properties": { - "cpu": { - "description": "CPU request for the Container.", - "type": "string" - }, - "memory": { - "description": "Memory request for the Container.", - "type": "string" - } - } - }, - "requests": { - "description": "Resource requests for the Container.", - "type": "object", - "properties": { - "cpu": { - "description": "CPU request for the Container.", - "type": "string" - }, - "memory": { - "description": "Memory request for the Container.", - "type": "string" - } - } - } - } - }, - "securityContext": { - "description": "Security context for the container.", - "type": "object", - "properties": { - "capabilities": { - "description": "Specifies the capabilities to be dropped by the container.", - "type": "object", - "properties": { - "drop": { - "description": "List of capabilities to be dropped.", - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "readOnlyRootFilesystem": { - "description": "Specifies whether the root file system should be mounted as read-only.", - "type": "boolean" - }, - "runAsUser": { - "description": "Specifies the UID (User ID) to run the container as.", - "type": "integer" - }, - "runAsNonRoot": { - "description": "Specifies whether to run the container as a non-root user.", - "type": "boolean" - }, - "runAsGroup": { - "description": "Specifies the GID (Group ID) to run the container as.", - "type": "integer" - } - } - }, - "volumeMounts": { - "description": "List of volume mounts for the Container.", - "type": "array", - "items": { - "description": "Volume mounts for the Container.", - "type": "object", - "required": ["name", "mountPath"], - "properties": { - "name": { - "description": "The name of the volume to mount.", - "type": "string" - }, - "mountPath": { - "description": "The mount path for the volume.", - "type": "string" - }, - "readOnly": { - "description": "Specifies if the volume should be mounted in read-only mode.", - "type": "boolean" - } - } - } - }, - "env": { - "description": "List of environment variables for the Container.", - "type": "array", - "items": { - "description": "Environment variables for the Container.", - "type": "object", - "required": ["name"], - "properties": { - "name": { - "description": "The name of the environment variable.", - "type": "string" - }, - "value": { - "description": "The value of the environment variable.", - "type": "string" - } - } - } - }, - "config": { - "description": "https://prometheus.io/docs/alerting/latest/configuration/", - "duration": { - "type": "string", - "pattern": "^((([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?|0)$" - }, - "labelname": { - "type": "string", - "pattern": "^[a-zA-Z_][a-zA-Z0-9_]*$|^...$" - }, - "route": { - "description": "Alert routing configuration.", - "type": "object", - "properties": { - "receiver": { - "description": "The default receiver to send alerts to.", - "type": "string" - }, - "group_by": { - "description": "The labels by which incoming alerts are grouped together.", - "type": "array", - "items": { - "type": "string", - "$ref": "#/definitions/config/labelname" - } - }, - "continue": { - "description": "Whether an alert should continue matching subsequent sibling nodes.", - "type": "boolean", - "default": false - }, - "matchers": { - "description": "A list of matchers that an alert has to fulfill to match the node.", - "type": "array", - "items": { - "type": "string" - } - }, - "group_wait": { - "description": "How long to initially wait to send a notification for a group of alerts.", - "$ref": "#/definitions/config/duration" - }, - "group_interval": { - "description": "How long to wait before sending a notification about new alerts that are added to a group of alerts for which an initial notification has already been sent.", - "$ref": "#/definitions/config/duration" - }, - "repeat_interval": { - "description": "How long to wait before sending a notification again if it has already been sent successfully for an alert.", - "$ref": "#/definitions/config/duration" - }, - "mute_time_intervals": { - "description": "Times when the route should be muted.", - "type": "array", - "items": { - "type": "string" - } - }, - "active_time_intervals": { - "description": "Times when the route should be active.", - "type": "array", - "items": { - "type": "string" - } - }, - "routes": { - "description": "Zero or more child routes.", - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/config/route" - } - } - } - } - } - }, - "properties": { - "replicaCount": { - "description": "Number of desired pods.", - "type": "integer", - "default": 1, - "minimum": 0 - }, - "image": { - "description": "Container image parameters.", - "$ref": "#/definitions/image" - }, - "baseURL": { - "description": "External URL where alertmanager is reachable.", - "type": "string", - "default": "", - "examples": [ - "https://alertmanager.example.com" - ] - }, - "extraArgs": { - "description": "Additional alertmanager container arguments. Use args without '--', only 'key: value' syntax.", - "type": "object", - "default": {} - }, - "extraSecretMounts": { - "description": "Additional Alertmanager Secret mounts.", - "type": "array", - "default": [], - "items": { - "type": "object", - "required": ["name", "mountPath", "secretName"], - "properties": { - "name": { - "type": "string" - }, - "mountPath": { - "type": "string" - }, - "subPath": { - "type": "string", - "default": "" - }, - "secretName": { - "type": "string" - }, - "readOnly": { - "type": "boolean", - "default": false - } - } - } - }, - "imagePullSecrets": { - "description": "The property allows you to configure multiple image pull secrets.", - "type": "array", - "default": [], - "items": { - "type": "object", - "required": ["name"], - "properties": { - "name": { - "description": "Specifies the Secret name of the image pull secret.", - "type": "string" - } - } - } - }, - "nameOverride": { - "description": "Override value for the name of the Helm chart.", - "type": "string", - "default": "" - }, - "fullnameOverride": { - "description": "Override value for the fully qualified app name.", - "type": "string", - "default": "" - }, - "namespaceOverride": { - "description": "Override deployment namespace.", - "type": "string", - "default": "" - }, - "automountServiceAccountToken": { - "description": "Specifies whether to automatically mount the ServiceAccount token into the Pod's filesystem.", - "type": "boolean", - "default": true - }, - "serviceAccount": { - "description": "Contains properties related to the service account configuration.", - "type": "object", - "required": ["create"], - "properties": { - "create": { - "description": "Specifies whether a service account should be created.", - "type": "boolean", - "default": true - }, - "annotations": { - "description": "Annotations to add to the service account.", - "type": "object", - "default": {} - }, - "name": { - "description": "The name of the service account to use. If not set and create is true, a name is generated using the fullname template.", - "type": "string", - "default": "" - } - } - }, - "schedulerName": { - "description": "Sets the schedulerName in the alertmanager pod.", - "type": "string", - "default": "" - }, - "priorityClassName": { - "description": "Sets the priorityClassName in the alertmanager pod.", - "type": "string", - "default": "" - }, - "podSecurityContext": { - "description": "Pod security context configuration.", - "type": "object", - "properties": { - "fsGroup": { - "description": "The fsGroup value for the pod's security context.", - "type": "integer", - "default": 65534 - }, - "runAsUser": { - "description": "The UID to run the pod's containers as.", - "type": "integer" - }, - "runAsGroup": { - "description": "The GID to run the pod's containers as.", - "type": "integer" - } - } - }, - "dnsConfig": { - "description": "DNS configuration for the pod.", - "type": "object", - "properties": { - "nameservers": { - "description": "List of DNS server IP addresses.", - "type": "array", - "items": { - "type": "string" - } - }, - "searches": { - "description": "List of DNS search domains.", - "type": "array", - "items": { - "type": "string" - } - }, - "options": { - "description": "List of DNS options.", - "type": "array", - "items": { - "description": "DNS options.", - "type": "object", - "required": ["name"], - "properties": { - "name": { - "description": "The name of the DNS option.", - "type": "string" - }, - "value": { - "description": "The value of the DNS option.", - "type": "string" - } - } - } - } - } - }, - "hostAliases": { - "description": "List of host aliases.", - "type": "array", - "items": { - "description": "Host aliases configuration.", - "type": "object", - "required": ["ip", "hostnames"], - "properties": { - "ip": { - "description": "IP address associated with the host alias.", - "type": "string" - }, - "hostnames": { - "description": "List of hostnames associated with the IP address.", - "type": "array", - "items": { - "type": "string" - } - } - } - } - }, - "securityContext": { - "description": "Security context for the container.", - "$ref": "#/definitions/securityContext" - }, - "additionalPeers": { - "description": "Additional peers for a alertmanager.", - "type": "array", - "items": { - "type": "string" - } - }, - "extraInitContainers": { - "description": "Additional InitContainers to initialize the pod.", - "type": "array", - "default": [], - "items": { - "required": ["name", "image"], - "properties": { - "name": { - "description": "The name of the InitContainer.", - "type": "string" - }, - "image": { - "description": "The container image to use for the InitContainer.", - "type": "string" - }, - "pullPolicy": { - "description": "Image pull policy. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.", - "type": "string", - "enum": [ - "Never", - "IfNotPresent", - "Always" - ], - "default": "IfNotPresent" - }, - "command": { - "description": "The command to run in the InitContainer.", - "type": "array", - "items": { - "type": "string" - } - }, - "args": { - "description": "Additional command arguments for the InitContainer.", - "type": "array", - "items": { - "type": "string" - } - }, - "ports": { - "description": "List of ports to expose from the container.", - "type": "array", - "items": { - "type": "object" - } - }, - "env": { - "description": "List of environment variables for the InitContainer.", - "$ref": "#/definitions/env" - }, - "envFrom": { - "description": "List of sources to populate environment variables in the container.", - "type": "array", - "items": { - "type": "object" - } - }, - "volumeMounts": { - "description": "List of volume mounts for the InitContainer.", - "$ref": "#/definitions/volumeMounts" - }, - "resources": { - "description": "Resource requirements for the InitContainer.", - "$ref": "#/definitions/resources" - }, - "securityContext": { - "$ref": "#/definitions/securityContext", - "description": "The security context for the InitContainer." - } - } - } - }, - "extraContainers": { - "description": "Additional containers to add to the stateful set.", - "type": "array", - "default": [], - "items": { - "required": ["name", "image"], - "properties": { - "name": { - "description": "The name of the InitContainer.", - "type": "string" - }, - "image": { - "description": "The container image to use for the InitContainer.", - "type": "string" - }, - "pullPolicy": { - "description": "Image pull policy. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.", - "type": "string", - "enum": [ - "Never", - "IfNotPresent", - "Always" - ], - "default": "IfNotPresent" - }, - "command": { - "description": "The command to run in the InitContainer.", - "type": "array", - "items": { - "type": "string" - } - }, - "args": { - "description": "Additional command arguments for the InitContainer.", - "type": "array", - "items": { - "type": "string" - } - }, - "ports": { - "description": "List of ports to expose from the container.", - "type": "array", - "items": { - "type": "object" - } - }, - "env": { - "description": "List of environment variables for the InitContainer.", - "$ref": "#/definitions/env" - }, - "envFrom": { - "description": "List of sources to populate environment variables in the container.", - "type": "array", - "items": { - "type": "object" - } - }, - "volumeMounts": { - "description": "List of volume mounts for the InitContainer.", - "$ref": "#/definitions/volumeMounts" - }, - "resources": { - "description": "Resource requirements for the InitContainer.", - "$ref": "#/definitions/resources" - }, - "securityContext": { - "$ref": "#/definitions/securityContext", - "description": "The security context for the InitContainer." - } - } - } - }, - "resources": { - "description": "Resource limits and requests for the pod.", - "$ref": "#/definitions/resources" - }, - "livenessProbe": { - "description": "Liveness probe configuration.", - "type": "object" - }, - "readinessProbe": { - "description": "Readiness probe configuration.", - "type": "object" - }, - "service": { - "description": "Service configuration.", - "type": "object", - "required": ["type", "port"], - "properties": { - "annotations": { - "description": "Annotations to add to the service.", - "type": "object" - }, - "type": { - "description": "Service type.", - "type": "string" - }, - "port": { - "description": "Port number for the service.", - "type": "integer" - }, - "clusterPort": { - "description": "Port number for the cluster.", - "type": "integer" - }, - "loadBalancerIP": { - "description": "External IP to assign when the service type is LoadBalancer.", - "type": "string" - }, - "loadBalancerSourceRanges": { - "description": "IP ranges to allow access to the loadBalancerIP.", - "type": "array", - "items": { - "type": "string" - } - }, - "nodePort": { - "description": "Specific nodePort to force when service type is NodePort.", - "type": "integer" - } - } - }, - "ingress": { - "description": "Ingress configuration.", - "type": "object", - "properties": { - "enabled": { - "description": "Indicates if Ingress is enabled.", - "type": "boolean" - }, - "className": { - "description": "Ingress class name.", - "type": "string" - }, - "annotations": { - "description": "Annotations to add to the Ingress.", - "type": "object" - }, - "hosts": { - "description": "Host and path configuration for the Ingress.", - "type": "array", - "items": { - "type": "object", - "properties": { - "host": { - "description": "Host name for the Ingress.", - "type": "string" - }, - "paths": { - "description": "Path configuration for the Ingress.", - "type": "array", - "items": { - "type": "object", - "properties": { - "path": { - "description": "Path for the Ingress.", - "type": "string" - }, - "pathType": { - "description": "Path type for the Ingress.", - "type": "string" - } - } - } - } - } - } - }, - "tls": { - "description": "TLS configuration for the Ingress.", - "type": "array", - "items": { - "type": "object", - "properties": { - "secretName": { - "description": "Name of the secret for TLS.", - "type": "string" - }, - "hosts": { - "description": "Host names for the TLS configuration.", - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - }, - "nodeSelector": { - "description": "Node selector for pod assignment.", - "type": "object" - }, - "tolerations": { - "description": "Tolerations for pod assignment.", - "type": "array" - }, - "affinity": { - "description": "Affinity rules for pod assignment.", - "type": "object" - }, - "podAntiAffinity": { - "description": "Pod anti-affinity configuration.", - "type": "string", - "enum": ["", "soft", "hard"], - "default": "" - }, - "podAntiAffinityTopologyKey": { - "description": "Topology key to use for pod anti-affinity.", - "type": "string" - }, - "topologySpreadConstraints": { - "description": "Topology spread constraints for pod assignment.", - "type": "array", - "items": { - "type": "object", - "required": ["maxSkew", "topologyKey", "whenUnsatisfiable", "labelSelector"], - "properties": { - "maxSkew": { - "type": "integer" - }, - "topologyKey": { - "type": "string" - }, - "whenUnsatisfiable": { - "type": "string", - "enum": ["DoNotSchedule", "ScheduleAnyway"] - }, - "labelSelector": { - "type": "object", - "required": ["matchLabels"], - "properties": { - "matchLabels": { - "type": "object" - } - } - } - } - } - }, - "statefulSet": { - "description": "StatefulSet configuration for managing pods.", - "type": "object", - "properties": { - "annotations": { - "type": "object" - } - } - }, - "podAnnotations": { - "description": "Annotations to add to the pods.", - "type": "object" - }, - "podLabels": { - "description": "Labels to add to the pods.", - "type": "object" - }, - "podDisruptionBudget": { - "description": "Pod disruption budget configuration.", - "type": "object", - "properties": { - "maxUnavailable": { - "type": "integer" - }, - "minAvailable": { - "type": "integer" - } - } - }, - "command": { - "description": "The command to be executed in the container.", - "type": "array", - "items": { - "type": "string" - } - }, - "persistence": { - "description": "Persistence configuration for storing data.", - "type": "object", - "required": ["enabled", "size"], - "properties": { - "enabled": { - "type": "boolean" - }, - "storageClass": { - "type": "string" - }, - "accessModes": { - "type": "array", - "items": { - "type": "string" - } - }, - "size": { - "type": "string" - } - } - }, - "configAnnotations": { - "description": "Annotations to be added to the Alertmanager configuration.", - "type": "object" - }, - "config": { - "description": "Alertmanager configuration.", - "type": "object", - "properties": { - "enabled": { - "description": "Whether to create alermanager configmap or not.", - "type": "boolean" - }, - "global": { - "description": "Global configuration options.", - "type": "object" - }, - "templates": { - "description": "Alertmanager template files.", - "type": "array", - "items": { - "type": "string" - } - }, - "receivers": { - "description": "Alert receivers configuration.", - "type": "array", - "items": { - "type": "object", - "required": ["name"], - "properties": { - "name": { - "description": "The unique name of the receiver.", - "type": "string" - } - } - } - }, - "route": { - "description": "Alert routing configuration.", - "type": "object", - "$ref": "#/definitions/config/route" - } - } - }, - "configmapReload": { - "description": "Monitors ConfigMap changes and POSTs to a URL.", - "type": "object", - "properties": { - "enabled": { - "description": "Specifies whether the configmap-reload container should be deployed.", - "type": "boolean", - "default": false - }, - "name": { - "description": "The name of the configmap-reload container.", - "type": "string" - }, - "image": { - "description": "The container image for the configmap-reload container.", - "$ref": "#/definitions/image" - }, - "containerPort": { - "description": "Port number for the configmap-reload container.", - "type": "integer" - }, - "resources": { - "description": "Resource requests and limits for the configmap-reload container.", - "$ref": "#/definitions/resources" - } - } - }, - "templates": { - "description": "Custom templates used by Alertmanager.", - "type": "object" - }, - "extraVolumeMounts": { - "description": "List of volume mounts for the Container.", - "$ref": "#/definitions/volumeMounts" - }, - "extraVolumes": { - "description": "Additional volumes to be mounted in the Alertmanager pod.", - "type": "array", - "default": [], - "items": { - "type": "object", - "required": ["name"], - "properties": { - "name": { - "type": "string" - } - } - } - }, - "extraEnv": { - "description": "List of environment variables for the Container.", - "$ref": "#/definitions/env" - }, - "testFramework": { - "description": "Configuration for the test Pod.", - "type": "object", - "properties": { - "enabled": { - "description": "Specifies whether the test Pod is enabled.", - "type": "boolean", - "default": false - }, - "annotations": { - "description": "Annotations to be added to the test Pod.", - "type": "object" - } - } - } - } -} diff --git a/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.yaml b/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.yaml deleted file mode 100644 index f8a9d24..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/alertmanager/values.yaml +++ /dev/null @@ -1,379 +0,0 @@ -# yaml-language-server: $schema=values.schema.json -# Default values for alertmanager. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -# Number of old history to retain to allow rollback -# Default Kubernetes value is set to 10 -revisionHistoryLimit: 10 - -image: - repository: quay.io/prometheus/alertmanager - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" - -# Full external URL where alertmanager is reachable, used for backlinks. -baseURL: "" - -extraArgs: {} - -## Additional Alertmanager Secret mounts -# Defines additional mounts with secrets. Secrets must be manually created in the namespace. -extraSecretMounts: [] - # - name: secret-files - # mountPath: /etc/secrets - # subPath: "" - # secretName: alertmanager-secret-files - # readOnly: true - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -## namespaceOverride overrides the namespace which the resources will be deployed in -namespaceOverride: "" - -automountServiceAccountToken: true - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -# Sets priorityClassName in alertmanager pod -priorityClassName: "" - -# Sets schedulerName in alertmanager pod -schedulerName: "" - -podSecurityContext: - fsGroup: 65534 -dnsConfig: {} - # nameservers: - # - 1.2.3.4 - # searches: - # - ns1.svc.cluster-domain.example - # - my.dns.search.suffix - # options: - # - name: ndots - # value: "2" - # - name: edns0 -hostAliases: [] - # - ip: "127.0.0.1" - # hostnames: - # - "foo.local" - # - "bar.local" - # - ip: "10.1.2.3" - # hostnames: - # - "foo.remote" - # - "bar.remote" -securityContext: - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - runAsUser: 65534 - runAsNonRoot: true - runAsGroup: 65534 - -additionalPeers: [] - -## Additional InitContainers to initialize the pod -## -extraInitContainers: [] - -## Additional containers to add to the stateful set. This will allow to setup sidecarContainers like a proxy to integrate -## alertmanager with an external tool like teams that has not direct integration. -## -extraContainers: [] - -livenessProbe: - httpGet: - path: / - port: http - -readinessProbe: - httpGet: - path: / - port: http - -service: - annotations: {} - labels: {} - type: ClusterIP - port: 9093 - clusterPort: 9094 - loadBalancerIP: "" # Assign ext IP when Service type is LoadBalancer - loadBalancerSourceRanges: [] # Only allow access to loadBalancerIP from these IPs - # if you want to force a specific nodePort. Must be use with service.type=NodePort - # nodePort: - - # Optionally specify extra list of additional ports exposed on both services - extraPorts: [] - - # ip dual stack - ipDualStack: - enabled: false - ipFamilies: ["IPv6", "IPv4"] - ipFamilyPolicy: "PreferDualStack" - -# Configuration for creating a separate Service for each statefulset Alertmanager replica -# -servicePerReplica: - enabled: false - annotations: {} - - # Loadbalancer source IP ranges - # Only used if servicePerReplica.type is "LoadBalancer" - loadBalancerSourceRanges: [] - - # Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints - # - externalTrafficPolicy: Cluster - - # Service type - # - type: ClusterIP - -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: alertmanager.domain.com - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - alertmanager.domain.com - -# Configuration for creating an Ingress that will map to each Alertmanager replica service -# alertmanager.servicePerReplica must be enabled -# -ingressPerReplica: - enabled: false - - # className for the ingresses - # - className: "" - - annotations: {} - labels: {} - - # Final form of the hostname for each per replica ingress is - # {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }} - # - # Prefix for the per replica ingress that will have `-$replicaNumber` - # appended to the end - hostPrefix: "alertmanager" - # Domain that will be used for the per replica ingress - hostDomain: "domain.com" - - # Paths to use for ingress rules - # - paths: - - / - - # PathType for ingress rules - # - pathType: ImplementationSpecific - - # Secret name containing the TLS certificate for alertmanager per replica ingress - # Secret must be manually created in the namespace - tlsSecretName: "" - - # Separated secret for each per replica Ingress. Can be used together with cert-manager - # - tlsSecretPerReplica: - enabled: false - # Final form of the secret for each per replica ingress is - # {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }} - # - prefix: "alertmanager" - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 32Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -## Pod anti-affinity can prevent the scheduler from placing Alertmanager replicas on the same node. -## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. -## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. -## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. -## -podAntiAffinity: "" - -## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. -## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone -## -podAntiAffinityTopologyKey: kubernetes.io/hostname - -## Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. -## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: failure-domain.beta.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - # labelSelector: - # matchLabels: - # app.kubernetes.io/instance: alertmanager - -statefulSet: - annotations: {} - -## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to -## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready). -## This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds -## feature gate. -## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#minimum-ready-seconds -minReadySeconds: 0 - -podAnnotations: {} -podLabels: {} - -# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -podDisruptionBudget: {} - # maxUnavailable: 1 - # minAvailable: 1 - -command: [] - -persistence: - enabled: true - ## Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. - ## - # storageClass: "-" - accessModes: - - ReadWriteOnce - size: 50Mi - -configAnnotations: {} - ## For example if you want to provide private data from a secret vault - ## https://github.com/banzaicloud/bank-vaults/tree/main/charts/vault-secrets-webhook - ## P.s.: Add option `configMapMutation: true` for vault-secrets-webhook - # vault.security.banzaicloud.io/vault-role: "admin" - # vault.security.banzaicloud.io/vault-addr: "https://vault.vault.svc.cluster.local:8200" - # vault.security.banzaicloud.io/vault-skip-verify: "true" - # vault.security.banzaicloud.io/vault-path: "kubernetes" - ## Example for inject secret - # slack_api_url: '${vault:secret/data/slack-hook-alerts#URL}' - -config: - enabled: true - global: {} - # slack_api_url: '' - - templates: - - '/etc/alertmanager/*.tmpl' - - receivers: - - name: default-receiver - # slack_configs: - # - channel: '@you' - # send_resolved: true - - route: - group_wait: 10s - group_interval: 5m - receiver: default-receiver - repeat_interval: 3h - -## Monitors ConfigMap changes and POSTs to a URL -## Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader -## -configmapReload: - ## If false, the configmap-reload container will not be deployed - ## - enabled: false - - ## configmap-reload container name - ## - name: configmap-reload - - ## configmap-reload container image - ## - image: - repository: quay.io/prometheus-operator/prometheus-config-reloader - tag: v0.66.0 - pullPolicy: IfNotPresent - - # containerPort: 9533 - - ## configmap-reload resource requests and limits - ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} - - extraArgs: {} - - ## Optionally specify extra list of additional volumeMounts - extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - - ## Optionally specify extra environment variables to add to alertmanager container - extraEnv: [] - # - name: FOO - # value: BAR - - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsUser: 65534 - # runAsNonRoot: true - # runAsGroup: 65534 - -templates: {} -# alertmanager.tmpl: |- - -## Optionally specify extra list of additional volumeMounts -extraVolumeMounts: [] - # - name: extras - # mountPath: /usr/share/extras - # readOnly: true - -## Optionally specify extra list of additional volumes -extraVolumes: [] - # - name: extras - # emptyDir: {} - -## Optionally specify extra environment variables to add to alertmanager container -extraEnv: [] - # - name: FOO - # value: BAR - -testFramework: - enabled: false - annotations: - "helm.sh/hook": test-success - # "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/.helmignore b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/.helmignore deleted file mode 100644 index f0c1319..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/Chart.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/Chart.yaml deleted file mode 100644 index 0240445..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts -apiVersion: v2 -appVersion: 2.12.0 -description: Install kube-state-metrics to generate and expose cluster-level metrics -home: https://github.com/kubernetes/kube-state-metrics/ -keywords: -- metric -- monitoring -- prometheus -- kubernetes -maintainers: -- email: tariq.ibrahim@mulesoft.com - name: tariq1890 -- email: manuel@rueg.eu - name: mrueg -- email: david@0xdc.me - name: dotdc -name: kube-state-metrics -sources: -- https://github.com/kubernetes/kube-state-metrics/ -type: application -version: 5.20.0 diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/README.md b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/README.md deleted file mode 100644 index 843be89..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/README.md +++ /dev/null @@ -1,85 +0,0 @@ -# kube-state-metrics Helm Chart - -Installs the [kube-state-metrics agent](https://github.com/kubernetes/kube-state-metrics). - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - - -## Install Chart - -```console -helm install [RELEASE_NAME] prometheus-community/kube-state-metrics [flags] -``` - -_See [configuration](#configuration) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] prometheus-community/kube-state-metrics [flags] -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### Migrating from stable/kube-state-metrics and kubernetes/kube-state-metrics - -You can upgrade in-place: - -1. [get repository info](#get-repository-info) -1. [upgrade](#upgrading-chart) your existing release name using the new chart repository - -## Upgrading to v3.0.0 - -v3.0.0 includes kube-state-metrics v2.0, see the [changelog](https://github.com/kubernetes/kube-state-metrics/blob/release-2.0/CHANGELOG.md) for major changes on the application-side. - -The upgraded chart now the following changes: - -* Dropped support for helm v2 (helm v3 or later is required) -* collectors key was renamed to resources -* namespace key was renamed to namespaces - -## Configuration - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments: - -```console -helm show values prometheus-community/kube-state-metrics -``` - -### kube-rbac-proxy - -You can enable `kube-state-metrics` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy one RBAC proxy container per endpoint (metrics & telemetry). -To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as: - -```yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kube-state-metrics-read -rules: - - apiGroups: [ "" ] - resources: ["services/kube-state-metrics"] - verbs: - - get -``` - -See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details. diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/NOTES.txt b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/NOTES.txt deleted file mode 100644 index 3589c24..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/NOTES.txt +++ /dev/null @@ -1,23 +0,0 @@ -kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. -The exposed metrics can be found here: -https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics - -The metrics are exported on the HTTP endpoint /metrics on the listening port. -In your case, {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc.cluster.local:{{ .Values.service.port }}/metrics - -They are served either as plaintext or protobuf depending on the Accept header. -They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint. - -{{- if .Values.kubeRBACProxy.enabled}} - -kube-rbac-proxy endpoint protections is enabled: -- Metrics endpoints are now HTTPS -- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions: -``` -rules: - - apiGroups: [ "" ] - resources: ["services/{{ template "kube-state-metrics.fullname" . }}"] - verbs: - - get -``` -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/_helpers.tpl b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/_helpers.tpl deleted file mode 100644 index a4358c8..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/_helpers.tpl +++ /dev/null @@ -1,156 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "kube-state-metrics.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kube-state-metrics.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kube-state-metrics.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "kube-state-metrics.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Allow the release namespace to be overridden for multi-namespace deployments in combined charts -*/}} -{{- define "kube-state-metrics.namespace" -}} - {{- if .Values.namespaceOverride -}} - {{- .Values.namespaceOverride -}} - {{- else -}} - {{- .Release.Namespace -}} - {{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kube-state-metrics.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Generate basic labels -*/}} -{{- define "kube-state-metrics.labels" }} -helm.sh/chart: {{ template "kube-state-metrics.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/component: metrics -app.kubernetes.io/part-of: {{ template "kube-state-metrics.name" . }} -{{- include "kube-state-metrics.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -{{- if .Values.customLabels }} -{{ toYaml .Values.customLabels }} -{{- end }} -{{- if .Values.releaseLabel }} -release: {{ .Release.Name }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "kube-state-metrics.selectorLabels" }} -{{- if .Values.selectorOverride }} -{{ toYaml .Values.selectorOverride }} -{{- else }} -app.kubernetes.io/name: {{ include "kube-state-metrics.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} -{{- end }} - -{{/* Sets default scrape limits for servicemonitor */}} -{{- define "servicemonitor.scrapeLimits" -}} -{{- with .sampleLimit }} -sampleLimit: {{ . }} -{{- end }} -{{- with .targetLimit }} -targetLimit: {{ . }} -{{- end }} -{{- with .labelLimit }} -labelLimit: {{ . }} -{{- end }} -{{- with .labelNameLengthLimit }} -labelNameLengthLimit: {{ . }} -{{- end }} -{{- with .labelValueLengthLimit }} -labelValueLengthLimit: {{ . }} -{{- end }} -{{- end -}} - -{{/* -Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets}) -*/}} -{{- define "kube-state-metrics.imagePullSecrets" -}} -{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }} - {{- if eq (typeOf .) "map[string]interface {}" }} -- {{ toYaml . | trim }} - {{- else }} -- name: {{ . }} - {{- end }} -{{- end }} -{{- end -}} - -{{/* -The image to use for kube-state-metrics -*/}} -{{- define "kube-state-metrics.image" -}} -{{- if .Values.image.sha }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }} -{{- else }} -{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }} -{{- end }} -{{- else }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- else }} -{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -The image to use for kubeRBACProxy -*/}} -{{- define "kubeRBACProxy.image" -}} -{{- if .Values.kubeRBACProxy.image.sha }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }} -{{- else }} -{{- printf "%s/%s:%s@%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }} -{{- end }} -{{- else }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }} -{{- else }} -{{- printf "%s/%s:%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }} -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml deleted file mode 100644 index 025cd47..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "cilium") }} -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - {{- if .Values.annotations }} - annotations: - {{ toYaml .Values.annotations | nindent 4 }} - {{- end }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -spec: - endpointSelector: - matchLabels: - {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} - egress: - {{- if and .Values.networkPolicy.cilium .Values.networkPolicy.cilium.kubeApiServerSelector }} - {{ toYaml .Values.networkPolicy.cilium.kubeApiServerSelector | nindent 6 }} - {{- else }} - - toEntities: - - kube-apiserver - {{- end }} - ingress: - - toPorts: - - ports: - - port: {{ .Values.service.port | quote }} - protocol: TCP - {{- if .Values.selfMonitor.enabled }} - - port: {{ .Values.selfMonitor.telemetryPort | default 8081 | quote }} - protocol: TCP - {{ end }} -{{ end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml deleted file mode 100644 index cf9f628..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.useClusterRole -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: {{ template "kube-state-metrics.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole -{{- if .Values.rbac.useExistingRole }} - name: {{ .Values.rbac.useExistingRole }} -{{- else }} - name: {{ template "kube-state-metrics.fullname" . }} -{{- end }} -subjects: -- kind: ServiceAccount - name: {{ template "kube-state-metrics.serviceAccountName" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/crs-configmap.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/crs-configmap.yaml deleted file mode 100644 index d38a75a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/crs-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.customResourceState.enabled}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - {{- if .Values.annotations }} - annotations: - {{ toYaml .Values.annotations | nindent 4 }} - {{- end }} -data: - config.yaml: | - {{- toYaml .Values.customResourceState.config | nindent 4 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/deployment.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/deployment.yaml deleted file mode 100644 index 64e7670..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/deployment.yaml +++ /dev/null @@ -1,314 +0,0 @@ -apiVersion: apps/v1 -{{- if .Values.autosharding.enabled }} -kind: StatefulSet -{{- else }} -kind: Deployment -{{- end }} -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - {{- if .Values.annotations }} - annotations: -{{ toYaml .Values.annotations | indent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} - replicas: {{ .Values.replicas }} - {{- if not .Values.autosharding.enabled }} - strategy: - type: {{ .Values.updateStrategy | default "RollingUpdate" }} - {{- end }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- if .Values.autosharding.enabled }} - serviceName: {{ template "kube-state-metrics.fullname" . }} - volumeClaimTemplates: [] - {{- end }} - template: - metadata: - labels: - {{- include "kube-state-metrics.labels" . | indent 8 }} - {{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} - spec: - hostNetwork: {{ .Values.hostNetwork }} - serviceAccountName: {{ template "kube-state-metrics.serviceAccountName" . }} - {{- if .Values.securityContext.enabled }} - securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }} - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- with .Values.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} - containers: - {{- $servicePort := ternary 9090 (.Values.service.port | default 8080) .Values.kubeRBACProxy.enabled}} - {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}} - - name: {{ template "kube-state-metrics.name" . }} - {{- if .Values.autosharding.enabled }} - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- end }} - args: - {{- if .Values.extraArgs }} - {{- .Values.extraArgs | toYaml | nindent 8 }} - {{- end }} - - --port={{ $servicePort }} - {{- if .Values.collectors }} - - --resources={{ .Values.collectors | join "," }} - {{- end }} - {{- if .Values.metricLabelsAllowlist }} - - --metric-labels-allowlist={{ .Values.metricLabelsAllowlist | join "," }} - {{- end }} - {{- if .Values.metricAnnotationsAllowList }} - - --metric-annotations-allowlist={{ .Values.metricAnnotationsAllowList | join "," }} - {{- end }} - {{- if .Values.metricAllowlist }} - - --metric-allowlist={{ .Values.metricAllowlist | join "," }} - {{- end }} - {{- if .Values.metricDenylist }} - - --metric-denylist={{ .Values.metricDenylist | join "," }} - {{- end }} - {{- $namespaces := list }} - {{- if .Values.namespaces }} - {{- range $ns := join "," .Values.namespaces | split "," }} - {{- $namespaces = append $namespaces (tpl $ns $) }} - {{- end }} - {{- end }} - {{- if .Values.releaseNamespace }} - {{- $namespaces = append $namespaces ( include "kube-state-metrics.namespace" . ) }} - {{- end }} - {{- if $namespaces }} - - --namespaces={{ $namespaces | mustUniq | join "," }} - {{- end }} - {{- if .Values.namespacesDenylist }} - - --namespaces-denylist={{ tpl (.Values.namespacesDenylist | join ",") $ }} - {{- end }} - {{- if .Values.autosharding.enabled }} - - --pod=$(POD_NAME) - - --pod-namespace=$(POD_NAMESPACE) - {{- end }} - {{- if .Values.kubeconfig.enabled }} - - --kubeconfig=/opt/k8s/.kube/config - {{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - --telemetry-host=127.0.0.1 - - --telemetry-port={{ $telemetryPort }} - {{- else }} - {{- if .Values.selfMonitor.telemetryHost }} - - --telemetry-host={{ .Values.selfMonitor.telemetryHost }} - {{- end }} - {{- if .Values.selfMonitor.telemetryPort }} - - --telemetry-port={{ $telemetryPort }} - {{- end }} - {{- end }} - {{- if .Values.customResourceState.enabled }} - - --custom-resource-state-config-file=/etc/customresourcestate/config.yaml - {{- end }} - {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }} - volumeMounts: - {{- if .Values.kubeconfig.enabled }} - - name: kubeconfig - mountPath: /opt/k8s/.kube/ - readOnly: true - {{- end }} - {{- if .Values.customResourceState.enabled }} - - name: customresourcestate-config - mountPath: /etc/customresourcestate - readOnly: true - {{- end }} - {{- if .Values.volumeMounts }} -{{ toYaml .Values.volumeMounts | indent 8 }} - {{- end }} - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - image: {{ include "kube-state-metrics.image" . }} - {{- if eq .Values.kubeRBACProxy.enabled false }} - ports: - - containerPort: {{ .Values.service.port | default 8080}} - name: "http" - {{- if .Values.selfMonitor.enabled }} - - containerPort: {{ $telemetryPort }} - name: "metrics" - {{- end }} - {{- end }} - livenessProbe: - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - httpGet: - {{- if .Values.hostNetwork }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: /healthz - port: {{ $servicePort }} - scheme: {{ upper .Values.livenessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - readinessProbe: - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - httpGet: - {{- if .Values.hostNetwork }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: / - port: {{ $servicePort }} - scheme: {{ upper .Values.readinessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - {{- if .Values.resources }} - resources: -{{ toYaml .Values.resources | indent 10 }} -{{- end }} -{{- if .Values.containerSecurityContext }} - securityContext: -{{ toYaml .Values.containerSecurityContext | indent 10 }} -{{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - name: kube-rbac-proxy-http - args: - {{- if .Values.kubeRBACProxy.extraArgs }} - {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} - {{- end }} - - --secure-listen-address=:{{ .Values.service.port | default 8080}} - - --upstream=http://127.0.0.1:{{ $servicePort }}/ - - --proxy-endpoints-port=8888 - - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml - volumeMounts: - - name: kube-rbac-proxy-config - mountPath: /etc/kube-rbac-proxy-config - {{- with .Values.kubeRBACProxy.volumeMounts }} - {{- toYaml . | nindent 10 }} - {{- end }} - imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} - image: {{ include "kubeRBACProxy.image" . }} - ports: - - containerPort: {{ .Values.service.port | default 8080}} - name: "http" - - containerPort: 8888 - name: "http-healthz" - readinessProbe: - httpGet: - scheme: HTTPS - port: 8888 - path: healthz - initialDelaySeconds: 5 - timeoutSeconds: 5 - {{- if .Values.kubeRBACProxy.resources }} - resources: -{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} -{{- end }} -{{- if .Values.kubeRBACProxy.containerSecurityContext }} - securityContext: -{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} -{{- end }} - {{- if .Values.selfMonitor.enabled }} - - name: kube-rbac-proxy-telemetry - args: - {{- if .Values.kubeRBACProxy.extraArgs }} - {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }} - {{- end }} - - --secure-listen-address=:{{ .Values.selfMonitor.telemetryPort | default 8081 }} - - --upstream=http://127.0.0.1:{{ $telemetryPort }}/ - - --proxy-endpoints-port=8889 - - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml - volumeMounts: - - name: kube-rbac-proxy-config - mountPath: /etc/kube-rbac-proxy-config - {{- with .Values.kubeRBACProxy.volumeMounts }} - {{- toYaml . | nindent 10 }} - {{- end }} - imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} - image: {{ include "kubeRBACProxy.image" . }} - ports: - - containerPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }} - name: "metrics" - - containerPort: 8889 - name: "metrics-healthz" - readinessProbe: - httpGet: - scheme: HTTPS - port: 8889 - path: healthz - initialDelaySeconds: 5 - timeoutSeconds: 5 - {{- if .Values.kubeRBACProxy.resources }} - resources: -{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }} -{{- end }} -{{- if .Values.kubeRBACProxy.containerSecurityContext }} - securityContext: -{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }} -{{- end }} - {{- end }} - {{- end }} - {{- with .Values.containers }} - {{- toYaml . | nindent 6 }} - {{- end }} -{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} - {{- end }} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- end }} - {{- if .Values.topologySpreadConstraints }} - topologySpreadConstraints: -{{ toYaml .Values.topologySpreadConstraints | indent 8 }} - {{- end }} - {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }} - volumes: - {{- if .Values.kubeconfig.enabled}} - - name: kubeconfig - secret: - secretName: {{ template "kube-state-metrics.fullname" . }}-kubeconfig - {{- end }} - {{- if .Values.kubeRBACProxy.enabled}} - - name: kube-rbac-proxy-config - configMap: - name: {{ template "kube-state-metrics.fullname" . }}-rbac-config - {{- end }} - {{- if .Values.customResourceState.enabled}} - - name: customresourcestate-config - configMap: - name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config - {{- end }} - {{- if .Values.volumes }} -{{ toYaml .Values.volumes | indent 8 }} - {{- end }} - {{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/extra-manifests.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/extra-manifests.yaml deleted file mode 100644 index 567f7bf..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraManifests }} ---- -{{ tpl (toYaml .) $ }} -{{ end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/kubeconfig-secret.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/kubeconfig-secret.yaml deleted file mode 100644 index 6af0084..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/kubeconfig-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.kubeconfig.enabled -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "kube-state-metrics.fullname" . }}-kubeconfig - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -type: Opaque -data: - config: '{{ .Values.kubeconfig.secret }}' -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/networkpolicy.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/networkpolicy.yaml deleted file mode 100644 index 309b38e..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/networkpolicy.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "kubernetes") }} -kind: NetworkPolicy -apiVersion: networking.k8s.io/v1 -metadata: - {{- if .Values.annotations }} - annotations: - {{ toYaml .Values.annotations | nindent 4 }} - {{- end }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -spec: - {{- if .Values.networkPolicy.egress }} - ## Deny all egress by default - egress: - {{- toYaml .Values.networkPolicy.egress | nindent 4 }} - {{- end }} - ingress: - {{- if .Values.networkPolicy.ingress }} - {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} - {{- else }} - ## Allow ingress on default ports by default - - ports: - - port: {{ .Values.service.port | default 8080 }} - protocol: TCP - {{- if .Values.selfMonitor.enabled }} - {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}} - - port: {{ $telemetryPort }} - protocol: TCP - {{- end }} - {{- end }} - podSelector: - {{- if .Values.networkPolicy.podSelector }} - {{- toYaml .Values.networkPolicy.podSelector | nindent 4 }} - {{- else }} - matchLabels: - {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} - {{- end }} - policyTypes: - - Ingress - - Egress -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/pdb.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/pdb.yaml deleted file mode 100644 index 3771b51..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/pdb.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.podDisruptionBudget -}} -{{ if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}} -apiVersion: policy/v1 -{{- else -}} -apiVersion: policy/v1beta1 -{{- end }} -kind: PodDisruptionBudget -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} -{{ toYaml .Values.podDisruptionBudget | indent 2 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/podsecuritypolicy.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/podsecuritypolicy.yaml deleted file mode 100644 index 8905e11..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/podsecuritypolicy.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- if and .Values.podSecurityPolicy.enabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -{{- if .Values.podSecurityPolicy.annotations }} - annotations: -{{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }} -{{- end }} -spec: - privileged: false - volumes: - - 'secret' -{{- if .Values.podSecurityPolicy.additionalVolumes }} -{{ toYaml .Values.podSecurityPolicy.additionalVolumes | indent 4 }} -{{- end }} - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAsNonRoot' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrole.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrole.yaml deleted file mode 100644 index 654e4a3..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and .Values.podSecurityPolicy.enabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: psp-{{ template "kube-state-metrics.fullname" . }} -rules: -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }} -- apiGroups: ['policy'] -{{- else }} -- apiGroups: ['extensions'] -{{- end }} - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "kube-state-metrics.fullname" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml deleted file mode 100644 index 5b62a18..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.podSecurityPolicy.enabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: psp-{{ template "kube-state-metrics.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: psp-{{ template "kube-state-metrics.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "kube-state-metrics.serviceAccountName" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rbac-configmap.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rbac-configmap.yaml deleted file mode 100644 index 671dc9d..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rbac-configmap.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.kubeRBACProxy.enabled}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "kube-state-metrics.fullname" . }}-rbac-config - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - {{- if .Values.annotations }} - annotations: - {{ toYaml .Values.annotations | nindent 4 }} - {{- end }} -data: - config-file.yaml: |+ - authorization: - resourceAttributes: - namespace: {{ template "kube-state-metrics.namespace" . }} - apiVersion: v1 - resource: services - subresource: {{ template "kube-state-metrics.fullname" . }} - name: {{ template "kube-state-metrics.fullname" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/role.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/role.yaml deleted file mode 100644 index d33687f..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/role.yaml +++ /dev/null @@ -1,212 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (not .Values.rbac.useExistingRole) -}} -{{- range (ternary (join "," .Values.namespaces | split "," ) (list "") (eq $.Values.rbac.useClusterRole false)) }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -{{- if eq $.Values.rbac.useClusterRole false }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - labels: - {{- include "kube-state-metrics.labels" $ | indent 4 }} - name: {{ template "kube-state-metrics.fullname" $ }} -{{- if eq $.Values.rbac.useClusterRole false }} - namespace: {{ . }} -{{- end }} -rules: -{{ if has "certificatesigningrequests" $.Values.collectors }} -- apiGroups: ["certificates.k8s.io"] - resources: - - certificatesigningrequests - verbs: ["list", "watch"] -{{ end -}} -{{ if has "configmaps" $.Values.collectors }} -- apiGroups: [""] - resources: - - configmaps - verbs: ["list", "watch"] -{{ end -}} -{{ if has "cronjobs" $.Values.collectors }} -- apiGroups: ["batch"] - resources: - - cronjobs - verbs: ["list", "watch"] -{{ end -}} -{{ if has "daemonsets" $.Values.collectors }} -- apiGroups: ["extensions", "apps"] - resources: - - daemonsets - verbs: ["list", "watch"] -{{ end -}} -{{ if has "deployments" $.Values.collectors }} -- apiGroups: ["extensions", "apps"] - resources: - - deployments - verbs: ["list", "watch"] -{{ end -}} -{{ if has "endpoints" $.Values.collectors }} -- apiGroups: [""] - resources: - - endpoints - verbs: ["list", "watch"] -{{ end -}} -{{ if has "endpointslices" $.Values.collectors }} -- apiGroups: ["discovery.k8s.io"] - resources: - - endpointslices - verbs: ["list", "watch"] -{{ end -}} -{{ if has "horizontalpodautoscalers" $.Values.collectors }} -- apiGroups: ["autoscaling"] - resources: - - horizontalpodautoscalers - verbs: ["list", "watch"] -{{ end -}} -{{ if has "ingresses" $.Values.collectors }} -- apiGroups: ["extensions", "networking.k8s.io"] - resources: - - ingresses - verbs: ["list", "watch"] -{{ end -}} -{{ if has "jobs" $.Values.collectors }} -- apiGroups: ["batch"] - resources: - - jobs - verbs: ["list", "watch"] -{{ end -}} -{{ if has "leases" $.Values.collectors }} -- apiGroups: ["coordination.k8s.io"] - resources: - - leases - verbs: ["list", "watch"] -{{ end -}} -{{ if has "limitranges" $.Values.collectors }} -- apiGroups: [""] - resources: - - limitranges - verbs: ["list", "watch"] -{{ end -}} -{{ if has "mutatingwebhookconfigurations" $.Values.collectors }} -- apiGroups: ["admissionregistration.k8s.io"] - resources: - - mutatingwebhookconfigurations - verbs: ["list", "watch"] -{{ end -}} -{{ if has "namespaces" $.Values.collectors }} -- apiGroups: [""] - resources: - - namespaces - verbs: ["list", "watch"] -{{ end -}} -{{ if has "networkpolicies" $.Values.collectors }} -- apiGroups: ["networking.k8s.io"] - resources: - - networkpolicies - verbs: ["list", "watch"] -{{ end -}} -{{ if has "nodes" $.Values.collectors }} -- apiGroups: [""] - resources: - - nodes - verbs: ["list", "watch"] -{{ end -}} -{{ if has "persistentvolumeclaims" $.Values.collectors }} -- apiGroups: [""] - resources: - - persistentvolumeclaims - verbs: ["list", "watch"] -{{ end -}} -{{ if has "persistentvolumes" $.Values.collectors }} -- apiGroups: [""] - resources: - - persistentvolumes - verbs: ["list", "watch"] -{{ end -}} -{{ if has "poddisruptionbudgets" $.Values.collectors }} -- apiGroups: ["policy"] - resources: - - poddisruptionbudgets - verbs: ["list", "watch"] -{{ end -}} -{{ if has "pods" $.Values.collectors }} -- apiGroups: [""] - resources: - - pods - verbs: ["list", "watch"] -{{ end -}} -{{ if has "replicasets" $.Values.collectors }} -- apiGroups: ["extensions", "apps"] - resources: - - replicasets - verbs: ["list", "watch"] -{{ end -}} -{{ if has "replicationcontrollers" $.Values.collectors }} -- apiGroups: [""] - resources: - - replicationcontrollers - verbs: ["list", "watch"] -{{ end -}} -{{ if has "resourcequotas" $.Values.collectors }} -- apiGroups: [""] - resources: - - resourcequotas - verbs: ["list", "watch"] -{{ end -}} -{{ if has "secrets" $.Values.collectors }} -- apiGroups: [""] - resources: - - secrets - verbs: ["list", "watch"] -{{ end -}} -{{ if has "services" $.Values.collectors }} -- apiGroups: [""] - resources: - - services - verbs: ["list", "watch"] -{{ end -}} -{{ if has "statefulsets" $.Values.collectors }} -- apiGroups: ["apps"] - resources: - - statefulsets - verbs: ["list", "watch"] -{{ end -}} -{{ if has "storageclasses" $.Values.collectors }} -- apiGroups: ["storage.k8s.io"] - resources: - - storageclasses - verbs: ["list", "watch"] -{{ end -}} -{{ if has "validatingwebhookconfigurations" $.Values.collectors }} -- apiGroups: ["admissionregistration.k8s.io"] - resources: - - validatingwebhookconfigurations - verbs: ["list", "watch"] -{{ end -}} -{{ if has "volumeattachments" $.Values.collectors }} -- apiGroups: ["storage.k8s.io"] - resources: - - volumeattachments - verbs: ["list", "watch"] -{{ end -}} -{{- if $.Values.kubeRBACProxy.enabled }} -- apiGroups: ["authentication.k8s.io"] - resources: - - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] - resources: - - subjectaccessreviews - verbs: ["create"] -{{- end }} -{{- if $.Values.customResourceState.enabled }} -- apiGroups: ["apiextensions.k8s.io"] - resources: - - customresourcedefinitions - verbs: ["list", "watch"] -{{- end }} -{{ if $.Values.rbac.extraRules }} -{{ toYaml $.Values.rbac.extraRules }} -{{ end }} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rolebinding.yaml deleted file mode 100644 index 330651b..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/rolebinding.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (eq .Values.rbac.useClusterRole false) -}} -{{- range (join "," $.Values.namespaces) | split "," }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - {{- include "kube-state-metrics.labels" $ | indent 4 }} - name: {{ template "kube-state-metrics.fullname" $ }} - namespace: {{ . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role -{{- if (not $.Values.rbac.useExistingRole) }} - name: {{ template "kube-state-metrics.fullname" $ }} -{{- else }} - name: {{ $.Values.rbac.useExistingRole }} -{{- end }} -subjects: -- kind: ServiceAccount - name: {{ template "kube-state-metrics.serviceAccountName" $ }} - namespace: {{ template "kube-state-metrics.namespace" $ }} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/service.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/service.yaml deleted file mode 100644 index 90c2351..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/service.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - annotations: - {{- if .Values.prometheusScrape }} - prometheus.io/scrape: '{{ .Values.prometheusScrape }}' - {{- end }} - {{- if .Values.service.annotations }} - {{- toYaml .Values.service.annotations | nindent 4 }} - {{- end }} -spec: - type: "{{ .Values.service.type }}" - {{- if .Values.service.ipDualStack.enabled }} - ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} - ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} - {{- end }} - ports: - - name: "http" - protocol: TCP - port: {{ .Values.service.port | default 8080}} - {{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - targetPort: {{ .Values.service.port | default 8080}} - {{ if .Values.selfMonitor.enabled }} - - name: "metrics" - protocol: TCP - port: {{ .Values.selfMonitor.telemetryPort | default 8081 }} - targetPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }} - {{- if .Values.selfMonitor.telemetryNodePort }} - nodePort: {{ .Values.selfMonitor.telemetryNodePort }} - {{- end }} - {{ end }} -{{- if .Values.service.loadBalancerIP }} - loadBalancerIP: "{{ .Values.service.loadBalancerIP }}" -{{- end }} -{{- if .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := .Values.service.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} -{{- end }} -{{- if .Values.autosharding.enabled }} - clusterIP: None -{{- else if .Values.service.clusterIP }} - clusterIP: "{{ .Values.service.clusterIP }}" -{{- end }} - selector: - {{- include "kube-state-metrics.selectorLabels" . | indent 4 }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml deleted file mode 100644 index 38a93b3..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - name: {{ template "kube-state-metrics.serviceAccountName" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -{{- if .Values.serviceAccount.annotations }} - annotations: -{{ toYaml .Values.serviceAccount.annotations | indent 4 }} -{{- end }} -{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} -{{- end }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/servicemonitor.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/servicemonitor.yaml deleted file mode 100644 index 99d7fa9..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/servicemonitor.yaml +++ /dev/null @@ -1,120 +0,0 @@ -{{- if .Values.prometheus.monitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} - {{- with .Values.prometheus.monitor.additionalLabels }} - {{- tpl (toYaml . | nindent 4) $ }} - {{- end }} - {{- with .Values.prometheus.monitor.annotations }} - annotations: - {{- tpl (toYaml . | nindent 4) $ }} - {{- end }} -spec: - jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }} - {{- with .Values.prometheus.monitor.targetLabels }} - targetLabels: - {{- toYaml . | trim | nindent 4 }} - {{- end }} - {{- with .Values.prometheus.monitor.podTargetLabels }} - podTargetLabels: - {{- toYaml . | trim | nindent 4 }} - {{- end }} - {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | indent 2 }} - {{- if .Values.prometheus.monitor.namespaceSelector }} - namespaceSelector: - matchNames: - {{- with .Values.prometheus.monitor.namespaceSelector }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- end }} - selector: - matchLabels: - {{- with .Values.prometheus.monitor.selectorOverride }} - {{- toYaml . | nindent 6 }} - {{- else }} - {{- include "kube-state-metrics.selectorLabels" . | indent 6 }} - {{- end }} - endpoints: - - port: http - {{- if or .Values.prometheus.monitor.http.interval .Values.prometheus.monitor.interval }} - interval: {{ .Values.prometheus.monitor.http.interval | default .Values.prometheus.monitor.interval }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.scrapeTimeout .Values.prometheus.monitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.prometheus.monitor.http.scrapeTimeout | default .Values.prometheus.monitor.scrapeTimeout }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.proxyUrl .Values.prometheus.monitor.proxyUrl }} - proxyUrl: {{ .Values.prometheus.monitor.http.proxyUrl | default .Values.prometheus.monitor.proxyUrl }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.enableHttp2 .Values.prometheus.monitor.enableHttp2 }} - enableHttp2: {{ .Values.prometheus.monitor.http.enableHttp2 | default .Values.prometheus.monitor.enableHttp2 }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.honorLabels .Values.prometheus.monitor.honorLabels }} - honorLabels: true - {{- end }} - {{- if or .Values.prometheus.monitor.http.metricRelabelings .Values.prometheus.monitor.metricRelabelings }} - metricRelabelings: - {{- toYaml (.Values.prometheus.monitor.http.metricRelabelings | default .Values.prometheus.monitor.metricRelabelings) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.relabelings .Values.prometheus.monitor.relabelings }} - relabelings: - {{- toYaml (.Values.prometheus.monitor.http.relabelings | default .Values.prometheus.monitor.relabelings) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.scheme .Values.prometheus.monitor.scheme }} - scheme: {{ .Values.prometheus.monitor.http.scheme | default .Values.prometheus.monitor.scheme }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.tlsConfig .Values.prometheus.monitor.tlsConfig }} - tlsConfig: - {{- toYaml (.Values.prometheus.monitor.http.tlsConfig | default .Values.prometheus.monitor.tlsConfig) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.http.bearerTokenFile .Values.prometheus.monitor.bearerTokenFile }} - bearerTokenFile: {{ .Values.prometheus.monitor.http.bearerTokenFile | default .Values.prometheus.monitor.bearerTokenFile }} - {{- end }} - {{- with (.Values.prometheus.monitor.http.bearerTokenSecret | default .Values.prometheus.monitor.bearerTokenSecret) }} - bearerTokenSecret: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.selfMonitor.enabled }} - - port: metrics - {{- if or .Values.prometheus.monitor.metrics.interval .Values.prometheus.monitor.interval }} - interval: {{ .Values.prometheus.monitor.metrics.interval | default .Values.prometheus.monitor.interval }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.scrapeTimeout .Values.prometheus.monitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.prometheus.monitor.metrics.scrapeTimeout | default .Values.prometheus.monitor.scrapeTimeout }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.proxyUrl .Values.prometheus.monitor.proxyUrl }} - proxyUrl: {{ .Values.prometheus.monitor.metrics.proxyUrl | default .Values.prometheus.monitor.proxyUrl }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.enableHttp2 .Values.prometheus.monitor.enableHttp2 }} - enableHttp2: {{ .Values.prometheus.monitor.metrics.enableHttp2 | default .Values.prometheus.monitor.enableHttp2 }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.honorLabels .Values.prometheus.monitor.honorLabels }} - honorLabels: true - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.metricRelabelings .Values.prometheus.monitor.metricRelabelings }} - metricRelabelings: - {{- toYaml (.Values.prometheus.monitor.metrics.metricRelabelings | default .Values.prometheus.monitor.metricRelabelings) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.relabelings .Values.prometheus.monitor.relabelings }} - relabelings: - {{- toYaml (.Values.prometheus.monitor.metrics.relabelings | default .Values.prometheus.monitor.relabelings) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.scheme .Values.prometheus.monitor.scheme }} - scheme: {{ .Values.prometheus.monitor.metrics.scheme | default .Values.prometheus.monitor.scheme }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.tlsConfig .Values.prometheus.monitor.tlsConfig }} - tlsConfig: - {{- toYaml (.Values.prometheus.monitor.metrics.tlsConfig | default .Values.prometheus.monitor.tlsConfig) | nindent 8 }} - {{- end }} - {{- if or .Values.prometheus.monitor.metrics.bearerTokenFile .Values.prometheus.monitor.bearerTokenFile }} - bearerTokenFile: {{ .Values.prometheus.monitor.metrics.bearerTokenFile | default .Values.prometheus.monitor.bearerTokenFile }} - {{- end }} - {{- with (.Values.prometheus.monitor.metrics.bearerTokenSecret | default .Values.prometheus.monitor.bearerTokenSecret) }} - bearerTokenSecret: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-role.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-role.yaml deleted file mode 100644 index 489de14..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-role.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and .Values.autosharding.enabled .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get -- apiGroups: - - apps - resourceNames: - - {{ template "kube-state-metrics.fullname" . }} - resources: - - statefulsets - verbs: - - get - - list - - watch -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml deleted file mode 100644 index 73b37a4..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and .Values.autosharding.enabled .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "kube-state-metrics.serviceAccountName" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml deleted file mode 100644 index f46305b..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} -apiVersion: autoscaling.k8s.io/v1 -kind: VerticalPodAutoscaler -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} - labels: - {{- include "kube-state-metrics.labels" . | indent 4 }} -spec: - {{- with .Values.verticalPodAutoscaler.recommenders }} - recommenders: - {{- toYaml . | nindent 4 }} - {{- end }} - resourcePolicy: - containerPolicies: - - containerName: {{ template "kube-state-metrics.name" . }} - {{- with .Values.verticalPodAutoscaler.controlledResources }} - controlledResources: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.verticalPodAutoscaler.controlledValues }} - controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }} - {{- end }} - {{- if .Values.verticalPodAutoscaler.maxAllowed }} - maxAllowed: - {{ toYaml .Values.verticalPodAutoscaler.maxAllowed | nindent 8 }} - {{- end }} - {{- if .Values.verticalPodAutoscaler.minAllowed }} - minAllowed: - {{ toYaml .Values.verticalPodAutoscaler.minAllowed | nindent 8 }} - {{- end }} - targetRef: - apiVersion: apps/v1 - {{- if .Values.autosharding.enabled }} - kind: StatefulSet - {{- else }} - kind: Deployment - {{- end }} - name: {{ template "kube-state-metrics.fullname" . }} - {{- with .Values.verticalPodAutoscaler.updatePolicy }} - updatePolicy: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/values.yaml b/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/values.yaml deleted file mode 100644 index 25b1807..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/kube-state-metrics/values.yaml +++ /dev/null @@ -1,517 +0,0 @@ -# Default values for kube-state-metrics. -prometheusScrape: true -image: - registry: registry.k8s.io - repository: kube-state-metrics/kube-state-metrics - # If unset use v + .Charts.appVersion - tag: "" - sha: "" - pullPolicy: IfNotPresent - -imagePullSecrets: [] -# - name: "image-pull-secret" - -global: - # To help compatibility with other charts which use global.imagePullSecrets. - # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). - # global: - # imagePullSecrets: - # - name: pullSecret1 - # - name: pullSecret2 - # or - # global: - # imagePullSecrets: - # - pullSecret1 - # - pullSecret2 - imagePullSecrets: [] - # - # Allow parent charts to override registry hostname - imageRegistry: "" - -# If set to true, this will deploy kube-state-metrics as a StatefulSet and the data -# will be automatically sharded across <.Values.replicas> pods using the built-in -# autodiscovery feature: https://github.com/kubernetes/kube-state-metrics#automated-sharding -# This is an experimental feature and there are no stability guarantees. -autosharding: - enabled: false - -replicas: 1 - -# Change the deployment strategy when autosharding is disabled. -# ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy -# The default is "RollingUpdate" as per Kubernetes defaults. -# During a release, 'RollingUpdate' can lead to two running instances for a short period of time while 'Recreate' can create a small gap in data. -# updateStrategy: Recreate - -# Number of old history to retain to allow rollback -# Default Kubernetes value is set to 10 -revisionHistoryLimit: 10 - -# List of additional cli arguments to configure kube-state-metrics -# for example: --enable-gzip-encoding, --log-file, etc. -# all the possible args can be found here: https://github.com/kubernetes/kube-state-metrics/blob/master/docs/cli-arguments.md -extraArgs: [] - -service: - port: 8080 - # Default to clusterIP for backward compatibility - type: ClusterIP - ipDualStack: - enabled: false - ipFamilies: ["IPv6", "IPv4"] - ipFamilyPolicy: "PreferDualStack" - nodePort: 0 - loadBalancerIP: "" - # Only allow access to the loadBalancerIP from these IPs - loadBalancerSourceRanges: [] - clusterIP: "" - annotations: {} - -## Additional labels to add to all resources -customLabels: {} - # app: kube-state-metrics - -## Override selector labels -selectorOverride: {} - -## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box -releaseLabel: false - -hostNetwork: false - -rbac: - # If true, create & use RBAC resources - create: true - - # Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to it, rolename set here. - # useExistingRole: your-existing-role - - # If set to false - Run without Cluteradmin privs needed - ONLY works if namespace is also set (if useExistingRole is set this name is used as ClusterRole or Role to bind to) - useClusterRole: true - - # Add permissions for CustomResources' apiGroups in Role/ClusterRole. Should be used in conjunction with Custom Resource State Metrics configuration - # Example: - # - apiGroups: ["monitoring.coreos.com"] - # resources: ["prometheuses"] - # verbs: ["list", "watch"] - extraRules: [] - -# Configure kube-rbac-proxy. When enabled, creates one kube-rbac-proxy container per exposed HTTP endpoint (metrics and telemetry if enabled). -# The requests are served through the same service but requests are then HTTPS. -kubeRBACProxy: - enabled: false - image: - registry: quay.io - repository: brancz/kube-rbac-proxy - tag: v0.18.0 - sha: "" - pullPolicy: IfNotPresent - - # List of additional cli arguments to configure kube-rbac-prxy - # for example: --tls-cipher-suites, --log-file, etc. - # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage - extraArgs: [] - - ## Specify security settings for a Container - ## Allows overrides and additional options compared to (Pod) securityContext - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - - ## volumeMounts enables mounting custom volumes in rbac-proxy containers - ## Useful for TLS certificates and keys - volumeMounts: [] - # - mountPath: /etc/tls - # name: kube-rbac-proxy-tls - # readOnly: true - -serviceAccount: - # Specifies whether a ServiceAccount should be created, require rbac true - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - # Reference to one or more secrets to be used when pulling images - # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - imagePullSecrets: [] - # ServiceAccount annotations. - # Use case: AWS EKS IAM roles for service accounts - # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html - annotations: {} - -prometheus: - monitor: - enabled: false - annotations: {} - additionalLabels: {} - namespace: "" - namespaceSelector: [] - jobLabel: "" - targetLabels: [] - podTargetLabels: [] - ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. - ## - sampleLimit: 0 - - ## TargetLimit defines a limit on the number of scraped targets that will be accepted. - ## - targetLimit: 0 - - ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelLimit: 0 - - ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelNameLengthLimit: 0 - - ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelValueLengthLimit: 0 - selectorOverride: {} - - ## kube-state-metrics endpoint - http: - interval: "" - scrapeTimeout: "" - proxyUrl: "" - ## Whether to enable HTTP2 for servicemonitor - enableHttp2: false - honorLabels: false - metricRelabelings: [] - relabelings: [] - scheme: "" - ## File to read bearer token for scraping targets - bearerTokenFile: "" - ## Secret to mount to read bearer token for scraping targets. The secret needs - ## to be in the same namespace as the service monitor and accessible by the - ## Prometheus Operator - bearerTokenSecret: {} - # name: secret-name - # key: key-name - tlsConfig: {} - - ## selfMonitor endpoint - metrics: - interval: "" - scrapeTimeout: "" - proxyUrl: "" - ## Whether to enable HTTP2 for servicemonitor - enableHttp2: false - honorLabels: false - metricRelabelings: [] - relabelings: [] - scheme: "" - ## File to read bearer token for scraping targets - bearerTokenFile: "" - ## Secret to mount to read bearer token for scraping targets. The secret needs - ## to be in the same namespace as the service monitor and accessible by the - ## Prometheus Operator - bearerTokenSecret: {} - # name: secret-name - # key: key-name - tlsConfig: {} - -## Specify if a Pod Security Policy for kube-state-metrics must be created -## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ -## -podSecurityPolicy: - enabled: false - annotations: {} - ## Specify pod annotations - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl - ## - # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' - # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - - additionalVolumes: [] - -## Configure network policy for kube-state-metrics -networkPolicy: - enabled: false - # networkPolicy.flavor -- Flavor of the network policy to use. - # Can be: - # * kubernetes for networking.k8s.io/v1/NetworkPolicy - # * cilium for cilium.io/v2/CiliumNetworkPolicy - flavor: kubernetes - - ## Configure the cilium network policy kube-apiserver selector - # cilium: - # kubeApiServerSelector: - # - toEntities: - # - kube-apiserver - - # egress: - # - {} - # ingress: - # - {} - # podSelector: - # matchLabels: - # app.kubernetes.io/name: kube-state-metrics - -securityContext: - enabled: true - runAsGroup: 65534 - runAsUser: 65534 - fsGroup: 65534 - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - -## Specify security settings for a Container -## Allows overrides and additional options compared to (Pod) securityContext -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -containerSecurityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - -## Node labels for pod assignment -## Ref: https://kubernetes.io/docs/user-guide/node-selection/ -nodeSelector: {} - -## Affinity settings for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -affinity: {} - -## Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -tolerations: [] - -## Topology spread constraints for pod assignment -## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -topologySpreadConstraints: [] - -# Annotations to be added to the deployment/statefulset -annotations: {} - -# Annotations to be added to the pod -podAnnotations: {} - -## Assign a PriorityClassName to pods if set -# priorityClassName: "" - -# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -podDisruptionBudget: {} - -# Comma-separated list of metrics to be exposed. -# This list comprises of exact metric names and/or regex patterns. -# The allowlist and denylist are mutually exclusive. -metricAllowlist: [] - -# Comma-separated list of metrics not to be enabled. -# This list comprises of exact metric names and/or regex patterns. -# The allowlist and denylist are mutually exclusive. -metricDenylist: [] - -# Comma-separated list of additional Kubernetes label keys that will be used in the resource's -# labels metric. By default the metric contains only name and namespace labels. -# To include additional labels, provide a list of resource names in their plural form and Kubernetes -# label keys you would like to allow for them (Example: '=namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...)'. -# A single '*' can be provided per resource instead to allow any labels, but that has -# severe performance implications (Example: '=pods=[*]'). -metricLabelsAllowlist: [] - # - namespaces=[k8s-label-1,k8s-label-n] - -# Comma-separated list of Kubernetes annotations keys that will be used in the resource' -# labels metric. By default the metric contains only name and namespace labels. -# To include additional annotations provide a list of resource names in their plural form and Kubernetes -# annotation keys you would like to allow for them (Example: '=namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...)'. -# A single '*' can be provided per resource instead to allow any annotations, but that has -# severe performance implications (Example: '=pods=[*]'). -metricAnnotationsAllowList: [] - # - pods=[k8s-annotation-1,k8s-annotation-n] - -# Available collectors for kube-state-metrics. -# By default, all available resources are enabled, comment out to disable. -collectors: - - certificatesigningrequests - - configmaps - - cronjobs - - daemonsets - - deployments - - endpoints - - horizontalpodautoscalers - - ingresses - - jobs - - leases - - limitranges - - mutatingwebhookconfigurations - - namespaces - - networkpolicies - - nodes - - persistentvolumeclaims - - persistentvolumes - - poddisruptionbudgets - - pods - - replicasets - - replicationcontrollers - - resourcequotas - - secrets - - services - - statefulsets - - storageclasses - - validatingwebhookconfigurations - - volumeattachments - -# Enabling kubeconfig will pass the --kubeconfig argument to the container -kubeconfig: - enabled: false - # base64 encoded kube-config file - secret: - -# Enabling support for customResourceState, will create a configMap including your config that will be read from kube-state-metrics -customResourceState: - enabled: false - # Add (Cluster)Role permissions to list/watch the customResources defined in the config to rbac.extraRules - config: {} - -# Enable only the release namespace for collecting resources. By default all namespaces are collected. -# If releaseNamespace and namespaces are both set a merged list will be collected. -releaseNamespace: false - -# Comma-separated list(string) or yaml list of namespaces to be enabled for collecting resources. By default all namespaces are collected. -namespaces: "" - -# Comma-separated list of namespaces not to be enabled. If namespaces and namespaces-denylist are both set, -# only namespaces that are excluded in namespaces-denylist will be used. -namespacesDenylist: "" - -## Override the deployment namespace -## -namespaceOverride: "" - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - -## Provide a k8s version to define apiGroups for podSecurityPolicy Cluster Role. -## For example: kubeTargetVersionOverride: 1.14.9 -## -kubeTargetVersionOverride: "" - -# Enable self metrics configuration for service and Service Monitor -# Default values for telemetry configuration can be overridden -# If you set telemetryNodePort, you must also set service.type to NodePort -selfMonitor: - enabled: false - # telemetryHost: 0.0.0.0 - # telemetryPort: 8081 - # telemetryNodePort: 0 - -# Enable vertical pod autoscaler support for kube-state-metrics -verticalPodAutoscaler: - enabled: false - - # Recommender responsible for generating recommendation for the object. - # List should be empty (then the default recommender will generate the recommendation) - # or contain exactly one recommender. - # recommenders: [] - # - name: custom-recommender-performance - - # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory - controlledResources: [] - # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. - # controlledValues: RequestsAndLimits - - # Define the max allowed resources for the pod - maxAllowed: {} - # cpu: 200m - # memory: 100Mi - # Define the min allowed resources for the pod - minAllowed: {} - # cpu: 200m - # memory: 100Mi - - # updatePolicy: - # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction - # minReplicas: 1 - # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates - # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". - # updateMode: Auto - -# volumeMounts are used to add custom volume mounts to deployment. -# See example below -volumeMounts: [] -# - mountPath: /etc/config -# name: config-volume - -# volumes are used to add custom volumes to deployment -# See example below -volumes: [] -# - configMap: -# name: cm-for-volume -# name: config-volume - -# Extra manifests to deploy as an array -extraManifests: [] - # - apiVersion: v1 - # kind: ConfigMap - # metadata: - # labels: - # name: prometheus-extra - # data: - # extra-data: "value" - -## Containers allows injecting additional containers. -containers: [] - # - name: crd-init - # image: kiwigrid/k8s-sidecar:latest - -## InitContainers allows injecting additional initContainers. -initContainers: [] - # - name: crd-sidecar - # image: kiwigrid/k8s-sidecar:latest - -## Liveness probe -## -livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - -## Readiness probe -## -readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/.helmignore b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/.helmignore deleted file mode 100644 index f0c1319..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/Chart.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/Chart.yaml deleted file mode 100644 index 4123fd5..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/Chart.yaml +++ /dev/null @@ -1,25 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts -apiVersion: v2 -appVersion: 1.8.1 -description: A Helm chart for prometheus node-exporter -home: https://github.com/prometheus/node_exporter/ -keywords: -- node-exporter -- prometheus -- exporter -maintainers: -- email: gianrubio@gmail.com - name: gianrubio -- email: zanhsieh@gmail.com - name: zanhsieh -- email: rootsandtrees@posteo.de - name: zeritti -name: prometheus-node-exporter -sources: -- https://github.com/prometheus/node_exporter/ -type: application -version: 4.36.0 diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/README.md b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/README.md deleted file mode 100644 index ef83844..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/README.md +++ /dev/null @@ -1,96 +0,0 @@ -# Prometheus Node Exporter - -Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors. - -This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Install Chart - -```console -helm install [RELEASE_NAME] prometheus-community/prometheus-node-exporter -``` - -_See [configuration](#configuring) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### 3.x to 4.x - -Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade. - -```console -kubectl delete daemonset -l app=prometheus-node-exporter -helm upgrade -i prometheus-node-exporter prometheus-community/prometheus-node-exporter -``` - -If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels. - -### From 2.x to 3.x - -Change the following: - -```yaml -hostRootFsMount: true -``` - -to: - -```yaml -hostRootFsMount: - enabled: true - mountPropagation: HostToContainer -``` - -## Configuring - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: - -```console -helm show values prometheus-community/prometheus-node-exporter -``` - -### kube-rbac-proxy - -You can enable `prometheus-node-exporter` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy a RBAC proxy container protecting the node-exporter endpoint. -To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as: - -```yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: prometheus-node-exporter-read -rules: - - apiGroups: [ "" ] - resources: ["services/node-exporter-prometheus-node-exporter"] - verbs: - - get -``` - -See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details. diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/ci/port-values.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/ci/port-values.yaml deleted file mode 100644 index dbfb4b6..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/ci/port-values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -service: - targetPort: 9102 - port: 9102 diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/NOTES.txt b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/NOTES.txt deleted file mode 100644 index db8584d..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/NOTES.txt +++ /dev/null @@ -1,29 +0,0 @@ -1. Get the application URL by running these commands: -{{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:9100 to use your application" - kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME 9100 -{{- end }} - -{{- if .Values.kubeRBACProxy.enabled}} - -kube-rbac-proxy endpoint protections is enabled: -- Metrics endpoints is now HTTPS -- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions: -``` -rules: - - apiGroups: [ "" ] - resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"] - verbs: - - get -``` -{{- end }} \ No newline at end of file diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/_helpers.tpl b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/_helpers.tpl deleted file mode 100644 index 8e84832..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/_helpers.tpl +++ /dev/null @@ -1,202 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus-node-exporter.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus-node-exporter.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus-node-exporter.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "prometheus-node-exporter.labels" -}} -helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/component: metrics -app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }} -{{ include "prometheus-node-exporter.selectorLabels" . }} -{{- with .Chart.AppVersion }} -app.kubernetes.io/version: {{ . | quote }} -{{- end }} -{{- with .Values.podLabels }} -{{ toYaml . }} -{{- end }} -{{- if .Values.releaseLabel }} -release: {{ .Release.Name }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "prometheus-node-exporter.selectorLabels" -}} -app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - - -{{/* -Create the name of the service account to use -*/}} -{{- define "prometheus-node-exporter.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -The image to use -*/}} -{{- define "prometheus-node-exporter.image" -}} -{{- if .Values.image.sha }} -{{- fail "image.sha forbidden. Use image.digest instead" }} -{{- else if .Values.image.digest }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} -{{- else }} -{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }} -{{- end }} -{{- else }} -{{- if .Values.global.imageRegistry }} -{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- else }} -{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Allow the release namespace to be overridden for multi-namespace deployments in combined charts -*/}} -{{- define "prometheus-node-exporter.namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} - -{{/* -Create the namespace name of the service monitor -*/}} -{{- define "prometheus-node-exporter.monitor-namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- if .Values.prometheus.monitor.namespace }} -{{- .Values.prometheus.monitor.namespace }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} -{{- end }} - -{{/* Sets default scrape limits for servicemonitor */}} -{{- define "servicemonitor.scrapeLimits" -}} -{{- with .sampleLimit }} -sampleLimit: {{ . }} -{{- end }} -{{- with .targetLimit }} -targetLimit: {{ . }} -{{- end }} -{{- with .labelLimit }} -labelLimit: {{ . }} -{{- end }} -{{- with .labelNameLengthLimit }} -labelNameLengthLimit: {{ . }} -{{- end }} -{{- with .labelValueLengthLimit }} -labelValueLengthLimit: {{ . }} -{{- end }} -{{- end }} - -{{/* -Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets}) -*/}} -{{- define "prometheus-node-exporter.imagePullSecrets" -}} -{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }} - {{- if eq (typeOf .) "map[string]interface {}" }} -- {{ toYaml . | trim }} - {{- else }} -- name: {{ . }} - {{- end }} -{{- end }} -{{- end -}} - -{{/* -Create the namespace name of the pod monitor -*/}} -{{- define "prometheus-node-exporter.podmonitor-namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- if .Values.prometheus.podMonitor.namespace }} -{{- .Values.prometheus.podMonitor.namespace }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} -{{- end }} - -{{/* Sets default scrape limits for podmonitor */}} -{{- define "podmonitor.scrapeLimits" -}} -{{- with .sampleLimit }} -sampleLimit: {{ . }} -{{- end }} -{{- with .targetLimit }} -targetLimit: {{ . }} -{{- end }} -{{- with .labelLimit }} -labelLimit: {{ . }} -{{- end }} -{{- with .labelNameLengthLimit }} -labelNameLengthLimit: {{ . }} -{{- end }} -{{- with .labelValueLengthLimit }} -labelValueLengthLimit: {{ . }} -{{- end }} -{{- end }} - -{{/* Sets sidecar volumeMounts */}} -{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}} -{{- range $_, $mount := $.Values.sidecarVolumeMount }} -- name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} -{{- end }} -{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }} -- name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} -{{- if $mount.mountPropagation }} - mountPropagation: {{ $mount.mountPropagation }} -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrole.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrole.yaml deleted file mode 100644 index c256dba..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrole.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -rules: - {{- if $.Values.kubeRBACProxy.enabled }} - - apiGroups: [ "authentication.k8s.io" ] - resources: - - tokenreviews - verbs: [ "create" ] - - apiGroups: [ "authorization.k8s.io" ] - resources: - - subjectaccessreviews - verbs: [ "create" ] - {{- end }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml deleted file mode 100644 index 653305a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - name: {{ template "prometheus-node-exporter.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole -{{- if .Values.rbac.useExistingRole }} - name: {{ .Values.rbac.useExistingRole }} -{{- else }} - name: {{ template "prometheus-node-exporter.fullname" . }} -{{- end }} -subjects: -- kind: ServiceAccount - name: {{ template "prometheus-node-exporter.serviceAccountName" . }} - namespace: {{ template "prometheus-node-exporter.namespace" . }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/daemonset.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/daemonset.yaml deleted file mode 100644 index 23896a2..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/daemonset.yaml +++ /dev/null @@ -1,311 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.daemonsetAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- with .Values.updateStrategy }} - updateStrategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 8 }} - spec: - automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }} - {{- with .Values.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} - {{- with .Values.extraInitContainers }} - initContainers: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }} - {{- with .Values.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ . }} - {{- end }} - containers: - {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }} - - name: node-exporter - image: {{ include "prometheus-node-exporter.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --path.procfs=/host/proc - - --path.sysfs=/host/sys - {{- if .Values.hostRootFsMount.enabled }} - - --path.rootfs=/host/root - {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }} - - --path.udev.data=/host/root/run/udev/data - {{- end }} - {{- end }} - - --web.listen-address=[$(HOST_IP)]:{{ $servicePort }} - {{- with .Values.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - - name: HOST_IP - {{- if .Values.kubeRBACProxy.enabled }} - value: 127.0.0.1 - {{- else if .Values.service.listenOnAllInterfaces }} - value: 0.0.0.0 - {{- else }} - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - {{- end }} - {{- range $key, $value := .Values.env }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - {{- if eq .Values.kubeRBACProxy.enabled false }} - ports: - - name: {{ .Values.service.portName }} - containerPort: {{ .Values.service.port }} - protocol: TCP - {{- end }} - livenessProbe: - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - httpGet: - {{- if .Values.kubeRBACProxy.enabled }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: / - port: {{ $servicePort }} - scheme: {{ upper .Values.livenessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - readinessProbe: - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - httpGet: - {{- if .Values.kubeRBACProxy.enabled }} - host: 127.0.0.1 - {{- end }} - httpHeaders: - {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }} - - name: {{ $header.name }} - value: {{ $header.value }} - {{- end }} - path: / - port: {{ $servicePort }} - scheme: {{ upper .Values.readinessProbe.httpGet.scheme }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.terminationMessageParams.enabled }} - {{- with .Values.terminationMessageParams }} - terminationMessagePath: {{ .terminationMessagePath }} - terminationMessagePolicy: {{ .terminationMessagePolicy }} - {{- end }} - {{- end }} - volumeMounts: - - name: proc - mountPath: /host/proc - {{- with .Values.hostProcFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - - name: sys - mountPath: /host/sys - {{- with .Values.hostSysFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - {{- if .Values.hostRootFsMount.enabled }} - - name: root - mountPath: /host/root - {{- with .Values.hostRootFsMount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - readOnly: true - {{- end }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} - {{- with $mount.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - {{- end }} - {{- range $_, $mount := .Values.sidecarVolumeMount }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: true - {{- end }} - {{- range $_, $mount := .Values.configmaps }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - {{- end }} - {{- range $_, $mount := .Values.secrets }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - {{- end }} - {{- range .Values.sidecars }} - {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }} - {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }} - - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }} - {{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - name: kube-rbac-proxy - args: - {{- if .Values.kubeRBACProxy.extraArgs }} - {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }} - {{- end }} - - --secure-listen-address=:{{ .Values.service.port}} - - --upstream=http://127.0.0.1:{{ $servicePort }}/ - - --proxy-endpoints-port={{ .Values.kubeRBACProxy.proxyEndpointsPort }} - - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml - volumeMounts: - - name: kube-rbac-proxy-config - mountPath: /etc/kube-rbac-proxy-config - imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }} - {{- if .Values.kubeRBACProxy.image.sha }} - image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}" - {{- else }} - image: "{{ .Values.global.imageRegistry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}" - {{- end }} - ports: - - containerPort: {{ .Values.service.port}} - name: {{ .Values.kubeRBACProxy.portName }} - {{- if .Values.kubeRBACProxy.enableHostPort }} - hostPort: {{ .Values.service.port }} - {{- end }} - - containerPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - {{- if .Values.kubeRBACProxy.enableProxyEndpointsHostPort }} - hostPort: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - {{- end }} - name: "http-healthz" - readinessProbe: - httpGet: - scheme: HTTPS - port: {{ .Values.kubeRBACProxy.proxyEndpointsPort }} - path: healthz - initialDelaySeconds: 5 - timeoutSeconds: 5 - {{- if .Values.kubeRBACProxy.resources }} - resources: - {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }} - {{- end }} - {{- if .Values.terminationMessageParams.enabled }} - {{- with .Values.terminationMessageParams }} - terminationMessagePath: {{ .terminationMessagePath }} - terminationMessagePolicy: {{ .terminationMessagePolicy }} - {{- end }} - {{- end }} - {{- with .Values.kubeRBACProxy.env }} - env: - {{- range $key, $value := $.Values.kubeRBACProxy.env }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - {{- end }} - {{- if .Values.kubeRBACProxy.containerSecurityContext }} - securityContext: - {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }} - {{- end }} - {{- end }} - {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }} - {{- end }} - hostNetwork: {{ .Values.hostNetwork }} - hostPID: {{ .Values.hostPID }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.restartPolicy }} - restartPolicy: {{ . }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: proc - hostPath: - path: /proc - - name: sys - hostPath: - path: /sys - {{- if .Values.hostRootFsMount.enabled }} - - name: root - hostPath: - path: / - {{- end }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - hostPath: - path: {{ $mount.hostPath }} - {{- with $mount.type }} - type: {{ . }} - {{- end }} - {{- end }} - {{- range $_, $mount := .Values.sidecarVolumeMount }} - - name: {{ $mount.name }} - emptyDir: - medium: Memory - {{- end }} - {{- range $_, $mount := .Values.sidecarHostVolumeMounts }} - - name: {{ $mount.name }} - hostPath: - path: {{ $mount.hostPath }} - {{- end }} - {{- range $_, $mount := .Values.configmaps }} - - name: {{ $mount.name }} - configMap: - name: {{ $mount.name }} - {{- end }} - {{- range $_, $mount := .Values.secrets }} - - name: {{ $mount.name }} - secret: - secretName: {{ $mount.name }} - {{- end }} - {{- if .Values.kubeRBACProxy.enabled }} - - name: kube-rbac-proxy-config - configMap: - name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config - {{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/endpoints.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/endpoints.yaml deleted file mode 100644 index 45eeb8d..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/endpoints.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.endpoints }} -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -subsets: - - addresses: - {{- range .Values.endpoints }} - - ip: {{ . }} - {{- end }} - ports: - - name: {{ .Values.service.portName }} - port: 9100 - protocol: TCP -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/extra-manifests.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/extra-manifests.yaml deleted file mode 100644 index 2b21b71..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraManifests }} ---- -{{ tpl . $ }} -{{ end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/networkpolicy.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/networkpolicy.yaml deleted file mode 100644 index 8257227..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/networkpolicy.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - ingress: - - ports: - - port: {{ .Values.service.port }} - policyTypes: - - Egress - - Ingress - podSelector: - matchLabels: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/podmonitor.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/podmonitor.yaml deleted file mode 100644 index f88da6a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/podmonitor.yaml +++ /dev/null @@ -1,91 +0,0 @@ -{{- if .Values.prometheus.podMonitor.enabled }} -apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }} -kind: PodMonitor -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.prometheus.podMonitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }} - {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }} - selector: - matchLabels: - {{- with .Values.prometheus.podMonitor.selectorOverride }} - {{- toYaml . | nindent 6 }} - {{- else }} - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ include "prometheus-node-exporter.namespace" . }} - {{- with .Values.prometheus.podMonitor.attachMetadata }} - attachMetadata: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.podTargetLabels }} - podTargetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} - podMetricsEndpoints: - - port: {{ .Values.service.portName }} - {{- with .Values.prometheus.podMonitor.scheme }} - scheme: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.path }} - path: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.basicAuth }} - basicAuth: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.bearerTokenSecret }} - bearerTokenSecret: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.authorization }} - authorization: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.oauth2 }} - oauth2: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.proxyUrl }} - proxyUrl: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.honorTimestamps }} - honorTimestamps: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.honorLabels }} - honorLabels: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - {{- with .Values.prometheus.podMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.podMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }} - filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }} - followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }} - {{- with .Values.prometheus.podMonitor.params }} - params: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml deleted file mode 100644 index 8957317..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: psp-{{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -rules: -- apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ include "prometheus-node-exporter.fullname" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml deleted file mode 100644 index 3333701..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: psp-{{ include "prometheus-node-exporter.fullname" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: psp-{{ include "prometheus-node-exporter.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp.yaml deleted file mode 100644 index 4896c84..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/psp.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.rbac.pspAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - privileged: false - # Allow core volume types. - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - - 'hostPath' - hostNetwork: true - hostIPC: false - hostPID: true - hostPorts: - - min: 0 - max: 65535 - runAsUser: - # Permits the container to run with root privileges as well. - rule: 'RunAsAny' - seLinux: - # This policy assumes the nodes are using AppArmor rather than SELinux. - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Allow adding the root group. - - min: 0 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Allow adding the root group. - - min: 0 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/rbac-configmap.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/rbac-configmap.yaml deleted file mode 100644 index 814e110..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/rbac-configmap.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.kubeRBACProxy.enabled}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config - namespace: {{ include "prometheus-node-exporter.namespace" . }} -data: - config-file.yaml: |+ - authorization: - resourceAttributes: - namespace: {{ template "prometheus-node-exporter.namespace" . }} - apiVersion: v1 - resource: services - subresource: {{ template "prometheus-node-exporter.fullname" . }} - name: {{ template "prometheus-node-exporter.fullname" . }} -{{- end }} \ No newline at end of file diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/service.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/service.yaml deleted file mode 100644 index 8308b7b..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" $ | nindent 4 }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.service.ipDualStack.enabled }} - ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} - ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} -{{- end }} -{{- if .Values.service.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} -{{- end }} - type: {{ .Values.service.type }} -{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} - clusterIP: "{{ .Values.service.clusterIP }}" -{{- end }} - ports: - - port: {{ .Values.service.port }} - {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - targetPort: {{ .Values.service.targetPort }} - protocol: TCP - name: {{ .Values.service.portName }} - selector: - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/serviceaccount.yaml deleted file mode 100644 index 5c3348c..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and .Values.rbac.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "prometheus-node-exporter.serviceAccountName" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }} -{{- end }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/servicemonitor.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/servicemonitor.yaml deleted file mode 100644 index 0d7a42e..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/servicemonitor.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.prometheus.monitor.enabled }} -apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }} -kind: ServiceMonitor -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} - {{- with .Values.prometheus.monitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }} - {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }} - {{- with .Values.prometheus.monitor.podTargetLabels }} - podTargetLabels: - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - matchLabels: - {{- with .Values.prometheus.monitor.selectorOverride }} - {{- toYaml . | nindent 6 }} - {{- else }} - {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }} - {{- end }} - {{- with .Values.prometheus.monitor.attachMetadata }} - attachMetadata: - {{- toYaml . | nindent 4 }} - {{- end }} - endpoints: - - port: {{ .Values.service.portName }} - scheme: {{ .Values.prometheus.monitor.scheme }} - {{- with .Values.prometheus.monitor.basicAuth }} - basicAuth: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.bearerTokenFile }} - bearerTokenFile: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.tlsConfig }} - tlsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.proxyUrl }} - proxyUrl: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - {{- with .Values.prometheus.monitor.relabelings }} - relabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.prometheus.monitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml deleted file mode 100644 index 2c2705f..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} -apiVersion: autoscaling.k8s.io/v1 -kind: VerticalPodAutoscaler -metadata: - name: {{ include "prometheus-node-exporter.fullname" . }} - namespace: {{ include "prometheus-node-exporter.namespace" . }} - labels: - {{- include "prometheus-node-exporter.labels" . | nindent 4 }} -spec: - {{- with .Values.verticalPodAutoscaler.recommenders }} - recommenders: - {{- toYaml . | nindent 4 }} - {{- end }} - resourcePolicy: - containerPolicies: - - containerName: node-exporter - {{- with .Values.verticalPodAutoscaler.controlledResources }} - controlledResources: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.controlledValues }} - controlledValues: {{ . }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.maxAllowed }} - maxAllowed: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.verticalPodAutoscaler.minAllowed }} - minAllowed: - {{- toYaml . | nindent 8 }} - {{- end }} - targetRef: - apiVersion: apps/v1 - kind: DaemonSet - name: {{ include "prometheus-node-exporter.fullname" . }} - {{- with .Values.verticalPodAutoscaler.updatePolicy }} - updatePolicy: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/values.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/values.yaml deleted file mode 100644 index 1323567..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-node-exporter/values.yaml +++ /dev/null @@ -1,533 +0,0 @@ -# Default values for prometheus-node-exporter. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -image: - registry: quay.io - repository: prometheus/node-exporter - # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }} - tag: "" - pullPolicy: IfNotPresent - digest: "" - -imagePullSecrets: [] -# - name: "image-pull-secret" -nameOverride: "" -fullnameOverride: "" - -# Number of old history to retain to allow rollback -# Default Kubernetes value is set to 10 -revisionHistoryLimit: 10 - -global: - # To help compatibility with other charts which use global.imagePullSecrets. - # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style). - # global: - # imagePullSecrets: - # - name: pullSecret1 - # - name: pullSecret2 - # or - # global: - # imagePullSecrets: - # - pullSecret1 - # - pullSecret2 - imagePullSecrets: [] - # - # Allow parent charts to override registry hostname - imageRegistry: "" - -# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint. -# The requests are served through the same service but requests are HTTPS. -kubeRBACProxy: - enabled: false - ## Set environment variables as name/value pairs - env: {} - # VARIABLE: value - image: - registry: quay.io - repository: brancz/kube-rbac-proxy - tag: v0.18.0 - sha: "" - pullPolicy: IfNotPresent - - # List of additional cli arguments to configure kube-rbac-proxy - # for example: --tls-cipher-suites, --log-file, etc. - # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage - extraArgs: [] - - ## Specify security settings for a Container - ## Allows overrides and additional options compared to (Pod) securityContext - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - - # Specify the port used for the Node exporter container (upstream port) - port: 8100 - # Specify the name of the container port - portName: http - # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port. - enableHostPort: false - - # Configure Proxy Endpoints Port - # This is the port being probed for readiness - proxyEndpointsPort: 8888 - # Configure a hostPort. If true, hostPort will be enabled in the container and set to proxyEndpointsPort. - enableProxyEndpointsHostPort: false - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - -service: - enabled: true - type: ClusterIP - clusterIP: "" - port: 9100 - targetPort: 9100 - nodePort: - portName: metrics - listenOnAllInterfaces: true - annotations: - prometheus.io/scrape: "true" - ipDualStack: - enabled: false - ipFamilies: ["IPv6", "IPv4"] - ipFamilyPolicy: "PreferDualStack" - externalTrafficPolicy: "" - -# Set a NetworkPolicy with: -# ingress only on service.port -# no egress permitted -networkPolicy: - enabled: false - -# Additional environment variables that will be passed to the daemonset -env: {} -## env: -## VARIABLE: value - -prometheus: - monitor: - enabled: false - additionalLabels: {} - namespace: "" - - jobLabel: "" - - # List of pod labels to add to node exporter metrics - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor - podTargetLabels: [] - - scheme: http - basicAuth: {} - bearerTokenFile: - tlsConfig: {} - - ## proxyUrl: URL of a proxy that should be used for scraping. - ## - proxyUrl: "" - - ## Override serviceMonitor selector - ## - selectorOverride: {} - - ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. - ## - attachMetadata: - node: false - - relabelings: [] - metricRelabelings: [] - interval: "" - scrapeTimeout: 10s - ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1") - apiVersion: "" - - ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. - ## - sampleLimit: 0 - - ## TargetLimit defines a limit on the number of scraped targets that will be accepted. - ## - targetLimit: 0 - - ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelLimit: 0 - - ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelNameLengthLimit: 0 - - ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. - ## - labelValueLengthLimit: 0 - - # PodMonitor defines monitoring for a set of pods. - # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor - # Using a PodMonitor may be preferred in some environments where there is very large number - # of Node Exporter endpoints (1000+) behind a single service. - # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor, - # the time series resulting from the configuration through PodMonitor may have different labels. - # For instance, there will not be the service label any longer which might - # affect PromQL queries selecting that label. - podMonitor: - enabled: false - # Namespace in which to deploy the pod monitor. Defaults to the release namespace. - namespace: "" - # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus - additionalLabels: {} - # release: kube-prometheus-stack - # PodTargetLabels transfers labels of the Kubernetes Pod onto the target. - podTargetLabels: [] - # apiVersion defaults to monitoring.coreos.com/v1. - apiVersion: "" - # Override pod selector to select pod objects. - selectorOverride: {} - # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above. - attachMetadata: - node: false - # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name. - jobLabel: "" - - # Scheme/protocol to use for scraping. - scheme: "http" - # Path to scrape metrics at. - path: "/metrics" - - # BasicAuth allow an endpoint to authenticate over basic authentication. - # More info: https://prometheus.io/docs/operating/configuration/#endpoint - basicAuth: {} - # Secret to mount to read bearer token for scraping targets. - # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator. - # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core - bearerTokenSecret: {} - # TLS configuration to use when scraping the endpoint. - tlsConfig: {} - # Authorization section for this endpoint. - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization - authorization: {} - # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. - # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2 - oauth2: {} - - # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint. - proxyUrl: "" - # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used. - interval: "" - # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used. - scrapeTimeout: "" - # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data. - honorTimestamps: true - # HonorLabels chooses the metric’s labels on collisions with target labels. - honorLabels: true - # Whether to enable HTTP2. Default false. - enableHttp2: "" - # Drop pods that are not running. (Failed, Succeeded). - # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase - filterRunning: "" - # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false. - followRedirects: "" - # Optional HTTP URL parameters - params: {} - - # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds - # relabelings for a few standard Kubernetes fields. The original scrape job’s name - # is available via the __tmp_prometheus_job_name label. - # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config - relabelings: [] - # MetricRelabelConfigs to apply to samples before ingestion. - metricRelabelings: [] - - # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. - sampleLimit: 0 - # TargetLimit defines a limit on the number of scraped targets that will be accepted. - targetLimit: 0 - # Per-scrape limit on number of labels that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelLimit: 0 - # Per-scrape limit on length of labels name that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelNameLengthLimit: 0 - # Per-scrape limit on length of labels value that will be accepted for a sample. - # Only valid in Prometheus versions 2.27.0 and newer. - labelValueLengthLimit: 0 - -## Customize the updateStrategy if set -updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 200m - # memory: 50Mi - # requests: - # cpu: 100m - # memory: 30Mi - -# Specify the container restart policy passed to the Node Export container -# Possible Values: Always (default)|OnFailure|Never -restartPolicy: null - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - annotations: {} - imagePullSecrets: [] - automountServiceAccountToken: false - -securityContext: - fsGroup: 65534 - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - -containerSecurityContext: - readOnlyRootFilesystem: true - # capabilities: - # add: - # - SYS_TIME - -rbac: - ## If true, create & use RBAC resources - ## - create: true - ## If true, create & use Pod Security Policy resources - ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ - pspEnabled: true - pspAnnotations: {} - -# for deployments that have node_exporter deployed outside of the cluster, list -# their addresses here -endpoints: [] - -# Expose the service to the host network -hostNetwork: true - -# Share the host process ID namespace -hostPID: true - -# Mount the node's root file system (/) at /host/root in the container -hostRootFsMount: - enabled: true - # Defines how new mounts in existing mounts on the node or in the container - # are propagated to the container or node, respectively. Possible values are - # None, HostToContainer, and Bidirectional. If this field is omitted, then - # None is used. More information on: - # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation - mountPropagation: HostToContainer - -# Mount the node's proc file system (/proc) at /host/proc in the container -hostProcFsMount: - # Possible values are None, HostToContainer, and Bidirectional - mountPropagation: "" - -# Mount the node's sys file system (/sys) at /host/sys in the container -hostSysFsMount: - # Possible values are None, HostToContainer, and Bidirectional - mountPropagation: "" - -## Assign a group of affinity scheduling rules -## -affinity: {} -# nodeAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# nodeSelectorTerms: -# - matchFields: -# - key: metadata.name -# operator: In -# values: -# - target-host-name - -# Annotations to be added to node exporter pods -podAnnotations: - # Fix for very slow GKE cluster upgrades - cluster-autoscaler.kubernetes.io/safe-to-evict: "true" - -# Extra labels to be added to node exporter pods -podLabels: {} - -# Annotations to be added to node exporter daemonset -daemonsetAnnotations: {} - -## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box -releaseLabel: false - -# Custom DNS configuration to be added to prometheus-node-exporter pods -dnsConfig: {} -# nameservers: -# - 1.2.3.4 -# searches: -# - ns1.svc.cluster-domain.example -# - my.dns.search.suffix -# options: -# - name: ndots -# value: "2" -# - name: edns0 - -## Assign a nodeSelector if operating a hybrid cluster -## -nodeSelector: - kubernetes.io/os: linux - # kubernetes.io/arch: amd64 - -# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified -terminationGracePeriodSeconds: null - -tolerations: - - effect: NoSchedule - operator: Exists - -# Enable or disable container termination message settings -# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/ -terminationMessageParams: - enabled: false - # If enabled, specify the path for termination messages - terminationMessagePath: /dev/termination-log - # If enabled, specify the policy for termination messages - terminationMessagePolicy: File - - -## Assign a PriorityClassName to pods if set -# priorityClassName: "" - -## Additional container arguments -## -extraArgs: [] -# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$ -# - --collector.textfile.directory=/run/prometheus - -## Additional mounts from the host to node-exporter container -## -extraHostVolumeMounts: [] -# - name: -# hostPath: -# https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types -# type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice -# mountPath: -# readOnly: true|false -# mountPropagation: None|HostToContainer|Bidirectional - -## Additional configmaps to be mounted. -## -configmaps: [] -# - name: -# mountPath: -secrets: [] -# - name: -# mountPath: -## Override the deployment namespace -## -namespaceOverride: "" - -## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container -## -sidecars: [] -# - name: nvidia-dcgm-exporter -# image: nvidia/dcgm-exporter:1.4.3 -# volumeMounts: -# - name: tmp -# mountPath: /tmp - -## Volume for sidecar containers -## -sidecarVolumeMount: [] -# - name: collector-textfiles -# mountPath: /run/prometheus -# readOnly: false - -## Additional mounts from the host to sidecar containers -## -sidecarHostVolumeMounts: [] -# - name: -# hostPath: -# mountPath: -# readOnly: true|false -# mountPropagation: None|HostToContainer|Bidirectional - -## Additional InitContainers to initialize the pod -## -extraInitContainers: [] - -## Liveness probe -## -livenessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 0 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - -## Readiness probe -## -readinessProbe: - failureThreshold: 3 - httpGet: - httpHeaders: [] - scheme: http - initialDelaySeconds: 0 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - -# Enable vertical pod autoscaler support for prometheus-node-exporter -verticalPodAutoscaler: - enabled: false - - # Recommender responsible for generating recommendation for the object. - # List should be empty (then the default recommender will generate the recommendation) - # or contain exactly one recommender. - # recommenders: - # - name: custom-recommender-performance - - # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory - controlledResources: [] - # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. - # controlledValues: RequestsAndLimits - - # Define the max allowed resources for the pod - maxAllowed: {} - # cpu: 200m - # memory: 100Mi - # Define the min allowed resources for the pod - minAllowed: {} - # cpu: 200m - # memory: 100Mi - - # updatePolicy: - # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction - # minReplicas: 1 - # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates - # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". - # updateMode: Auto - -# Extra manifests to deploy as an array -extraManifests: [] - # - | - # apiVersion: v1 - # kind: ConfigMap - # metadata: - # name: prometheus-extra - # data: - # extra-data: "value" - -# Override version of app, required if image.tag is defined and does not follow semver -version: "" diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/.helmignore b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/.helmignore deleted file mode 100644 index e90c9f6..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/.helmignore +++ /dev/null @@ -1,24 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj - -# OWNERS file for Kubernetes -OWNERS \ No newline at end of file diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/Chart.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/Chart.yaml deleted file mode 100644 index 06e897e..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -annotations: - artifacthub.io/license: Apache-2.0 - artifacthub.io/links: | - - name: Chart Source - url: https://github.com/prometheus-community/helm-charts -apiVersion: v2 -appVersion: v1.8.0 -description: A Helm chart for prometheus pushgateway -home: https://github.com/prometheus/pushgateway -keywords: -- pushgateway -- prometheus -maintainers: -- email: gianrubio@gmail.com - name: gianrubio -- email: christian.staude@staffbase.com - name: cstaud -- email: rootsandtrees@posteo.de - name: zeritti -name: prometheus-pushgateway -sources: -- https://github.com/prometheus/pushgateway -type: application -version: 2.13.0 diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/README.md b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/README.md deleted file mode 100644 index cc6645f..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/README.md +++ /dev/null @@ -1,88 +0,0 @@ -# Prometheus Pushgateway - -This chart bootstraps a Prometheus [Pushgateway](http://github.com/prometheus/pushgateway) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -An optional prometheus `ServiceMonitor` can be enabled, should you wish to use this gateway with [Prometheus Operator](https://github.com/coreos/prometheus-operator). - -## Get Repository Info - -```console -helm repo add prometheus-community https://prometheus-community.github.io/helm-charts -helm repo update -``` - -_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ - -## Install Chart - -```console -helm install [RELEASE_NAME] prometheus-community/prometheus-pushgateway -``` - -_See [configuration](#configuration) below._ - -_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ - -## Uninstall Chart - -```console -helm uninstall [RELEASE_NAME] -``` - -This removes all the Kubernetes components associated with the chart and deletes the release. - -_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ - -## Upgrading Chart - -```console -helm upgrade [RELEASE_NAME] prometheus-community/prometheus-pushgateway --install -``` - -_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ - -### To 2.0.0 - -Chart API version has been upgraded to v2 so Helm 3 is needed from now on. - -Docker image tag is used from Chart.yaml appVersion field by default now. - -Version 2.0.0 also adapted [Helm label and annotation best practices](https://helm.sh/docs/chart_best_practices/labels/). Specifically, labels mapping is listed below: - -```console -OLD => NEW ----------------------------------------- -heritage => app.kubernetes.io/managed-by -chart => helm.sh/chart -[container version] => app.kubernetes.io/version -app => app.kubernetes.io/name -release => app.kubernetes.io/instance -``` - -Therefore, depending on the way you've configured the chart, the previous StatefulSet or Deployment need to be deleted before upgrade. - -If `runAsStatefulSet: false` (this is the default): - -```console -kubectl delete deploy -l app=prometheus-pushgateway -``` - -If `runAsStatefulSet: true`: - -```console -kubectl delete sts -l app=prometheus-pushgateway -``` - -After that do the actual upgrade: - -```console -helm upgrade -i prometheus-pushgateway prometheus-community/prometheus-pushgateway -``` - -## Configuration - -See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: - -```console -helm show values prometheus-community/prometheus-pushgateway -``` diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/NOTES.txt b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/NOTES.txt deleted file mode 100644 index 263b1d8..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/NOTES.txt +++ /dev/null @@ -1,19 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-pushgateway.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-pushgateway.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-pushgateway.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-pushgateway.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-pushgateway.namespace" . }} {{ template "prometheus-pushgateway.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-pushgateway.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-pushgateway.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - kubectl port-forward $POD_NAME 9091 - echo "Visit http://127.0.0.1:9091 to use your application" -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/_helpers.tpl b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/_helpers.tpl deleted file mode 100644 index dcd42ff..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/_helpers.tpl +++ /dev/null @@ -1,304 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus-pushgateway.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Namespace to set on the resources -*/}} -{{- define "prometheus-pushgateway.namespace" -}} - {{- if .Values.namespaceOverride -}} - {{- .Values.namespaceOverride -}} - {{- else -}} - {{- .Release.Namespace -}} - {{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus-pushgateway.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus-pushgateway.chart" -}} -{{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "prometheus-pushgateway.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "prometheus-pushgateway.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create default labels -*/}} -{{- define "prometheus-pushgateway.defaultLabels" -}} -helm.sh/chart: {{ include "prometheus-pushgateway.chart" . }} -{{ include "prometheus-pushgateway.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.podLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "prometheus-pushgateway.selectorLabels" -}} -app.kubernetes.io/name: {{ include "prometheus-pushgateway.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "prometheus-pushgateway.networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion }} -{{- print "extensions/v1beta1" }} -{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion }} -{{- print "networking.k8s.io/v1" }} -{{- end }} -{{- end }} - -{{/* -Define PDB apiVersion -*/}} -{{- define "prometheus-pushgateway.pdb.apiVersion" -}} -{{- if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} -{{- print "policy/v1" }} -{{- else }} -{{- print "policy/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Define Ingress apiVersion -*/}} -{{- define "prometheus-pushgateway.ingress.apiVersion" -}} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }} -{{- print "networking.k8s.io/v1" }} -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }} -{{- print "networking.k8s.io/v1beta1" }} -{{- else }} -{{- print "extensions/v1beta1" }} -{{- end }} -{{- end }} - -{{/* -Define webConfiguration -*/}} -{{- define "prometheus-pushgateway.webConfiguration" -}} -basic_auth_users: -{{- range $k, $v := .Values.webConfiguration.basicAuthUsers }} - {{ $k }}: {{ htpasswd "" $v | trimPrefix ":"}} -{{- end }} -{{- end }} - -{{/* -Define Authorization -*/}} -{{- define "prometheus-pushgateway.Authorization" -}} -{{- $users := keys .Values.webConfiguration.basicAuthUsers }} -{{- $user := first $users }} -{{- $password := index .Values.webConfiguration.basicAuthUsers $user }} -{{- $user }}:{{ $password }} -{{- end }} - -{{/* -Returns pod spec -*/}} -{{- define "prometheus-pushgateway.podSpec" -}} -serviceAccountName: {{ include "prometheus-pushgateway.serviceAccountName" . }} -automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} -{{- with .Values.priorityClassName }} -priorityClassName: {{ . | quote }} -{{- end }} -{{- with .Values.hostAliases }} -hostAliases: -{{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.imagePullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.extraInitContainers }} -initContainers: - {{- toYaml . | nindent 2 }} -{{- end }} -containers: - {{- with .Values.extraContainers }} - {{- toYaml . | nindent 2 }} - {{- end }} - - name: pushgateway - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- with .Values.extraVars }} - env: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- if or .Values.extraArgs .Values.webConfiguration }} - args: - {{- with .Values.extraArgs }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .Values.webConfiguration }} - - --web.config.file=/etc/config/web-config.yaml - {{- end }} - {{- end }} - ports: - - name: metrics - containerPort: 9091 - protocol: TCP - {{- if .Values.liveness.enabled }} - {{- $livenessCommon := omit .Values.liveness.probe "httpGet" }} - livenessProbe: - {{- with .Values.liveness.probe }} - httpGet: - path: {{ .httpGet.path }} - port: {{ .httpGet.port }} - {{- if or .httpGet.httpHeaders $.Values.webConfiguration.basicAuthUsers }} - httpHeaders: - {{- if $.Values.webConfiguration.basicAuthUsers }} - - name: Authorization - value: Basic {{ include "prometheus-pushgateway.Authorization" $ | b64enc }} - {{- end }} - {{- with .httpGet.httpHeaders }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} - {{- toYaml $livenessCommon | nindent 6 }} - {{- end }} - {{- end }} - {{- if .Values.readiness.enabled }} - {{- $readinessCommon := omit .Values.readiness.probe "httpGet" }} - readinessProbe: - {{- with .Values.readiness.probe }} - httpGet: - path: {{ .httpGet.path }} - port: {{ .httpGet.port }} - {{- if or .httpGet.httpHeaders $.Values.webConfiguration.basicAuthUsers }} - httpHeaders: - {{- if $.Values.webConfiguration.basicAuthUsers }} - - name: Authorization - value: Basic {{ include "prometheus-pushgateway.Authorization" $ | b64enc }} - {{- end }} - {{- with .httpGet.httpHeaders }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} - {{- toYaml $readinessCommon | nindent 6 }} - {{- end }} - {{- end }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 6 }} - {{- end }} - volumeMounts: - - name: storage-volume - mountPath: "{{ .Values.persistentVolume.mountPath }}" - subPath: "{{ .Values.persistentVolume.subPath }}" - {{- if .Values.webConfiguration }} - - name: web-config - mountPath: "/etc/config" - {{- end }} - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 6 }} - {{- end }} -{{- with .Values.nodeSelector }} -nodeSelector: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.tolerations }} -tolerations: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- if or .Values.podAntiAffinity .Values.affinity }} -affinity: -{{- end }} - {{- with .Values.affinity }} - {{- toYaml . | nindent 2 }} - {{- end }} - {{- if eq .Values.podAntiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: {{ .Values.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ include "prometheus-pushgateway.name" . }}]} - {{- else if eq .Values.podAntiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: {{ .Values.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ include "prometheus-pushgateway.name" . }}]} - {{- end }} -{{- with .Values.topologySpreadConstraints }} -topologySpreadConstraints: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- with .Values.securityContext }} -securityContext: - {{- toYaml . | nindent 2 }} -{{- end }} -volumes: - {{- $storageVolumeAsPVCTemplate := and .Values.runAsStatefulSet .Values.persistentVolume.enabled -}} - {{- if not $storageVolumeAsPVCTemplate }} - - name: storage-volume - {{- if .Values.persistentVolume.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.persistentVolume.existingClaim }}{{ .Values.persistentVolume.existingClaim }}{{- else }}{{ include "prometheus-pushgateway.fullname" . }}{{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.webConfiguration }} - - name: web-config - secret: - secretName: {{ include "prometheus-pushgateway.fullname" . }} - {{- end }} - {{- end }} - {{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 2 }} - {{- else if $storageVolumeAsPVCTemplate }} - {{- if .Values.webConfiguration }} - - name: web-config - secret: - secretName: {{ include "prometheus-pushgateway.fullname" . }} - {{- else }} - [] - {{- end }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/deployment.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/deployment.yaml deleted file mode 100644 index 557ca6f..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/deployment.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if not .Values.runAsStatefulSet }} -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - replicas: {{ .Values.replicaCount }} - {{- with .Values.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - selector: - matchLabels: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 8 }} - spec: - {{- include "prometheus-pushgateway.podSpec" . | nindent 6 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/extra-manifests.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/extra-manifests.yaml deleted file mode 100644 index bafee95..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/extra-manifests.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{- range .Values.extraManifests }} ---- - {{- if typeIs "string" . }} - {{- tpl . $ }} - {{- else }} - {{- tpl (. | toYaml | nindent 0) $ }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/ingress.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/ingress.yaml deleted file mode 100644 index 237ac4a..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.ingress.enabled }} -{{- $serviceName := include "prometheus-pushgateway.fullname" . }} -{{- $servicePort := .Values.service.port }} -{{- $ingressPath := .Values.ingress.path }} -{{- $ingressClassName := .Values.ingress.className }} -{{- $ingressPathType := .Values.ingress.pathType }} -{{- $extraPaths := .Values.ingress.extraPaths }} -apiVersion: {{ include "prometheus-pushgateway.ingress.apiVersion" . }} -kind: Ingress -metadata: - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }} - ingressClassName: {{ $ingressClassName }} - {{- end }} - rules: - {{- range $host := .Values.ingress.hosts }} - - host: {{ $host }} - http: - paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - - path: {{ $ingressPath }} - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: {{ $ingressPathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $serviceName }} - port: - number: {{ $servicePort }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- with .Values.ingress.tls }} - tls: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/networkpolicy.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/networkpolicy.yaml deleted file mode 100644 index d3b8019..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/networkpolicy.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.networkPolicy }} -apiVersion: {{ include "prometheus-pushgateway.networkPolicy.apiVersion" . }} -kind: NetworkPolicy -metadata: - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - {{- if .Values.networkPolicy.customSelectors }} - name: ingress-allow-customselector-{{ template "prometheus-pushgateway.name" . }} - {{- else if .Values.networkPolicy.allowAll }} - name: ingress-allow-all-{{ template "prometheus-pushgateway.name" . }} - {{- else -}} - {{- fail "One of `allowAll` or `customSelectors` must be specified." }} - {{- end }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - podSelector: - matchLabels: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 6 }} - ingress: - - ports: - - port: {{ .Values.service.targetPort }} - {{- with .Values.networkPolicy.customSelectors }} - from: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pdb.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pdb.yaml deleted file mode 100644 index 6051133..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pdb.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.podDisruptionBudget }} -apiVersion: {{ include "prometheus-pushgateway.pdb.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - selector: - matchLabels: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 6 }} - {{- toYaml .Values.podDisruptionBudget | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pushgateway-pvc.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pushgateway-pvc.yaml deleted file mode 100644 index d2a85f4..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/pushgateway-pvc.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if and (not .Values.runAsStatefulSet) .Values.persistentVolume.enabled (not .Values.persistentVolume.existingClaim) }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - {{- with .Values.persistentVolume.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - {{- with .Values.persistentVolumeLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - accessModes: - {{- toYaml .Values.persistentVolume.accessModes | nindent 4 }} - {{- if .Values.persistentVolume.storageClass }} - {{- if (eq "-" .Values.persistentVolume.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistentVolume.storageClass }}" - {{- end }} - {{- end }} - resources: - requests: - storage: "{{ .Values.persistentVolume.size }}" -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/secret.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/secret.yaml deleted file mode 100644 index a8142d1..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/secret.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.webConfiguration }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "prometheus-pushgateway.fullname" . }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} -data: - web-config.yaml: {{ include "prometheus-pushgateway.webConfiguration" . | b64enc}} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/service.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/service.yaml deleted file mode 100644 index 15029f7..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/service.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{- $stsNoHeadlessSvcTypes := list "LoadBalancer" "NodePort" -}} -apiVersion: v1 -kind: Service -metadata: - {{- with .Values.serviceAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - {{- with .Values.serviceLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - {{- if .Values.service.clusterIP }} - clusterIP: {{ .Values.service.clusterIP }} - {{ else if and .Values.runAsStatefulSet (not (has .Values.service.type $stsNoHeadlessSvcTypes)) }} - clusterIP: None # Headless service - {{- end }} - {{- if .Values.service.ipDualStack.enabled }} - ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }} - ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }} - {{- end }} - type: {{ .Values.service.type }} - {{- with .Values.service.loadBalancerIP }} - loadBalancerIP: {{ . }} - {{- end }} - {{- if .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := .Values.service.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} - {{- end }} - ports: - - port: {{ .Values.service.port }} - targetPort: {{ .Values.service.targetPort }} - {{- if and (eq .Values.service.type "NodePort") .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - protocol: TCP - name: {{ .Values.service.portName }} - selector: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 4 }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/serviceaccount.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/serviceaccount.yaml deleted file mode 100644 index 88f1470..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - {{- with .Values.serviceAccountLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ include "prometheus-pushgateway.serviceAccountName" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/servicemonitor.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/servicemonitor.yaml deleted file mode 100644 index ae17319..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/servicemonitor.yaml +++ /dev/null @@ -1,51 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} - name: {{ include "prometheus-pushgateway.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- else }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} - {{- end }} -spec: - endpoints: - - port: {{ .Values.service.portName }} - {{- with .Values.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.serviceMonitor.scheme }} - scheme: {{ . }} - {{- end }} - {{- with .Values.serviceMonitor.bearerTokenFile }} - bearerTokenFile: {{ . }} - {{- end }} - {{- with .Values.serviceMonitor.tlsConfig }} - tlsConfig: - {{- toYaml .| nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} - path: {{ .Values.serviceMonitor.telemetryPath }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- with .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- tpl (toYaml . | nindent 6) $ }} - {{- end }} - {{- with .Values.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ template "prometheus-pushgateway.namespace" . }} - selector: - matchLabels: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 6 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/statefulset.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/statefulset.yaml deleted file mode 100644 index 8d486a3..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/templates/statefulset.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if .Values.runAsStatefulSet }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 4 }} - name: {{ include "prometheus-pushgateway.fullname" . }} - namespace: {{ template "prometheus-pushgateway.namespace" . }} -spec: - replicas: {{ .Values.replicaCount }} - serviceName: {{ include "prometheus-pushgateway.fullname" . }} - selector: - matchLabels: - {{- include "prometheus-pushgateway.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 8 }} - spec: - {{- include "prometheus-pushgateway.podSpec" . | nindent 6 }} - {{- if .Values.persistentVolume.enabled }} - volumeClaimTemplates: - - metadata: - {{- with .Values.persistentVolume.annotations }} - annotations: - {{- toYaml . | nindent 10 }} - {{- end }} - labels: - {{- include "prometheus-pushgateway.defaultLabels" . | nindent 10 }} - name: storage-volume - spec: - accessModes: - {{ toYaml .Values.persistentVolume.accessModes }} - {{- if .Values.persistentVolume.storageClass }} - {{- if (eq "-" .Values.persistentVolume.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.persistentVolume.storageClass }}" - {{- end }} - {{- end }} - resources: - requests: - storage: "{{ .Values.persistentVolume.size }}" - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/values.yaml b/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/values.yaml deleted file mode 100644 index 85f267f..0000000 --- a/composio/charts/temporal/charts/prometheus/charts/prometheus-pushgateway/values.yaml +++ /dev/null @@ -1,371 +0,0 @@ -# Default values for prometheus-pushgateway. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# Provide a name in place of prometheus-pushgateway for `app:` labels -nameOverride: "" - -# Provide a name to substitute for the full names of resources -fullnameOverride: "" - -# Provide a namespace to substitude for the namespace on resources -namespaceOverride: "" - -image: - repository: quay.io/prometheus/pushgateway - # if not set appVersion field from Chart.yaml is used - tag: "" - pullPolicy: IfNotPresent - -# Optional pod imagePullSecrets -imagePullSecrets: [] - -service: - type: ClusterIP - port: 9091 - targetPort: 9091 - # nodePort: 32100 - portName: http - - # Optional - Can be used for headless if value is "None" - clusterIP: "" - - ipDualStack: - enabled: false - ipFamilies: ["IPv6", "IPv4"] - ipFamilyPolicy: "PreferDualStack" - - loadBalancerIP: "" - loadBalancerSourceRanges: [] - -# Whether to automatically mount a service account token into the pod -automountServiceAccountToken: true - -# Optional pod annotations -podAnnotations: {} - -# Optional pod labels -podLabels: {} - -# Optional service annotations -serviceAnnotations: {} - -# Optional service labels -serviceLabels: {} - -# Optional serviceAccount labels -serviceAccountLabels: {} - -# Optional persistentVolume labels -persistentVolumeLabels: {} - -# Optional additional environment variables -extraVars: [] - -## Additional pushgateway container arguments -## -## example: -## extraArgs: -## - --persistence.file=/data/pushgateway.data -## - --persistence.interval=5m -extraArgs: [] - -## Additional InitContainers to initialize the pod -## -extraInitContainers: [] - -# Optional additional containers (sidecar) -extraContainers: [] - # - name: oAuth2-proxy - # args: - # - -https-address=:9092 - # - -upstream=http://localhost:9091 - # - -skip-auth-regex=^/metrics - # - -openshift-delegate-urls={"/":{"group":"monitoring.coreos.com","resource":"prometheuses","verb":"get"}} - # image: openshift/oauth-proxy:v1.1.0 - # ports: - # - containerPort: 9092 - # name: proxy - # resources: - # limits: - # memory: 16Mi - # requests: - # memory: 4Mi - # cpu: 20m - # volumeMounts: - # - mountPath: /etc/prometheus/secrets/pushgateway-tls - # name: secret-pushgateway-tls - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 200m - # memory: 50Mi - # requests: - # cpu: 100m - # memory: 30Mi - -# -- Sets web configuration -# To enable basic authentication, provide basicAuthUsers as a map -webConfiguration: {} - # basicAuthUsers: - # username: password - -liveness: - enabled: true - probe: - httpGet: - path: /-/healthy - port: 9091 - initialDelaySeconds: 10 - timeoutSeconds: 10 - -readiness: - enabled: true - probe: - httpGet: - path: /-/ready - port: 9091 - initialDelaySeconds: 10 - timeoutSeconds: 10 - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - -## Configure ingress resource that allow you to access the -## pushgateway installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## Enable Ingress. - ## - enabled: false - # AWS ALB requires path of /* - className: "" - path: / - pathType: ImplementationSpecific - - ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - - ## Annotations. - ## - # annotations: - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: 'true' - - ## Hostnames. - ## Must be provided if Ingress is enabled. - ## - # hosts: - # - pushgateway.domain.com - - ## TLS configuration. - ## Secrets must be manually created in the namespace. - ## - # tls: - # - secretName: pushgateway-tls - # hosts: - # - pushgateway.domain.com - -tolerations: [] - # - effect: NoSchedule - # operator: Exists - -## Node labels for pushgateway pod assignment -## Ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -replicaCount: 1 - -hostAliases: [] - # - ip: "127.0.0.1" - # hostnames: - # - "foo.local" - # - "bar.local" - # - ip: "10.1.2.3" - # hostnames: - # - "foo.remote" - # - "bar.remote" - -## When running more than one replica alongside with persistence, different volumes are needed -## per replica, since sharing a `persistence.file` across replicas does not keep metrics synced. -## For this purpose, you can enable the `runAsStatefulSet` to deploy the pushgateway as a -## StatefulSet instead of as a Deployment. -runAsStatefulSet: false - -## Security context to be added to push-gateway pods -## -securityContext: - fsGroup: 65534 - runAsUser: 65534 - runAsNonRoot: true - -## Security context to be added to push-gateway containers -## Having a separate variable as securityContext differs for pods and containers. -containerSecurityContext: {} -# allowPrivilegeEscalation: false -# readOnlyRootFilesystem: true -# runAsUser: 65534 -# runAsNonRoot: true - -## Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -affinity: {} - -## Pod anti-affinity can prevent the scheduler from placing pushgateway replicas on the same node. -## The value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. -## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. -## The default value "" will disable pod anti-affinity so that no anti-affinity rules will be configured (unless set in `affinity`). -## -podAntiAffinity: "" - -## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. -## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone -## -podAntiAffinityTopologyKey: kubernetes.io/hostname - -## Topology spread constraints for pods -## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -topologySpreadConstraints: [] - -# Enable this if you're using https://github.com/coreos/prometheus-operator -serviceMonitor: - enabled: false - namespace: monitoring - - # telemetryPath: HTTP resource path from which to fetch metrics. - # Telemetry path, default /metrics, has to be prefixed accordingly if pushgateway sets a route prefix at start-up. - # - telemetryPath: "/metrics" - - # Fallback to the prometheus default unless specified - # interval: 10s - - ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. - # scheme: "" - - ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. - ## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig - # tlsConfig: {} - - # bearerTokenFile: - # Fallback to the prometheus default unless specified - # scrapeTimeout: 30s - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} - - # Retain the job and instance labels of the metrics pushed to the Pushgateway - # [Scraping Pushgateway](https://github.com/prometheus/pushgateway#configure-the-pushgateway-as-a-target-to-scrape) - honorLabels: true - - ## Metric relabel configs to apply to samples before ingestion. - ## [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) - metricRelabelings: [] - # - action: keep - # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' - # sourceLabels: [__name__] - - ## Relabel configs to apply to samples before ingestion. - ## [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) - relabelings: [] - # - sourceLabels: [__meta_kubernetes_pod_node_name] - # separator: ; - # regex: ^(.*)$ - # targetLabel: nodename - # replacement: $1 - # action: replace - -# The values to set in the PodDisruptionBudget spec (minAvailable/maxUnavailable) -# If not set then a PodDisruptionBudget will not be created -podDisruptionBudget: {} - -priorityClassName: - -# Deployment Strategy type -strategy: - type: Recreate - -persistentVolume: - ## If true, pushgateway will create/use a Persistent Volume Claim - ## If false, use emptyDir - ## - enabled: false - - ## pushgateway data Persistent Volume access modes - ## Must match those of existing PV or dynamic provisioner - ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - ## - accessModes: - - ReadWriteOnce - - ## pushgateway data Persistent Volume Claim annotations - ## - annotations: {} - - ## pushgateway data Persistent Volume existing claim name - ## Requires pushgateway.persistentVolume.enabled: true - ## If defined, PVC must be created manually before volume will be bound - existingClaim: "" - - ## pushgateway data Persistent Volume mount root path - ## - mountPath: /data - - ## pushgateway data Persistent Volume size - ## - size: 2Gi - - ## pushgateway data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - - ## Subdirectory of pushgateway data Persistent Volume to mount - ## Useful if the volume's root directory is not empty - ## - subPath: "" - -extraVolumes: [] - # - name: extra - # emptyDir: {} -extraVolumeMounts: [] - # - name: extra - # mountPath: /usr/share/extras - # readOnly: true - -# Configuration for clusters with restrictive network policies in place: -# - allowAll allows access to the PushGateway from any namespace -# - customSelector is a list of pod/namespaceSelectors to allow access from -# These options are mutually exclusive and the latter will take precedence. -networkPolicy: {} - # allowAll: true - # customSelectors: - # - namespaceSelector: - # matchLabels: - # type: admin - # - podSelector: - # matchLabels: - # app: myapp - -# Array of extra K8s objects to deploy (evaluated as a template) -# The value can hold an array of strings as well as objects -extraManifests: [] diff --git a/composio/charts/temporal/charts/prometheus/ci/01-automount-sa-token-values.yaml b/composio/charts/temporal/charts/prometheus/ci/01-automount-sa-token-values.yaml deleted file mode 100644 index 52add69..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/01-automount-sa-token-values.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -## Test case: automount SA token -serviceAccounts: - server: - automountServiceAccountToken: true diff --git a/composio/charts/temporal/charts/prometheus/ci/02-config-reloader-deployment-values.yaml b/composio/charts/temporal/charts/prometheus/ci/02-config-reloader-deployment-values.yaml deleted file mode 100644 index 0db060a..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/02-config-reloader-deployment-values.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -## Test case: test config-reloader in deployment -configmapReload: - env: - - name: APPNAME - value: "prometheus-config-reloader" - - prometheus: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsNonRoot: true - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - - extraArgs: - log-level: debug - watch-interval: 1m - -server: - statefulSet: - enabled: false diff --git a/composio/charts/temporal/charts/prometheus/ci/03-config-reloader-sts-values.yaml b/composio/charts/temporal/charts/prometheus/ci/03-config-reloader-sts-values.yaml deleted file mode 100644 index f8510ef..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/03-config-reloader-sts-values.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -## Test case: test config-reloader in statefulset -configmapReload: - env: - - name: APPNAME - value: "prometheus-config-reloader" - - prometheus: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsNonRoot: true - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - - extraArgs: - log-level: debug - watch-interval: 1m - -server: - statefulSet: - enabled: true diff --git a/composio/charts/temporal/charts/prometheus/ci/04-extra-manifest-values.yaml b/composio/charts/temporal/charts/prometheus/ci/04-extra-manifest-values.yaml deleted file mode 100644 index 3fb0f5a..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/04-extra-manifest-values.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -## Test case: set extra manifests to deploy -extraManifests: - - | - apiVersion: v1 - kind: ConfigMap - metadata: - labels: - ci: "true" - name: prometheus-extra-cm-first - data: - GREETING: "hello" - - | - apiVersion: v1 - kind: ConfigMap - metadata: - labels: - ci: "true" - name: prometheus-extra-cm-second - data: - prometheus.txt: "{{ include "prometheus.server.fullname" . }}" - immutable: true diff --git a/composio/charts/temporal/charts/prometheus/ci/05-server-deployment-values.yaml b/composio/charts/temporal/charts/prometheus/ci/05-server-deployment-values.yaml deleted file mode 100644 index caf849c..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/05-server-deployment-values.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -## Test case: set various fields in deployment -server: - automountServiceAccountToken: true - - clusterRoleNameOverride: "ci-prometheus-server-cluster-role" - - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - - env: - - name: APPNAME - value: prometheus - - extraArgs: - query.timeout: 1m - query.max-concurrency: 15 - - global: - external_labels: - cluster: "ci" - - persistentVolume: - enabled: true - size: 2Gi - - prefixURL: /prometheus - - retentionSize: 1GB - - startupProbe: - enabled: true - - statefulSet: - enabled: false - - tsdb: - out_of_order_time_window: 10s diff --git a/composio/charts/temporal/charts/prometheus/ci/06-server-sts-values.yaml b/composio/charts/temporal/charts/prometheus/ci/06-server-sts-values.yaml deleted file mode 100644 index 9783995..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/06-server-sts-values.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# Test case: set various fields in statefulset -server: - automountServiceAccountToken: true - - clusterRoleNameOverride: "ci-prometheus-server-cluster-role" - - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - seccompProfile: - type: RuntimeDefault - - env: - - name: APPNAME - value: prometheus - - extraArgs: - query.timeout: 1m - query.max-concurrency: 15 - - global: - external_labels: - cluster: "ci" - - persistentVolume: - enabled: true - statefulSetNameOverride: "ci-prometheus-server-pvc" - size: 2Gi - - prefixURL: /prometheus - - retentionSize: 1GB - - startupProbe: - enabled: true - - statefulSet: - enabled: true - - tsdb: - out_of_order_time_window: 10s diff --git a/composio/charts/temporal/charts/prometheus/ci/07-meta-labels-values.yaml b/composio/charts/temporal/charts/prometheus/ci/07-meta-labels-values.yaml deleted file mode 100644 index bc4e872..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/07-meta-labels-values.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# Test case: set meta labels -commonMetaLabels: - ci: "true" - env: "ci" diff --git a/composio/charts/temporal/charts/prometheus/ci/08-sts-pvc-retention-policy-values.yaml b/composio/charts/temporal/charts/prometheus/ci/08-sts-pvc-retention-policy-values.yaml deleted file mode 100644 index da65ab7..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/08-sts-pvc-retention-policy-values.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -## Test case: set PVC retention policy in statefulset -server: - automountServiceAccountToken: true - - statefulSet: - enabled: true - pvcDeleteOnStsDelete: true - pvcDeleteOnStsScale: true - - persistentVolume: - enabled: true - size: 2Gi diff --git a/composio/charts/temporal/charts/prometheus/ci/09-standalone-deployment-values.yaml b/composio/charts/temporal/charts/prometheus/ci/09-standalone-deployment-values.yaml deleted file mode 100644 index cbee5d9..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/09-standalone-deployment-values.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -## Test case: run standalone Prometheus deployment -alertmanager: - enabled: false - -kube-state-metrics: - enabled: false - -prometheus-node-exporter: - enabled: false - -prometheus-pushgateway: - enabled: false - -server: - automountServiceAccountToken: true - persistentVolume: - enabled: false diff --git a/composio/charts/temporal/charts/prometheus/ci/10-namespaced-sd-values.yaml b/composio/charts/temporal/charts/prometheus/ci/10-namespaced-sd-values.yaml deleted file mode 100644 index b62b48b..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/10-namespaced-sd-values.yaml +++ /dev/null @@ -1,114 +0,0 @@ ---- -## Test case: Prometheus with namespaced SD -## Prometheus runs service discovery (SD) in its own namespace only. -## A custom cluster role is set up and bound to SA through a role binding -## in the given namespace. Prometheus *must* be told that its SD -## is namespaced by means of 'scrape_configs.kubernetes_sd_configs.namespaces'. -server: - automountServiceAccountToken: true - namespaces: [] - releaseNamespace: true - useExistingClusterRoleName: "prometheus-cluster-role" - - persistentVolume: - enabled: false - -alertmanager: - enabled: false - -kube-state-metrics: - enabled: true - -prometheus-node-exporter: - enabled: false - -prometheus-pushgateway: - enabled: false - -serverFiles: - prometheus.yml: - scrape_configs: - - job_name: "prometheus" - static_configs: - - targets: - - localhost:9090 - - job_name: "kubernetes-service-endpoints" - honor_labels: true - kubernetes_sd_configs: - - role: endpoints - namespaces: - own_namespace: true - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: - - __address__ - - __meta_kubernetes_service_annotation_prometheus_io_port - action: replace - target_label: __address__ - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: service - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node - -extraManifests: - - | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - name: prometheus-cluster-role - rules: - - apiGroups: - - "" - resources: - - services - - endpoints - - pods - - ingresses - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "extensions" - - "networking.k8s.io" - resources: - - ingresses/status - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - "discovery.k8s.io" - resources: - - endpointslices - verbs: - - get - - list - - watch - - nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/composio/charts/temporal/charts/prometheus/ci/11-default-values.yaml b/composio/charts/temporal/charts/prometheus/ci/11-default-values.yaml deleted file mode 100644 index ba5a5c1..0000000 --- a/composio/charts/temporal/charts/prometheus/ci/11-default-values.yaml +++ /dev/null @@ -1 +0,0 @@ -## Test case: use chart's default values diff --git a/composio/charts/temporal/charts/prometheus/templates/NOTES.txt b/composio/charts/temporal/charts/prometheus/templates/NOTES.txt deleted file mode 100644 index fc03c2a..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/NOTES.txt +++ /dev/null @@ -1,113 +0,0 @@ -The Prometheus server can be accessed via port {{ .Values.server.service.servicePort }} on the following DNS name from within your cluster: -{{ template "prometheus.server.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - -{{ if .Values.server.ingress.enabled -}} -From outside the cluster, the server URL(s) are: -{{- range .Values.server.ingress.hosts }} -http://{{ . }} -{{- end }} -{{- else }} -Get the Prometheus server URL by running these commands in the same shell: -{{- if contains "NodePort" .Values.server.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus.server.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.server.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "prometheus.server.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus.server.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.server.service.servicePort }} -{{- else if contains "ClusterIP" .Values.server.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "prometheus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9090 -{{- end }} - - -{{- if .Values.server.persistentVolume.enabled }} -{{- else }} -################################################################################# -###### WARNING: Persistence is disabled!!! You will lose your data when ##### -###### the Server pod is terminated. ##### -################################################################################# -{{- end }} -{{- end }} - -{{ if .Values.alertmanager.enabled }} -The Prometheus alertmanager can be accessed via port {{ .Values.alertmanager.service.port }} on the following DNS name from within your cluster: -{{ template "prometheus.alertmanager.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - -{{ if .Values.alertmanager.ingress.enabled -}} -From outside the cluster, the alertmanager URL(s) are: -{{- range .Values.alertmanager.ingress.hosts }} -http://{{ . }} -{{- end }} -{{- else }} -Get the Alertmanager URL by running these commands in the same shell: -{{- if contains "NodePort" .Values.alertmanager.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus.alertmanager.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.alertmanager.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "prometheus.alertmanager.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus.alertmanager.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.alertmanager.service.servicePort }} -{{- else if contains "ClusterIP" .Values.alertmanager.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "alertmanager.name" .Subcharts.alertmanager }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9093 -{{- end }} -{{- end }} - -{{- if .Values.alertmanager.persistence.enabled }} -{{- else }} -################################################################################# -###### WARNING: Persistence is disabled!!! You will lose your data when ##### -###### the AlertManager pod is terminated. ##### -################################################################################# -{{- end }} -{{- end }} - -{{- if (index .Values "prometheus-node-exporter" "enabled") }} -################################################################################# -###### WARNING: Pod Security Policy has been disabled by default since ##### -###### it deprecated after k8s 1.25+. use ##### -###### (index .Values "prometheus-node-exporter" "rbac" ##### -###### . "pspEnabled") with (index .Values ##### -###### "prometheus-node-exporter" "rbac" "pspAnnotations") ##### -###### in case you still need it. ##### -################################################################################# -{{- end }} - -{{ if (index .Values "prometheus-pushgateway" "enabled") }} -The Prometheus PushGateway can be accessed via port {{ index .Values "prometheus-pushgateway" "service" "port" }} on the following DNS name from within your cluster: -{{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }}.{{ .Release.Namespace }}.svc.cluster.local - -{{ if (index .Values "prometheus-pushgateway" "ingress" "enabled") -}} -From outside the cluster, the pushgateway URL(s) are: -{{- range (index .Values "prometheus-pushgateway" "ingress" "hosts") }} -http://{{ . }} -{{- end }} -{{- else }} -Get the PushGateway URL by running these commands in the same shell: -{{- $pushgateway_svc_type := index .Values "prometheus-pushgateway" "service" "type" -}} -{{- if contains "NodePort" $pushgateway_svc_type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" $pushgateway_svc_type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "prometheus-pushgateway.fullname" (index .Subcharts "prometheus-pushgateway") }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ index .Values "prometheus-pushgateway" "service" "port" }} -{{- else if contains "ClusterIP" $pushgateway_svc_type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ include "prometheus.name" (index .Subcharts "prometheus-pushgateway") }},component=pushgateway" -o jsonpath="{.items[0].metadata.name}") - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 9091 -{{- end }} -{{- end }} -{{- end }} - -For more information on running Prometheus, visit: -https://prometheus.io/ diff --git a/composio/charts/temporal/charts/prometheus/templates/_helpers.tpl b/composio/charts/temporal/charts/prometheus/templates/_helpers.tpl deleted file mode 100644 index 0810e3c..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/_helpers.tpl +++ /dev/null @@ -1,234 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create labels for prometheus -*/}} -{{- define "prometheus.common.matchLabels" -}} -app.kubernetes.io/name: {{ include "prometheus.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create unified labels for prometheus components -*/}} -{{- define "prometheus.common.metaLabels" -}} -app.kubernetes.io/version: {{ .Chart.AppVersion }} -helm.sh/chart: {{ include "prometheus.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/part-of: {{ include "prometheus.name" . }} -{{- with .Values.commonMetaLabels}} -{{ toYaml . }} -{{- end }} -{{- end -}} - -{{- define "prometheus.server.labels" -}} -{{ include "prometheus.server.matchLabels" . }} -{{ include "prometheus.common.metaLabels" . }} -{{- end -}} - -{{- define "prometheus.server.matchLabels" -}} -app.kubernetes.io/component: {{ .Values.server.name }} -{{ include "prometheus.common.matchLabels" . }} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "prometheus.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified ClusterRole name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "prometheus.clusterRoleName" -}} -{{- if .Values.server.clusterRoleNameOverride -}} -{{ .Values.server.clusterRoleNameOverride | trunc 63 | trimSuffix "-" }} -{{- else -}} -{{ include "prometheus.server.fullname" . }} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified alertmanager name for communicating with the user via NOTES.txt -*/}} -{{- define "prometheus.alertmanager.fullname" -}} -{{- template "alertmanager.fullname" .Subcharts.alertmanager -}} -{{- end -}} - -{{/* -Create a fully qualified Prometheus server name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "prometheus.server.fullname" -}} -{{- if .Values.server.fullnameOverride -}} -{{- .Values.server.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.server.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.server.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Get KubeVersion removing pre-release information. -*/}} -{{- define "prometheus.kubeVersion" -}} - {{- default .Capabilities.KubeVersion.Version (regexFind "v[0-9]+\\.[0-9]+\\.[0-9]+" .Capabilities.KubeVersion.Version) -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "prometheus.deployment.apiVersion" -}} -{{- print "apps/v1" -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "prometheus.networkPolicy.apiVersion" -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for poddisruptionbudget. -*/}} -{{- define "prometheus.podDisruptionBudget.apiVersion" -}} -{{- if .Capabilities.APIVersions.Has "policy/v1" }} -{{- print "policy/v1" -}} -{{- else -}} -{{- print "policy/v1beta1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for rbac. -*/}} -{{- define "rbac.apiVersion" -}} -{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }} -{{- print "rbac.authorization.k8s.io/v1" -}} -{{- else -}} -{{- print "rbac.authorization.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "ingress.apiVersion" -}} - {{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19.x" (include "prometheus.kubeVersion" .)) -}} - {{- print "networking.k8s.io/v1" -}} - {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" -}} - {{- print "networking.k8s.io/v1beta1" -}} - {{- else -}} - {{- print "extensions/v1beta1" -}} - {{- end -}} -{{- end -}} - -{{/* -Return if ingress is stable. -*/}} -{{- define "ingress.isStable" -}} - {{- eq (include "ingress.apiVersion" .) "networking.k8s.io/v1" -}} -{{- end -}} - -{{/* -Return if ingress supports ingressClassName. -*/}} -{{- define "ingress.supportsIngressClassName" -}} - {{- or (eq (include "ingress.isStable" .) "true") (and (eq (include "ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18.x" (include "prometheus.kubeVersion" .))) -}} -{{- end -}} - -{{/* -Return if ingress supports pathType. -*/}} -{{- define "ingress.supportsPathType" -}} - {{- or (eq (include "ingress.isStable" .) "true") (and (eq (include "ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18.x" (include "prometheus.kubeVersion" .))) -}} -{{- end -}} - -{{/* -Create the name of the service account to use for the server component -*/}} -{{- define "prometheus.serviceAccountName.server" -}} -{{- if .Values.serviceAccounts.server.create -}} - {{ default (include "prometheus.server.fullname" .) .Values.serviceAccounts.server.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.server.name }} -{{- end -}} -{{- end -}} - -{{/* -Define the prometheus.namespace template if set with forceNamespace or .Release.Namespace is set -*/}} -{{- define "prometheus.namespace" -}} - {{- default .Release.Namespace .Values.forceNamespace -}} -{{- end }} - -{{/* -Define template prometheus.namespaces producing a list of namespaces to monitor -*/}} -{{- define "prometheus.namespaces" -}} -{{- $namespaces := list }} -{{- if and .Values.rbac.create .Values.server.useExistingClusterRoleName }} - {{- if .Values.server.namespaces -}} - {{- range $ns := join "," .Values.server.namespaces | split "," }} - {{- $namespaces = append $namespaces (tpl $ns $) }} - {{- end -}} - {{- end -}} - {{- if .Values.server.releaseNamespace -}} - {{- $namespaces = append $namespaces (include "prometheus.namespace" .) }} - {{- end -}} -{{- end -}} -{{ mustToJson $namespaces }} -{{- end -}} - -{{/* -Define prometheus.server.remoteWrite producing a list of remoteWrite configurations with URL templating -*/}} -{{- define "prometheus.server.remoteWrite" -}} -{{- $remoteWrites := list }} -{{- range $remoteWrite := .Values.server.remoteWrite }} - {{- $remoteWrites = tpl $remoteWrite.url $ | set $remoteWrite "url" | append $remoteWrites }} -{{- end -}} -{{ toYaml $remoteWrites }} -{{- end -}} - -{{/* -Define prometheus.server.remoteRead producing a list of remoteRead configurations with URL templating -*/}} -{{- define "prometheus.server.remoteRead" -}} -{{- $remoteReads := list }} -{{- range $remoteRead := .Values.server.remoteRead }} - {{- $remoteReads = tpl $remoteRead.url $ | set $remoteRead "url" | append $remoteReads }} -{{- end -}} -{{ toYaml $remoteReads }} -{{- end -}} - diff --git a/composio/charts/temporal/charts/prometheus/templates/clusterrole.yaml b/composio/charts/temporal/charts/prometheus/templates/clusterrole.yaml deleted file mode 100644 index 25e3cec..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/clusterrole.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- if and .Values.rbac.create (empty .Values.server.useExistingClusterRoleName) -}} -apiVersion: {{ template "rbac.apiVersion" . }} -kind: ClusterRole -metadata: - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - name: {{ include "prometheus.clusterRoleName" . }} -rules: -{{- if and .Values.podSecurityPolicy.enabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} - - apiGroups: - - extensions - resources: - - podsecuritypolicies - verbs: - - use - resourceNames: - - {{ template "prometheus.server.fullname" . }} -{{- end }} - - apiGroups: - - "" - resources: - - nodes - - nodes/proxy - - nodes/metrics - - services - - endpoints - - pods - - ingresses - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "extensions" - - "networking.k8s.io" - resources: - - ingresses/status - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - "discovery.k8s.io" - resources: - - endpointslices - verbs: - - get - - list - - watch - - nonResourceURLs: - - "/metrics" - verbs: - - get -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/clusterrolebinding.yaml b/composio/charts/temporal/charts/prometheus/templates/clusterrolebinding.yaml deleted file mode 100644 index 28f4bda..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.rbac.create (empty .Values.server.namespaces) (empty .Values.server.useExistingClusterRoleName) -}} -apiVersion: {{ template "rbac.apiVersion" . }} -kind: ClusterRoleBinding -metadata: - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - name: {{ include "prometheus.clusterRoleName" . }} -subjects: - - kind: ServiceAccount - name: {{ template "prometheus.serviceAccountName.server" . }} - namespace: {{ include "prometheus.namespace" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "prometheus.clusterRoleName" . }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/cm.yaml b/composio/charts/temporal/charts/prometheus/templates/cm.yaml deleted file mode 100644 index 8713bd1..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/cm.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{- if (empty .Values.server.configMapOverrideName) -}} -apiVersion: v1 -kind: ConfigMap -metadata: -{{- with .Values.server.configMapAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - {{- with .Values.server.extraConfigmapLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -data: - allow-snippet-annotations: "false" -{{- $root := . -}} -{{- range $key, $value := .Values.ruleFiles }} - {{ $key }}: {{- toYaml $value | indent 2 }} -{{- end }} -{{- range $key, $value := .Values.serverFiles }} - {{ $key }}: | -{{- if eq $key "prometheus.yml" }} - global: -{{ $root.Values.server.global | toYaml | trimSuffix "\n" | indent 6 }} -{{- if $root.Values.server.remoteWrite }} - remote_write: -{{- include "prometheus.server.remoteWrite" $root | nindent 4 }} -{{- end }} -{{- if $root.Values.server.remoteRead }} - remote_read: -{{- include "prometheus.server.remoteRead" $root | nindent 4 }} -{{- end }} -{{- if or $root.Values.server.tsdb $root.Values.server.exemplars }} - storage: -{{- if $root.Values.server.tsdb }} - tsdb: -{{ $root.Values.server.tsdb | toYaml | indent 8 }} -{{- end }} -{{- if $root.Values.server.exemplars }} - exemplars: -{{ $root.Values.server.exemplars | toYaml | indent 8 }} -{{- end }} -{{- end }} -{{- if $root.Values.scrapeConfigFiles }} - scrape_config_files: -{{ toYaml $root.Values.scrapeConfigFiles | indent 4 }} -{{- end }} -{{- end }} -{{- if eq $key "alerts" }} -{{- if and (not (empty $value)) (empty $value.groups) }} - groups: -{{- range $ruleKey, $ruleValue := $value }} - - name: {{ $ruleKey -}}.rules - rules: -{{ $ruleValue | toYaml | trimSuffix "\n" | indent 6 }} -{{- end }} -{{- else }} -{{ toYaml $value | indent 4 }} -{{- end }} -{{- else }} -{{ toYaml $value | default "{}" | indent 4 }} -{{- end }} -{{- if eq $key "prometheus.yml" -}} -{{- if $root.Values.extraScrapeConfigs }} -{{ tpl $root.Values.extraScrapeConfigs $root | indent 4 }} -{{- end -}} -{{- if or ($root.Values.alertmanager.enabled) ($root.Values.server.alertmanagers) }} - alerting: -{{- if $root.Values.alertRelabelConfigs }} -{{ $root.Values.alertRelabelConfigs | toYaml | trimSuffix "\n" | indent 6 }} -{{- end }} - alertmanagers: -{{- if $root.Values.server.alertmanagers }} -{{ toYaml $root.Values.server.alertmanagers | indent 8 }} -{{- else }} - - kubernetes_sd_configs: - - role: pod - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - {{- if $root.Values.alertmanager.prefixURL }} - path_prefix: {{ $root.Values.alertmanager.prefixURL }} - {{- end }} - relabel_configs: - - source_labels: [__meta_kubernetes_namespace] - regex: {{ $root.Release.Namespace }} - action: keep - - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] - regex: {{ $root.Release.Name }} - action: keep - - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_name] - regex: {{ default "alertmanager" $root.Values.alertmanager.nameOverride | trunc 63 | trimSuffix "-" }} - action: keep - - source_labels: [__meta_kubernetes_pod_container_port_number] - regex: "9093" - action: keep -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/deploy.yaml b/composio/charts/temporal/charts/prometheus/templates/deploy.yaml deleted file mode 100644 index fcf3d96..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/deploy.yaml +++ /dev/null @@ -1,390 +0,0 @@ -{{- if not .Values.server.statefulSet.enabled -}} -apiVersion: {{ template "prometheus.deployment.apiVersion" . }} -kind: Deployment -metadata: -{{- if .Values.server.deploymentAnnotations }} - annotations: - {{ toYaml .Values.server.deploymentAnnotations | nindent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -spec: - selector: - matchLabels: - {{- include "prometheus.server.matchLabels" . | nindent 6 }} - replicas: {{ .Values.server.replicaCount }} - revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }} - {{- if .Values.server.strategy }} - strategy: -{{ toYaml .Values.server.strategy | trim | indent 4 }} - {{ if eq .Values.server.strategy.type "Recreate" }}rollingUpdate: null{{ end }} -{{- end }} - template: - metadata: - {{- if .Values.server.podAnnotations }} - annotations: - {{ toYaml .Values.server.podAnnotations | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 8 }} - {{- if .Values.server.podLabels}} - {{ toYaml .Values.server.podLabels | nindent 8 }} - {{- end}} - spec: -{{- if .Values.server.priorityClassName }} - priorityClassName: "{{ .Values.server.priorityClassName }}" -{{- end }} -{{- if .Values.server.schedulerName }} - schedulerName: "{{ .Values.server.schedulerName }}" -{{- end }} -{{- if semverCompare ">=1.13-0" .Capabilities.KubeVersion.GitVersion }} - {{- if or (.Values.server.enableServiceLinks) (eq (.Values.server.enableServiceLinks | toString) "") }} - enableServiceLinks: true - {{- else }} - enableServiceLinks: false - {{- end }} -{{- end }} - serviceAccountName: {{ template "prometheus.serviceAccountName.server" . }} -{{- if kindIs "bool" .Values.server.automountServiceAccountToken }} - automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }} -{{- end }} - {{- if .Values.server.extraInitContainers }} - initContainers: -{{ toYaml .Values.server.extraInitContainers | indent 8 }} - {{- end }} - containers: - {{- if .Values.configmapReload.prometheus.enabled }} - - name: {{ template "prometheus.name" . }}-{{ .Values.server.name }}-{{ .Values.configmapReload.prometheus.name }} - {{- if .Values.configmapReload.prometheus.image.digest }} - image: "{{ .Values.configmapReload.prometheus.image.repository }}@{{ .Values.configmapReload.prometheus.image.digest }}" - {{- else }} - image: "{{ .Values.configmapReload.prometheus.image.repository }}:{{ .Values.configmapReload.prometheus.image.tag }}" - {{- end }} - imagePullPolicy: "{{ .Values.configmapReload.prometheus.image.pullPolicy }}" - {{- with .Values.configmapReload.prometheus.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - args: - - --watched-dir=/etc/config - {{- $default_url := "http://127.0.0.1:9090/-/reload" }} - {{- with .Values.server.prefixURL }} - {{- $default_url = printf "http://127.0.0.1:9090%s/-/reload" . }} - {{- end }} - - --reload-url={{ default $default_url .Values.configmapReload.reloadUrl }} - {{- range $key, $value := .Values.configmapReload.prometheus.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraVolumeDirs }} - - --watched-dir={{ . }} - {{- end }} - {{- with .Values.configmapReload.env }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.configmapReload.prometheus.containerPort }} - ports: - - containerPort: {{ .Values.configmapReload.prometheus.containerPort }} - {{- end }} - {{- with .Values.configmapReload.prometheus.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: config-volume - mountPath: /etc/config - readOnly: true - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- with .Values.configmapReload.prometheus.extraVolumeMounts }} - {{ toYaml . | nindent 12 }} - {{- end }} - {{- end }} - - - name: {{ template "prometheus.name" . }}-{{ .Values.server.name }} - {{- if .Values.server.image.digest }} - image: "{{ .Values.server.image.repository }}@{{ .Values.server.image.digest }}" - {{- else }} - image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion}}" - {{- end }} - imagePullPolicy: "{{ .Values.server.image.pullPolicy }}" - {{- with .Values.server.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.server.env }} - env: -{{ toYaml .Values.server.env | indent 12}} - {{- end }} - args: - {{- if .Values.server.defaultFlagsOverride }} - {{ toYaml .Values.server.defaultFlagsOverride | nindent 12}} - {{- else }} - {{- if .Values.server.retention }} - - --storage.tsdb.retention.time={{ .Values.server.retention }} - {{- end }} - {{- if .Values.server.retentionSize }} - - --storage.tsdb.retention.size={{ .Values.server.retentionSize }} - {{- end }} - - --config.file={{ .Values.server.configPath }} - {{- if .Values.server.storagePath }} - - --storage.tsdb.path={{ .Values.server.storagePath }} - {{- else }} - - --storage.tsdb.path={{ .Values.server.persistentVolume.mountPath }} - {{- end }} - - --web.console.libraries=/etc/prometheus/console_libraries - - --web.console.templates=/etc/prometheus/consoles - {{- range .Values.server.extraFlags }} - - --{{ . }} - {{- end }} - {{- range $key, $value := .Values.server.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- if .Values.server.prefixURL }} - - --web.route-prefix={{ .Values.server.prefixURL }} - {{- end }} - {{- if .Values.server.baseURL }} - - --web.external-url={{ .Values.server.baseURL }} - {{- end }} - {{- end }} - ports: - - containerPort: 9090 - {{- if .Values.server.portName }} - name: {{ .Values.server.portName }} - {{- end }} - {{- if .Values.server.hostPort }} - hostPort: {{ .Values.server.hostPort }} - {{- end }} - readinessProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/ready - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- with .Values.server.probeHeaders }} - httpHeaders: -{{- toYaml . | nindent 14 }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - initialDelaySeconds: {{ .Values.server.readinessProbeInitialDelay }} - periodSeconds: {{ .Values.server.readinessProbePeriodSeconds }} - timeoutSeconds: {{ .Values.server.readinessProbeTimeout }} - failureThreshold: {{ .Values.server.readinessProbeFailureThreshold }} - successThreshold: {{ .Values.server.readinessProbeSuccessThreshold }} - livenessProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/healthy - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- with .Values.server.probeHeaders }} - httpHeaders: -{{- toYaml . | nindent 14 }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - initialDelaySeconds: {{ .Values.server.livenessProbeInitialDelay }} - periodSeconds: {{ .Values.server.livenessProbePeriodSeconds }} - timeoutSeconds: {{ .Values.server.livenessProbeTimeout }} - failureThreshold: {{ .Values.server.livenessProbeFailureThreshold }} - successThreshold: {{ .Values.server.livenessProbeSuccessThreshold }} - {{- if .Values.server.startupProbe.enabled }} - startupProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/healthy - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- if .Values.server.probeHeaders }} - httpHeaders: - {{- range .Values.server.probeHeaders}} - - name: {{ .name }} - value: {{ .value }} - {{- end }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - failureThreshold: {{ .Values.server.startupProbe.failureThreshold }} - periodSeconds: {{ .Values.server.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.server.startupProbe.timeoutSeconds }} - {{- end }} - {{- with .Values.server.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: config-volume - mountPath: /etc/config - - name: storage-volume - mountPath: {{ .Values.server.persistentVolume.mountPath }} - subPath: "{{ .Values.server.persistentVolume.subPath }}" - {{- range .Values.server.extraHostPathMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- range .Values.server.extraConfigmapMounts }} - - name: {{ $.Values.server.name }}-{{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- range .Values.server.extraSecretMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- if .Values.server.extraVolumeMounts }} - {{ toYaml .Values.server.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- with .Values.server.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.server.sidecarContainers }} - {{- range $name, $spec := .Values.server.sidecarContainers }} - - name: {{ $name }} - {{- if kindIs "string" $spec }} - {{- tpl $spec $ | nindent 10 }} - {{- else }} - {{- toYaml $spec | nindent 10 }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.server.hostNetwork }} - hostNetwork: true - dnsPolicy: ClusterFirstWithHostNet - {{- else }} - dnsPolicy: {{ .Values.server.dnsPolicy }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} - {{- if .Values.server.nodeSelector }} - nodeSelector: -{{ toYaml .Values.server.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.server.hostAliases }} - hostAliases: -{{ toYaml .Values.server.hostAliases | indent 8 }} - {{- end }} - {{- if .Values.server.dnsConfig }} - dnsConfig: -{{ toYaml .Values.server.dnsConfig | indent 8 }} - {{- end }} - {{- with .Values.server.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.server.tolerations }} - tolerations: -{{ toYaml .Values.server.tolerations | indent 8 }} - {{- end }} - {{- if or .Values.server.affinity .Values.server.podAntiAffinity }} - affinity: - {{- end }} - {{- with .Values.server.affinity }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if eq .Values.server.podAntiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]} - {{- else if eq .Values.server.podAntiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]} - {{- end }} - {{- with .Values.server.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} - volumes: - - name: config-volume - {{- if empty .Values.server.configFromSecret }} - configMap: - name: {{ if .Values.server.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.server.configMapOverrideName }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} - {{- else }} - secret: - secretName: {{ .Values.server.configFromSecret }} - {{- end }} - {{- range .Values.server.extraHostPathMounts }} - - name: {{ .name }} - hostPath: - path: {{ .hostPath }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }} - configMap: - name: {{ .configMap }} - {{- end }} - {{- range .Values.server.extraConfigmapMounts }} - - name: {{ $.Values.server.name }}-{{ .name }} - configMap: - name: {{ .configMap }} - {{- end }} - {{- range .Values.server.extraSecretMounts }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - {{- with .optional }} - optional: {{ . }} - {{- end }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ .name }} - configMap: - name: {{ .configMap }} - {{- with .optional }} - optional: {{ . }} - {{- end }} - {{- end }} -{{- if .Values.server.extraVolumes }} -{{ toYaml .Values.server.extraVolumes | indent 8}} -{{- end }} - - name: storage-volume - {{- if .Values.server.persistentVolume.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.server.persistentVolume.existingClaim }}{{ .Values.server.persistentVolume.existingClaim }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} - {{- else }} - emptyDir: - {{- if .Values.server.emptyDir.sizeLimit }} - sizeLimit: {{ .Values.server.emptyDir.sizeLimit }} - {{- else }} - {} - {{- end -}} - {{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/extra-manifests.yaml b/composio/charts/temporal/charts/prometheus/templates/extra-manifests.yaml deleted file mode 100644 index 2b21b71..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraManifests }} ---- -{{ tpl . $ }} -{{ end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/headless-svc.yaml b/composio/charts/temporal/charts/prometheus/templates/headless-svc.yaml deleted file mode 100644 index df9db99..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/headless-svc.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.server.statefulSet.enabled -}} -apiVersion: v1 -kind: Service -metadata: -{{- if .Values.server.statefulSet.headless.annotations }} - annotations: -{{ toYaml .Values.server.statefulSet.headless.annotations | indent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -{{- if .Values.server.statefulSet.headless.labels }} -{{ toYaml .Values.server.statefulSet.headless.labels | indent 4 }} -{{- end }} - name: {{ template "prometheus.server.fullname" . }}-headless - namespace: {{ include "prometheus.namespace" . }} -spec: - clusterIP: None - ports: - - name: http - port: {{ .Values.server.statefulSet.headless.servicePort }} - protocol: TCP - targetPort: 9090 - {{- if .Values.server.statefulSet.headless.gRPC.enabled }} - - name: grpc - port: {{ .Values.server.statefulSet.headless.gRPC.servicePort }} - protocol: TCP - targetPort: 10901 - {{- if .Values.server.statefulSet.headless.gRPC.nodePort }} - nodePort: {{ .Values.server.statefulSet.headless.gRPC.nodePort }} - {{- end }} - {{- end }} - - selector: - {{- include "prometheus.server.matchLabels" . | nindent 4 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/ingress.yaml b/composio/charts/temporal/charts/prometheus/templates/ingress.yaml deleted file mode 100644 index 84341a9..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/ingress.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if .Values.server.ingress.enabled -}} -{{- $ingressApiIsStable := eq (include "ingress.isStable" .) "true" -}} -{{- $ingressSupportsIngressClassName := eq (include "ingress.supportsIngressClassName" .) "true" -}} -{{- $ingressSupportsPathType := eq (include "ingress.supportsPathType" .) "true" -}} -{{- $releaseName := .Release.Name -}} -{{- $serviceName := include "prometheus.server.fullname" . }} -{{- $servicePort := .Values.server.ingress.servicePort | default .Values.server.service.servicePort -}} -{{- $ingressPath := .Values.server.ingress.path -}} -{{- $ingressPathType := .Values.server.ingress.pathType -}} -{{- $extraPaths := .Values.server.ingress.extraPaths -}} -apiVersion: {{ template "ingress.apiVersion" . }} -kind: Ingress -metadata: -{{- if .Values.server.ingress.annotations }} - annotations: -{{ toYaml .Values.server.ingress.annotations | indent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -{{- range $key, $value := .Values.server.ingress.extraLabels }} - {{ $key }}: {{ $value }} -{{- end }} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -spec: - {{- if and $ingressSupportsIngressClassName .Values.server.ingress.ingressClassName }} - ingressClassName: {{ .Values.server.ingress.ingressClassName }} - {{- end }} - rules: - {{- range .Values.server.ingress.hosts }} - {{- $url := splitList "/" . }} - - host: {{ first $url }} - http: - paths: -{{ if $extraPaths }} -{{ toYaml $extraPaths | indent 10 }} -{{- end }} - - path: {{ $ingressPath }} - {{- if $ingressSupportsPathType }} - pathType: {{ $ingressPathType }} - {{- end }} - backend: - {{- if $ingressApiIsStable }} - service: - name: {{ $serviceName }} - port: - number: {{ $servicePort }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- end -}} -{{- if .Values.server.ingress.tls }} - tls: -{{ toYaml .Values.server.ingress.tls | indent 4 }} - {{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/network-policy.yaml b/composio/charts/temporal/charts/prometheus/templates/network-policy.yaml deleted file mode 100644 index 3254ffc..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/network-policy.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} -kind: NetworkPolicy -metadata: - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -spec: - podSelector: - matchLabels: - {{- include "prometheus.server.matchLabels" . | nindent 6 }} - ingress: - - ports: - - port: 9090 -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/pdb.yaml b/composio/charts/temporal/charts/prometheus/templates/pdb.yaml deleted file mode 100644 index 7ffe673..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/pdb.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.server.podDisruptionBudget.enabled }} -{{- $pdbSpec := omit .Values.server.podDisruptionBudget "enabled" }} -apiVersion: {{ template "prometheus.podDisruptionBudget.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - {{- include "prometheus.server.matchLabels" . | nindent 6 }} - {{- toYaml $pdbSpec | nindent 2 }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/psp.yaml b/composio/charts/temporal/charts/prometheus/templates/psp.yaml deleted file mode 100644 index 5776e25..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/psp.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{- if and .Values.rbac.create .Values.podSecurityPolicy.enabled }} -{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "prometheus.server.fullname" . }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - {{- with .Values.server.podSecurityPolicy.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - allowedCapabilities: - - 'CHOWN' - volumes: - - 'configMap' - - 'persistentVolumeClaim' - - 'emptyDir' - - 'secret' - - 'hostPath' - allowedHostPaths: - - pathPrefix: /etc - readOnly: true - - pathPrefix: {{ .Values.server.persistentVolume.mountPath }} - {{- range .Values.server.extraHostPathMounts }} - - pathPrefix: {{ .hostPath }} - readOnly: {{ .readOnly }} - {{- end }} - hostNetwork: false - hostPID: false - hostIPC: false - runAsUser: - rule: 'RunAsAny' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/pvc.yaml b/composio/charts/temporal/charts/prometheus/templates/pvc.yaml deleted file mode 100644 index a9dc4fc..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/pvc.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- if not .Values.server.statefulSet.enabled -}} -{{- if .Values.server.persistentVolume.enabled -}} -{{- if not .Values.server.persistentVolume.existingClaim -}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - {{- if .Values.server.persistentVolume.annotations }} - annotations: -{{ toYaml .Values.server.persistentVolume.annotations | indent 4 }} - {{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - {{- with .Values.server.persistentVolume.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -spec: - accessModes: -{{ toYaml .Values.server.persistentVolume.accessModes | indent 4 }} -{{- if .Values.server.persistentVolume.storageClass }} -{{- if (eq "-" .Values.server.persistentVolume.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.server.persistentVolume.storageClass }}" -{{- end }} -{{- end }} -{{- if .Values.server.persistentVolume.volumeBindingMode }} - volumeBindingMode: "{{ .Values.server.persistentVolume.volumeBindingMode }}" -{{- end }} - resources: - requests: - storage: "{{ .Values.server.persistentVolume.size }}" -{{- if .Values.server.persistentVolume.selector }} - selector: - {{- toYaml .Values.server.persistentVolume.selector | nindent 4 }} -{{- end -}} -{{- if .Values.server.persistentVolume.volumeName }} - volumeName: "{{ .Values.server.persistentVolume.volumeName }}" -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/rolebinding.yaml b/composio/charts/temporal/charts/prometheus/templates/rolebinding.yaml deleted file mode 100644 index 721b388..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/rolebinding.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- range include "prometheus.namespaces" . | fromJsonArray }} ---- -apiVersion: {{ template "rbac.apiVersion" $ }} -kind: RoleBinding -metadata: - labels: - {{- include "prometheus.server.labels" $ | nindent 4 }} - name: {{ template "prometheus.server.fullname" $ }} - namespace: {{ . }} -subjects: - - kind: ServiceAccount - name: {{ template "prometheus.serviceAccountName.server" $ }} - namespace: {{ include "prometheus.namespace" $ }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ $.Values.server.useExistingClusterRoleName }} -{{ end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/service.yaml b/composio/charts/temporal/charts/prometheus/templates/service.yaml deleted file mode 100644 index 069f327..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/service.yaml +++ /dev/null @@ -1,63 +0,0 @@ -{{- if .Values.server.service.enabled -}} -apiVersion: v1 -kind: Service -metadata: -{{- if .Values.server.service.annotations }} - annotations: -{{ toYaml .Values.server.service.annotations | indent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -{{- if .Values.server.service.labels }} -{{ toYaml .Values.server.service.labels | indent 4 }} -{{- end }} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -spec: -{{- if .Values.server.service.clusterIP }} - clusterIP: {{ .Values.server.service.clusterIP }} -{{- end }} -{{- if .Values.server.service.externalIPs }} - externalIPs: -{{ toYaml .Values.server.service.externalIPs | indent 4 }} -{{- end }} -{{- if .Values.server.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.service.loadBalancerIP }} -{{- end }} -{{- if .Values.server.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := .Values.server.service.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} -{{- end }} - ports: - - name: http - port: {{ .Values.server.service.servicePort }} - protocol: TCP - targetPort: 9090 - {{- if .Values.server.service.nodePort }} - nodePort: {{ .Values.server.service.nodePort }} - {{- end }} - {{- if .Values.server.service.gRPC.enabled }} - - name: grpc - port: {{ .Values.server.service.gRPC.servicePort }} - protocol: TCP - targetPort: 10901 - {{- if .Values.server.service.gRPC.nodePort }} - nodePort: {{ .Values.server.service.gRPC.nodePort }} - {{- end }} - {{- end }} -{{- if .Values.server.service.additionalPorts }} -{{ toYaml .Values.server.service.additionalPorts | indent 4 }} -{{- end }} - selector: - {{- if and .Values.server.statefulSet.enabled .Values.server.service.statefulsetReplica.enabled }} - statefulset.kubernetes.io/pod-name: {{ template "prometheus.server.fullname" . }}-{{ .Values.server.service.statefulsetReplica.replica }} - {{- else -}} - {{- include "prometheus.server.matchLabels" . | nindent 4 }} -{{- if .Values.server.service.sessionAffinity }} - sessionAffinity: {{ .Values.server.service.sessionAffinity }} -{{- end }} - {{- end }} - type: "{{ .Values.server.service.type }}" -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/templates/serviceaccount.yaml b/composio/charts/temporal/charts/prometheus/templates/serviceaccount.yaml deleted file mode 100644 index 6d5ab0c..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.serviceAccounts.server.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - name: {{ template "prometheus.serviceAccountName.server" . }} - namespace: {{ include "prometheus.namespace" . }} - annotations: -{{ toYaml .Values.serviceAccounts.server.annotations | indent 4 }} -{{- if kindIs "bool" .Values.server.automountServiceAccountToken }} -automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }} -{{- else if kindIs "bool" .Values.serviceAccounts.server.automountServiceAccountToken }} -automountServiceAccountToken: {{ .Values.serviceAccounts.server.automountServiceAccountToken }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/sts.yaml b/composio/charts/temporal/charts/prometheus/templates/sts.yaml deleted file mode 100644 index da48ceb..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/sts.yaml +++ /dev/null @@ -1,417 +0,0 @@ -{{- if .Values.server.statefulSet.enabled -}} -apiVersion: apps/v1 -kind: StatefulSet -metadata: -{{- if .Values.server.statefulSet.annotations }} - annotations: - {{ toYaml .Values.server.statefulSet.annotations | nindent 4 }} -{{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} - {{- if .Values.server.statefulSet.labels}} - {{ toYaml .Values.server.statefulSet.labels | nindent 4 }} - {{- end}} - name: {{ template "prometheus.server.fullname" . }} - namespace: {{ include "prometheus.namespace" . }} -spec: - {{- if semverCompare ">= 1.27.x" (include "prometheus.kubeVersion" .) }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ ternary "Delete" "Retain" .Values.server.statefulSet.pvcDeleteOnStsDelete }} - whenScaled: {{ ternary "Delete" "Retain" .Values.server.statefulSet.pvcDeleteOnStsScale }} - {{- end }} - serviceName: {{ template "prometheus.server.fullname" . }}-headless - selector: - matchLabels: - {{- include "prometheus.server.matchLabels" . | nindent 6 }} - replicas: {{ .Values.server.replicaCount }} - revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }} - podManagementPolicy: {{ .Values.server.statefulSet.podManagementPolicy }} - template: - metadata: - {{- if .Values.server.podAnnotations }} - annotations: - {{ toYaml .Values.server.podAnnotations | nindent 8 }} - {{- end }} - labels: - {{- include "prometheus.server.labels" . | nindent 8 }} - {{- if .Values.server.podLabels}} - {{ toYaml .Values.server.podLabels | nindent 8 }} - {{- end}} - spec: -{{- if .Values.server.priorityClassName }} - priorityClassName: "{{ .Values.server.priorityClassName }}" -{{- end }} -{{- if .Values.server.schedulerName }} - schedulerName: "{{ .Values.server.schedulerName }}" -{{- end }} -{{- if semverCompare ">=1.13-0" .Capabilities.KubeVersion.GitVersion }} - {{- if or (.Values.server.enableServiceLinks) (eq (.Values.server.enableServiceLinks | toString) "") }} - enableServiceLinks: true - {{- else }} - enableServiceLinks: false - {{- end }} -{{- end }} - serviceAccountName: {{ template "prometheus.serviceAccountName.server" . }} -{{- if kindIs "bool" .Values.server.automountServiceAccountToken }} - automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }} -{{- end }} - {{- if .Values.server.extraInitContainers }} - initContainers: -{{ toYaml .Values.server.extraInitContainers | indent 8 }} - {{- end }} - containers: - {{- if .Values.configmapReload.prometheus.enabled }} - - name: {{ template "prometheus.name" . }}-{{ .Values.server.name }}-{{ .Values.configmapReload.prometheus.name }} - {{- if .Values.configmapReload.prometheus.image.digest }} - image: "{{ .Values.configmapReload.prometheus.image.repository }}@{{ .Values.configmapReload.prometheus.image.digest }}" - {{- else }} - image: "{{ .Values.configmapReload.prometheus.image.repository }}:{{ .Values.configmapReload.prometheus.image.tag }}" - {{- end }} - imagePullPolicy: "{{ .Values.configmapReload.prometheus.image.pullPolicy }}" - {{- with .Values.configmapReload.prometheus.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - args: - - --watched-dir=/etc/config - {{- $default_url := "http://127.0.0.1:9090/-/reload" }} - {{- with .Values.server.prefixURL }} - {{- $default_url = printf "http://127.0.0.1:9090%s/-/reload" . }} - {{- end }} - - --reload-url={{ default $default_url .Values.configmapReload.reloadUrl }} - {{- range $key, $value := .Values.configmapReload.prometheus.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraVolumeDirs }} - - --watched-dir={{ . }} - {{- end }} - {{- with .Values.configmapReload.env }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.configmapReload.prometheus.containerPort }} - ports: - - containerPort: {{ .Values.configmapReload.prometheus.containerPort }} - {{- end }} - {{- with .Values.configmapReload.prometheus.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: config-volume - mountPath: /etc/config - readOnly: true - {{- with .Values.configmapReload.prometheus.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- end }} - - - name: {{ template "prometheus.name" . }}-{{ .Values.server.name }} - {{- if .Values.server.image.digest }} - image: "{{ .Values.server.image.repository }}@{{ .Values.server.image.digest }}" - {{- else }} - image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion }}" - {{- end }} - imagePullPolicy: "{{ .Values.server.image.pullPolicy }}" - {{- with .Values.server.command }} - command: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.server.env }} - env: -{{ toYaml .Values.server.env | indent 12}} - {{- end }} - args: - {{- if .Values.server.defaultFlagsOverride }} - {{ toYaml .Values.server.defaultFlagsOverride | nindent 12}} - {{- else }} - {{- if .Values.server.prefixURL }} - - --web.route-prefix={{ .Values.server.prefixURL }} - {{- end }} - {{- if .Values.server.retention }} - - --storage.tsdb.retention.time={{ .Values.server.retention }} - {{- end }} - {{- if .Values.server.retentionSize }} - - --storage.tsdb.retention.size={{ .Values.server.retentionSize }} - {{- end }} - - --config.file={{ .Values.server.configPath }} - {{- if .Values.server.storagePath }} - - --storage.tsdb.path={{ .Values.server.storagePath }} - {{- else }} - - --storage.tsdb.path={{ .Values.server.persistentVolume.mountPath }} - {{- end }} - - --web.console.libraries=/etc/prometheus/console_libraries - - --web.console.templates=/etc/prometheus/consoles - {{- range .Values.server.extraFlags }} - - --{{ . }} - {{- end }} - {{- range $key, $value := .Values.server.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- if .Values.server.baseURL }} - - --web.external-url={{ .Values.server.baseURL }} - {{- end }} - {{- end }} - ports: - - containerPort: 9090 - {{- if .Values.server.portName }} - name: {{ .Values.server.portName }} - {{- end }} - {{- if .Values.server.hostPort }} - hostPort: {{ .Values.server.hostPort }} - {{- end }} - readinessProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/ready - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- with .Values.server.probeHeaders }} - httpHeaders: -{{- toYaml . | nindent 14 }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - initialDelaySeconds: {{ .Values.server.readinessProbeInitialDelay }} - periodSeconds: {{ .Values.server.readinessProbePeriodSeconds }} - timeoutSeconds: {{ .Values.server.readinessProbeTimeout }} - failureThreshold: {{ .Values.server.readinessProbeFailureThreshold }} - successThreshold: {{ .Values.server.readinessProbeSuccessThreshold }} - livenessProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/healthy - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- with .Values.server.probeHeaders }} - httpHeaders: -{{- toYaml . | nindent 14 }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - initialDelaySeconds: {{ .Values.server.livenessProbeInitialDelay }} - periodSeconds: {{ .Values.server.livenessProbePeriodSeconds }} - timeoutSeconds: {{ .Values.server.livenessProbeTimeout }} - failureThreshold: {{ .Values.server.livenessProbeFailureThreshold }} - successThreshold: {{ .Values.server.livenessProbeSuccessThreshold }} - {{- if .Values.server.startupProbe.enabled }} - startupProbe: - {{- if not .Values.server.tcpSocketProbeEnabled }} - httpGet: - path: {{ .Values.server.prefixURL }}/-/healthy - port: 9090 - scheme: {{ .Values.server.probeScheme }} - {{- if .Values.server.probeHeaders }} - httpHeaders: - {{- range .Values.server.probeHeaders}} - - name: {{ .name }} - value: {{ .value }} - {{- end }} - {{- end }} - {{- else }} - tcpSocket: - port: 9090 - {{- end }} - failureThreshold: {{ .Values.server.startupProbe.failureThreshold }} - periodSeconds: {{ .Values.server.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.server.startupProbe.timeoutSeconds }} - {{- end }} - {{- with .Values.server.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: config-volume - mountPath: /etc/config - - name: {{ ternary .Values.server.persistentVolume.statefulSetNameOverride "storage-volume" (and .Values.server.persistentVolume.enabled (not (empty .Values.server.persistentVolume.statefulSetNameOverride))) }} - mountPath: {{ .Values.server.persistentVolume.mountPath }} - subPath: "{{ .Values.server.persistentVolume.subPath }}" - {{- range .Values.server.extraHostPathMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- range .Values.server.extraConfigmapMounts }} - - name: {{ $.Values.server.name }}-{{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- range .Values.server.extraSecretMounts }} - - name: {{ .name }} - mountPath: {{ .mountPath }} - subPath: {{ .subPath }} - readOnly: {{ .readOnly }} - {{- end }} - {{- if .Values.server.extraVolumeMounts }} - {{ toYaml .Values.server.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- with .Values.server.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.server.sidecarContainers }} - {{- range $name, $spec := .Values.server.sidecarContainers }} - - name: {{ $name }} - {{- if kindIs "string" $spec }} - {{- tpl $spec $ | nindent 10 }} - {{- else }} - {{- toYaml $spec | nindent 10 }} - {{- end }} - {{- end }} - {{- end }} - hostNetwork: {{ .Values.server.hostNetwork }} - {{- if .Values.server.dnsPolicy }} - dnsPolicy: {{ .Values.server.dnsPolicy }} - {{- end }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} - {{- if .Values.server.nodeSelector }} - nodeSelector: -{{ toYaml .Values.server.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.server.hostAliases }} - hostAliases: -{{ toYaml .Values.server.hostAliases | indent 8 }} - {{- end }} - {{- if .Values.server.dnsConfig }} - dnsConfig: -{{ toYaml .Values.server.dnsConfig | indent 8 }} - {{- end }} - {{- with .Values.server.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.server.tolerations }} - tolerations: -{{ toYaml .Values.server.tolerations | indent 8 }} - {{- end }} - {{- if or .Values.server.affinity .Values.server.podAntiAffinity }} - affinity: - {{- end }} - {{- with .Values.server.affinity }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if eq .Values.server.podAntiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]} - {{- else if eq .Values.server.podAntiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: {{ .Values.server.podAntiAffinityTopologyKey }} - labelSelector: - matchExpressions: - - {key: app.kubernetes.io/name, operator: In, values: [{{ template "prometheus.name" . }}]} - {{- end }} - {{- with .Values.server.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} - volumes: - - name: config-volume - {{- if empty .Values.server.configFromSecret }} - configMap: - name: {{ if .Values.server.configMapOverrideName }}{{ .Release.Name }}-{{ .Values.server.configMapOverrideName }}{{- else }}{{ template "prometheus.server.fullname" . }}{{- end }} - {{- else }} - secret: - secretName: {{ .Values.server.configFromSecret }} - {{- end }} - {{- range .Values.server.extraHostPathMounts }} - - name: {{ .name }} - hostPath: - path: {{ .hostPath }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ $.Values.configmapReload.prometheus.name }}-{{ .name }} - configMap: - name: {{ .configMap }} - {{- end }} - {{- range .Values.server.extraConfigmapMounts }} - - name: {{ $.Values.server.name }}-{{ .name }} - configMap: - name: {{ .configMap }} - {{- end }} - {{- range .Values.server.extraSecretMounts }} - - name: {{ .name }} - secret: - secretName: {{ .secretName }} - {{- with .optional }} - optional: {{ . }} - {{- end }} - {{- end }} - {{- range .Values.configmapReload.prometheus.extraConfigmapMounts }} - - name: {{ .name }} - configMap: - name: {{ .configMap }} - {{- with .optional }} - optional: {{ . }} - {{- end }} - {{- end }} -{{- if .Values.server.extraVolumes }} -{{ toYaml .Values.server.extraVolumes | indent 8}} -{{- end }} -{{- if .Values.server.persistentVolume.enabled }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: {{ .Values.server.persistentVolume.statefulSetNameOverride | default "storage-volume" }} - {{- if .Values.server.persistentVolume.annotations }} - annotations: -{{ toYaml .Values.server.persistentVolume.annotations | indent 10 }} - {{- end }} - {{- if .Values.server.persistentVolume.labels }} - labels: -{{ toYaml .Values.server.persistentVolume.labels | indent 10 }} - {{- end }} - spec: - accessModes: -{{ toYaml .Values.server.persistentVolume.accessModes | indent 10 }} - resources: - requests: - storage: "{{ .Values.server.persistentVolume.size }}" - {{- if .Values.server.persistentVolume.storageClass }} - {{- if (eq "-" .Values.server.persistentVolume.storageClass) }} - storageClassName: "" - {{- else }} - storageClassName: "{{ .Values.server.persistentVolume.storageClass }}" - {{- end }} - {{- end }} -{{- else }} - - name: storage-volume - emptyDir: - {{- if .Values.server.emptyDir.sizeLimit }} - sizeLimit: {{ .Values.server.emptyDir.sizeLimit }} - {{- else }} - {} - {{- end -}} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/charts/prometheus/templates/vpa.yaml b/composio/charts/temporal/charts/prometheus/templates/vpa.yaml deleted file mode 100644 index cd07ad8..0000000 --- a/composio/charts/temporal/charts/prometheus/templates/vpa.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.server.verticalAutoscaler.enabled -}} -{{- if .Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler" }} -apiVersion: autoscaling.k8s.io/v1 -{{- else }} -apiVersion: autoscaling.k8s.io/v1beta2 -{{- end }} -kind: VerticalPodAutoscaler -metadata: - name: {{ template "prometheus.server.fullname" . }}-vpa - namespace: {{ include "prometheus.namespace" . }} - labels: - {{- include "prometheus.server.labels" . | nindent 4 }} -spec: - targetRef: - apiVersion: "apps/v1" -{{- if .Values.server.statefulSet.enabled }} - kind: StatefulSet -{{- else }} - kind: Deployment -{{- end }} - name: {{ template "prometheus.server.fullname" . }} - updatePolicy: - updateMode: {{ .Values.server.verticalAutoscaler.updateMode | default "Off" | quote }} - resourcePolicy: - containerPolicies: {{ .Values.server.verticalAutoscaler.containerPolicies | default list | toYaml | trim | nindent 4 }} -{{- end -}} diff --git a/composio/charts/temporal/charts/prometheus/values.schema.json b/composio/charts/temporal/charts/prometheus/values.schema.json deleted file mode 100644 index 8a5cd3b..0000000 --- a/composio/charts/temporal/charts/prometheus/values.schema.json +++ /dev/null @@ -1,749 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "alertRelabelConfigs": { - "type": "object" - }, - "alertmanager": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string" - } - } - }, - "podSecurityContext": { - "type": "object", - "properties": { - "fsGroup": { - "type": "integer" - }, - "runAsGroup": { - "type": "integer" - }, - "runAsNonRoot": { - "type": "boolean" - }, - "runAsUser": { - "type": "integer" - } - } - } - } - }, - "configmapReload": { - "type": "object", - "properties": { - "env": { - "type": "array" - }, - "prometheus": { - "type": "object", - "properties": { - "containerSecurityContext": { - "type": "object" - }, - "enabled": { - "type": "boolean" - }, - "extraArgs": { - "type": "object" - }, - "extraConfigmapMounts": { - "type": "array" - }, - "extraVolumeDirs": { - "type": "array" - }, - "extraVolumeMounts": { - "type": "array" - }, - "image": { - "type": "object", - "properties": { - "digest": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - } - } - }, - "name": { - "type": "string" - }, - "resources": { - "type": "object" - } - } - }, - "reloadUrl": { - "type": "string" - } - } - }, - "extraManifests": { - "type": "array" - }, - "extraScrapeConfigs": { - "type": "string" - }, - "forceNamespace": { - "type": "string" - }, - "imagePullSecrets": { - "type": "array" - }, - "kube-state-metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - } - } - }, - "networkPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - } - } - }, - "podSecurityPolicy": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - } - } - }, - "prometheus-node-exporter": { - "type": "object", - "properties": { - "containerSecurityContext": { - "type": "object", - "properties": { - "allowPrivilegeEscalation": { - "type": "boolean" - } - } - }, - "enabled": { - "type": "boolean" - }, - "rbac": { - "type": "object", - "properties": { - "pspEnabled": { - "type": "boolean" - } - } - } - } - }, - "prometheus-pushgateway": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "serviceAnnotations": { - "type": "object", - "properties": { - "prometheus.io/probe": { - "type": "string" - } - } - } - } - }, - "rbac": { - "type": "object", - "properties": { - "create": { - "type": "boolean" - } - } - }, - "ruleFiles": { - "type": "object" - }, - "server": { - "type": "object", - "properties": { - "affinity": { - "type": "object" - }, - "alertmanagers": { - "type": "array" - }, - "baseURL": { - "type": "string" - }, - "clusterRoleNameOverride": { - "type": "string" - }, - "command": { - "type": "array" - }, - "configMapAnnotations": { - "type": "object" - }, - "configMapOverrideName": { - "type": "string" - }, - "configPath": { - "type": "string" - }, - "containerSecurityContext": { - "type": "object" - }, - "defaultFlagsOverride": { - "type": "array" - }, - "deploymentAnnotations": { - "type": "object" - }, - "dnsConfig": { - "type": "object" - }, - "dnsPolicy": { - "type": "string" - }, - "emptyDir": { - "type": "object", - "properties": { - "sizeLimit": { - "type": "string" - } - } - }, - "enableServiceLinks": { - "type": "boolean" - }, - "env": { - "type": "array" - }, - "exemplars": { - "type": "object" - }, - "extraArgs": { - "type": "object" - }, - "extraConfigmapLabels": { - "type": "object" - }, - "extraConfigmapMounts": { - "type": "array" - }, - "extraFlags": { - "type": "array", - "items": { - "type": "string" - } - }, - "extraHostPathMounts": { - "type": "array" - }, - "extraInitContainers": { - "type": "array" - }, - "extraSecretMounts": { - "type": "array" - }, - "extraVolumeMounts": { - "type": "array" - }, - "extraVolumes": { - "type": "array" - }, - "global": { - "type": "object", - "properties": { - "evaluation_interval": { - "type": "string" - }, - "scrape_interval": { - "type": "string" - }, - "scrape_timeout": { - "type": "string" - } - } - }, - "hostAliases": { - "type": "array" - }, - "hostNetwork": { - "type": "boolean" - }, - "image": { - "type": "object", - "properties": { - "digest": { - "type": "string" - }, - "pullPolicy": { - "type": "string" - }, - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - } - } - }, - "ingress": { - "type": "object", - "properties": { - "annotations": { - "type": "object" - }, - "enabled": { - "type": "boolean" - }, - "extraLabels": { - "type": "object" - }, - "extraPaths": { - "type": "array" - }, - "hosts": { - "type": "array" - }, - "path": { - "type": "string" - }, - "pathType": { - "type": "string" - }, - "tls": { - "type": "array" - } - } - }, - "livenessProbeFailureThreshold": { - "type": "integer" - }, - "livenessProbeInitialDelay": { - "type": "integer" - }, - "livenessProbePeriodSeconds": { - "type": "integer" - }, - "livenessProbeSuccessThreshold": { - "type": "integer" - }, - "livenessProbeTimeout": { - "type": "integer" - }, - "name": { - "type": "string" - }, - "nodeSelector": { - "type": "object" - }, - "persistentVolume": { - "type": "object", - "properties": { - "accessModes": { - "type": "array", - "items": { - "type": "string" - } - }, - "annotations": { - "type": "object" - }, - "enabled": { - "type": "boolean" - }, - "existingClaim": { - "type": "string" - }, - "labels": { - "type": "object" - }, - "mountPath": { - "type": "string" - }, - "size": { - "type": "string" - }, - "statefulSetNameOverride": { - "type": "string" - }, - "subPath": { - "type": "string" - } - } - }, - "podAnnotations": { - "type": "object" - }, - "podAntiAffinity": { - "type": "string", - "enum": ["", "soft", "hard"], - "default": "" - }, - "podAntiAffinityTopologyKey": { - "type": "string" - }, - "podDisruptionBudget": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "maxUnavailable": { - "type": [ - "string", - "integer" - ] - } - } - }, - "podLabels": { - "type": "object" - }, - "podSecurityPolicy": { - "type": "object", - "properties": { - "annotations": { - "type": "object" - } - } - }, - "portName": { - "type": "string" - }, - "prefixURL": { - "type": "string" - }, - "priorityClassName": { - "type": "string" - }, - "probeHeaders": { - "type": "array" - }, - "probeScheme": { - "type": "string" - }, - "readinessProbeFailureThreshold": { - "type": "integer" - }, - "readinessProbeInitialDelay": { - "type": "integer" - }, - "readinessProbePeriodSeconds": { - "type": "integer" - }, - "readinessProbeSuccessThreshold": { - "type": "integer" - }, - "readinessProbeTimeout": { - "type": "integer" - }, - "releaseNamespace": { - "type": "boolean" - }, - "remoteRead": { - "type": "array" - }, - "remoteWrite": { - "type": "array" - }, - "replicaCount": { - "type": "integer" - }, - "resources": { - "type": "object" - }, - "retention": { - "type": "string" - }, - "retentionSize": { - "type": "string" - }, - "revisionHistoryLimit": { - "type": "integer" - }, - "securityContext": { - "type": "object", - "properties": { - "fsGroup": { - "type": "integer" - }, - "runAsGroup": { - "type": "integer" - }, - "runAsNonRoot": { - "type": "boolean" - }, - "runAsUser": { - "type": "integer" - } - } - }, - "service": { - "type": "object", - "properties": { - "additionalPorts": { - "type": "array" - }, - "annotations": { - "type": "object" - }, - "clusterIP": { - "type": "string" - }, - "enabled": { - "type": "boolean" - }, - "externalIPs": { - "type": "array" - }, - "gRPC": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "servicePort": { - "type": "integer" - } - } - }, - "labels": { - "type": "object" - }, - "loadBalancerIP": { - "type": "string" - }, - "loadBalancerSourceRanges": { - "type": "array" - }, - "servicePort": { - "type": "integer" - }, - "sessionAffinity": { - "type": "string" - }, - "statefulsetReplica": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "replica": { - "type": "integer" - } - } - }, - "type": { - "type": "string" - } - } - }, - "sidecarContainers": { - "type": "object" - }, - "sidecarTemplateValues": { - "type": "object" - }, - "startupProbe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "failureThreshold": { - "type": "integer" - }, - "periodSeconds": { - "type": "integer" - }, - "timeoutSeconds": { - "type": "integer" - } - } - }, - "statefulSet": { - "type": "object", - "properties": { - "annotations": { - "type": "object" - }, - "enabled": { - "type": "boolean" - }, - "headless": { - "type": "object", - "properties": { - "annotations": { - "type": "object" - }, - "gRPC": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "servicePort": { - "type": "integer" - } - } - }, - "labels": { - "type": "object" - }, - "servicePort": { - "type": "integer" - } - } - }, - "labels": { - "type": "object" - }, - "podManagementPolicy": { - "type": "string" - }, - "pvcDeleteOnStsDelete": { - "type": "boolean" - }, - "pvcDeleteOnStsScale": { - "type": "boolean" - } - } - }, - "storagePath": { - "type": "string" - }, - "strategy": { - "type": "object", - "properties": { - "type": { - "type": "string" - } - } - }, - "tcpSocketProbeEnabled": { - "type": "boolean" - }, - "terminationGracePeriodSeconds": { - "type": "integer" - }, - "tolerations": { - "type": "array" - }, - "topologySpreadConstraints": { - "type": "array" - }, - "tsdb": { - "type": "object" - }, - "verticalAutoscaler": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - } - } - } - } - }, - "scrapeConfigFiles": { - "type": "array" - }, - "serverFiles": { - "type": "object", - "properties": { - "alerting_rules.yml": { - "type": "object" - }, - "alerts": { - "type": "object" - }, - "prometheus.yml": { - "type": "object", - "properties": { - "rule_files": { - "type": "array", - "items": { - "type": "string" - } - }, - "scrape_configs": { - "type": "array", - "items": { - "type": "object", - "properties": { - "job_name": { - "type": "string" - }, - "static_configs": { - "type": "array", - "items": { - "type": "object", - "properties": { - "targets": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - } - } - } - } - }, - "recording_rules.yml": { - "type": "object" - }, - "rules": { - "type": "object" - } - } - }, - "serviceAccounts": { - "type": "object", - "properties": { - "server": { - "type": "object", - "properties": { - "annotations": { - "type": "object" - }, - "create": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "automountServiceAccountToken": { - "type": "boolean" - } - } - } - } - } - } -} diff --git a/composio/charts/temporal/charts/prometheus/values.yaml b/composio/charts/temporal/charts/prometheus/values.yaml deleted file mode 100644 index 72c44df..0000000 --- a/composio/charts/temporal/charts/prometheus/values.yaml +++ /dev/null @@ -1,1272 +0,0 @@ -# yaml-language-server: $schema=values.schema.json -# Default values for prometheus. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -rbac: - create: true - -podSecurityPolicy: - enabled: false - -imagePullSecrets: [] -# - name: "image-pull-secret" - -## Define serviceAccount names for components. Defaults to component's fully qualified name. -## -serviceAccounts: - server: - create: true - name: "" - annotations: {} - - ## Opt out of automounting Kubernetes API credentials. - ## It will be overriden by server.automountServiceAccountToken value, if set. - # automountServiceAccountToken: false - -## Additional labels to attach to all resources -commonMetaLabels: {} - -## Monitors ConfigMap changes and POSTs to a URL -## Ref: https://github.com/prometheus-operator/prometheus-operator/tree/main/cmd/prometheus-config-reloader -## -configmapReload: - ## URL for configmap-reload to use for reloads - ## - reloadUrl: "" - - ## env sets environment variables to pass to the container. Can be set as name/value pairs, - ## read from secrets or configmaps. - env: [] - # - name: SOMEVAR - # value: somevalue - # - name: PASSWORD - # valueFrom: - # secretKeyRef: - # name: mysecret - # key: password - # optional: false - - prometheus: - ## If false, the configmap-reload container will not be deployed - ## - enabled: true - - ## configmap-reload container name - ## - name: configmap-reload - - ## configmap-reload container image - ## - image: - repository: quay.io/prometheus-operator/prometheus-config-reloader - tag: v0.74.0 - # When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value). - digest: "" - pullPolicy: IfNotPresent - - # containerPort: 9533 - - ## Additional configmap-reload container arguments - ## Set to null for argumentless flags - ## - extraArgs: {} - - ## Additional configmap-reload volume directories - ## - extraVolumeDirs: [] - - ## Additional configmap-reload volume mounts - ## - extraVolumeMounts: [] - - ## Additional configmap-reload mounts - ## - extraConfigmapMounts: [] - # - name: prometheus-alerts - # mountPath: /etc/alerts.d - # subPath: "" - # configMap: prometheus-alerts - # readOnly: true - - ## Security context to be added to configmap-reload container - containerSecurityContext: {} - - ## configmap-reload resource requests and limits - ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} - -server: - ## Prometheus server container name - ## - name: server - - ## Opt out of automounting Kubernetes API credentials. - ## If set it will override serviceAccounts.server.automountServiceAccountToken value for ServiceAccount. - # automountServiceAccountToken: false - - ## Use a ClusterRole (and ClusterRoleBinding) - ## - If set to false - we define a RoleBinding in the defined namespaces ONLY - ## - ## NB: because we need a Role with nonResourceURL's ("/metrics") - you must get someone with Cluster-admin privileges to define this role for you, before running with this setting enabled. - ## This makes prometheus work - for users who do not have ClusterAdmin privs, but wants prometheus to operate on their own namespaces, instead of clusterwide. - ## - ## You MUST also set namespaces to the ones you have access to and want monitored by Prometheus. - ## - # useExistingClusterRoleName: nameofclusterrole - - ## If set it will override prometheus.server.fullname value for ClusterRole and ClusterRoleBinding - ## - clusterRoleNameOverride: "" - - # Enable only the release namespace for monitoring. By default all namespaces are monitored. - # If releaseNamespace and namespaces are both set a merged list will be monitored. - releaseNamespace: false - - ## namespaces to monitor (instead of monitoring all - clusterwide). Needed if you want to run without Cluster-admin privileges. - # namespaces: - # - yournamespace - - # sidecarContainers - add more containers to prometheus server - # Key/Value where Key is the sidecar `- name: ` - # Example: - # sidecarContainers: - # webserver: - # image: nginx - # OR for adding OAuth authentication to Prometheus - # sidecarContainers: - # oauth-proxy: - # image: quay.io/oauth2-proxy/oauth2-proxy:v7.1.2 - # args: - # - --upstream=http://127.0.0.1:9090 - # - --http-address=0.0.0.0:8081 - # - ... - # ports: - # - containerPort: 8081 - # name: oauth-proxy - # protocol: TCP - # resources: {} - sidecarContainers: {} - - # sidecarTemplateValues - context to be used in template for sidecarContainers - # Example: - # sidecarTemplateValues: *your-custom-globals - # sidecarContainers: - # webserver: |- - # {{ include "webserver-container-template" . }} - # Template for `webserver-container-template` might looks like this: - # image: "{{ .Values.server.sidecarTemplateValues.repository }}:{{ .Values.server.sidecarTemplateValues.tag }}" - # ... - # - sidecarTemplateValues: {} - - ## Prometheus server container image - ## - image: - repository: quay.io/prometheus/prometheus - # if not set appVersion field from Chart.yaml is used - tag: "" - # When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value). - digest: "" - pullPolicy: IfNotPresent - - ## Prometheus server command - ## - command: [] - - ## prometheus server priorityClassName - ## - priorityClassName: "" - - ## EnableServiceLinks indicates whether information about services should be injected - ## into pod's environment variables, matching the syntax of Docker links. - ## WARNING: the field is unsupported and will be skipped in K8s prior to v1.13.0. - ## - enableServiceLinks: true - - ## The URL prefix at which the container can be accessed. Useful in the case the '-web.external-url' includes a slug - ## so that the various internal URLs are still able to access as they are in the default case. - ## (Optional) - prefixURL: "" - - ## External URL which can access prometheus - ## Maybe same with Ingress host name - baseURL: "" - - ## Additional server container environment variables - ## - ## You specify this manually like you would a raw deployment manifest. - ## This means you can bind in environment variables from secrets. - ## - ## e.g. static environment variable: - ## - name: DEMO_GREETING - ## value: "Hello from the environment" - ## - ## e.g. secret environment variable: - ## - name: USERNAME - ## valueFrom: - ## secretKeyRef: - ## name: mysecret - ## key: username - env: [] - - # List of flags to override default parameters, e.g: - # - --enable-feature=agent - # - --storage.agent.retention.max-time=30m - # - --config.file=/etc/config/prometheus.yml - defaultFlagsOverride: [] - - extraFlags: - - web.enable-lifecycle - ## web.enable-admin-api flag controls access to the administrative HTTP API which includes functionality such as - ## deleting time series. This is disabled by default. - # - web.enable-admin-api - ## - ## storage.tsdb.no-lockfile flag controls BD locking - # - storage.tsdb.no-lockfile - ## - ## storage.tsdb.wal-compression flag enables compression of the write-ahead log (WAL) - # - storage.tsdb.wal-compression - - ## Path to a configuration file on prometheus server container FS - configPath: /etc/config/prometheus.yml - - ### The data directory used by prometheus to set --storage.tsdb.path - ### When empty server.persistentVolume.mountPath is used instead - storagePath: "" - - global: - ## How frequently to scrape targets by default - ## - scrape_interval: 1m - ## How long until a scrape request times out - ## - scrape_timeout: 10s - ## How frequently to evaluate rules - ## - evaluation_interval: 1m - ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write - ## - remoteWrite: [] - ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_read - ## - remoteRead: [] - - ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#tsdb - ## - tsdb: {} - # out_of_order_time_window: 0s - - ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#exemplars - ## Must be enabled via --enable-feature=exemplar-storage - ## - exemplars: {} - # max_exemplars: 100000 - - ## Custom HTTP headers for Liveness/Readiness/Startup Probe - ## - ## Useful for providing HTTP Basic Auth to healthchecks - probeHeaders: [] - # - name: "Authorization" - # value: "Bearer ABCDEabcde12345" - - ## Additional Prometheus server container arguments - ## Set to null for argumentless flags - ## - extraArgs: {} - # web.enable-remote-write-receiver: null - - ## Additional InitContainers to initialize the pod - ## - extraInitContainers: [] - - ## Additional Prometheus server Volume mounts - ## - extraVolumeMounts: [] - - ## Additional Prometheus server Volumes - ## - extraVolumes: [] - - ## Additional Prometheus server hostPath mounts - ## - extraHostPathMounts: [] - # - name: certs-dir - # mountPath: /etc/kubernetes/certs - # subPath: "" - # hostPath: /etc/kubernetes/certs - # readOnly: true - - extraConfigmapMounts: [] - # - name: certs-configmap - # mountPath: /prometheus - # subPath: "" - # configMap: certs-configmap - # readOnly: true - - ## Additional Prometheus server Secret mounts - # Defines additional mounts with secrets. Secrets must be manually created in the namespace. - extraSecretMounts: [] - # - name: secret-files - # mountPath: /etc/secrets - # subPath: "" - # secretName: prom-secret-files - # readOnly: true - - ## ConfigMap override where fullname is {{.Release.Name}}-{{.Values.server.configMapOverrideName}} - ## Defining configMapOverrideName will cause templates/server-configmap.yaml - ## to NOT generate a ConfigMap resource - ## - configMapOverrideName: "" - - ## Extra labels for Prometheus server ConfigMap (ConfigMap that holds serverFiles) - extraConfigmapLabels: {} - - ingress: - ## If true, Prometheus server Ingress will be created - ## - enabled: false - - # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName - # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress - # ingressClassName: nginx - - ## Prometheus server Ingress annotations - ## - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: 'true' - - ## Prometheus server Ingress additional labels - ## - extraLabels: {} - - ## Redirect ingress to an additional defined port on the service - # servicePort: 8081 - - ## Prometheus server Ingress hostnames with optional path - ## Must be provided if Ingress is enabled - ## - hosts: [] - # - prometheus.domain.com - # - domain.com/prometheus - - path: / - - # pathType is only for k8s >= 1.18 - pathType: Prefix - - ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services. - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - - ## Prometheus server Ingress TLS configuration - ## Secrets must be manually created in the namespace - ## - tls: [] - # - secretName: prometheus-server-tls - # hosts: - # - prometheus.domain.com - - ## Server Deployment Strategy type - strategy: - type: Recreate - - ## hostAliases allows adding entries to /etc/hosts inside the containers - hostAliases: [] - # - ip: "127.0.0.1" - # hostnames: - # - "example.com" - - ## Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - ## - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - ## Node labels for Prometheus server pod assignment - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - - ## Pod affinity - ## - affinity: {} - - ## Pod anti-affinity can prevent the scheduler from placing Prometheus server replicas on the same node. - ## The value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. - ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. - ## The default value "" will disable pod anti-affinity so that no anti-affinity rules will be configured (unless set in `server.affinity`). - ## - podAntiAffinity: "" - - ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. - ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone - ## - podAntiAffinityTopologyKey: kubernetes.io/hostname - - ## Pod topology spread constraints - ## ref. https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ - topologySpreadConstraints: [] - - ## PodDisruptionBudget settings - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - ## - podDisruptionBudget: - enabled: false - maxUnavailable: 1 - # minAvailable: 1 - ## unhealthyPodEvictionPolicy is available since 1.27.0 (beta) - ## https://kubernetes.io/docs/tasks/run-application/configure-pdb/#unhealthy-pod-eviction-policy - # unhealthyPodEvictionPolicy: IfHealthyBudget - - ## Use an alternate scheduler, e.g. "stork". - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - # schedulerName: - - persistentVolume: - ## If true, Prometheus server will create/use a Persistent Volume Claim - ## If false, use emptyDir - ## - enabled: true - - ## If set it will override the name of the created persistent volume claim - ## generated by the stateful set. - ## - statefulSetNameOverride: "" - - ## Prometheus server data Persistent Volume access modes - ## Must match those of existing PV or dynamic provisioner - ## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - ## - accessModes: - - ReadWriteOnce - - ## Prometheus server data Persistent Volume labels - ## - labels: {} - - ## Prometheus server data Persistent Volume annotations - ## - annotations: {} - - ## Prometheus server data Persistent Volume existing claim name - ## Requires server.persistentVolume.enabled: true - ## If defined, PVC must be created manually before volume will be bound - existingClaim: "" - - ## Prometheus server data Persistent Volume mount root path - ## - mountPath: /data - - ## Prometheus server data Persistent Volume size - ## - size: 8Gi - - ## Prometheus server data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - - ## Prometheus server data Persistent Volume Binding Mode - ## If defined, volumeBindingMode: - ## If undefined (the default) or set to null, no volumeBindingMode spec is - ## set, choosing the default mode. - ## - # volumeBindingMode: "" - - ## Subdirectory of Prometheus server data Persistent Volume to mount - ## Useful if the volume's root directory is not empty - ## - subPath: "" - - ## Persistent Volume Claim Selector - ## Useful if Persistent Volumes have been provisioned in advance - ## Ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector - ## - # selector: - # matchLabels: - # release: "stable" - # matchExpressions: - # - { key: environment, operator: In, values: [ dev ] } - - ## Persistent Volume Name - ## Useful if Persistent Volumes have been provisioned in advance and you want to use a specific one - ## - # volumeName: "" - - emptyDir: - ## Prometheus server emptyDir volume size limit - ## - sizeLimit: "" - - ## Annotations to be added to Prometheus server pods - ## - podAnnotations: {} - # iam.amazonaws.com/role: prometheus - - ## Labels to be added to Prometheus server pods - ## - podLabels: {} - - ## Prometheus AlertManager configuration - ## - alertmanagers: [] - - ## Specify if a Pod Security Policy for node-exporter must be created - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ - ## - podSecurityPolicy: - annotations: {} - ## Specify pod annotations - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl - ## - # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' - # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - - ## Use a StatefulSet if replicaCount needs to be greater than 1 (see below) - ## - replicaCount: 1 - - ## Number of old history to retain to allow rollback - ## Default Kubernetes value is set to 10 - ## - revisionHistoryLimit: 10 - - ## Annotations to be added to ConfigMap - ## - configMapAnnotations: {} - - ## Annotations to be added to deployment - ## - deploymentAnnotations: {} - - statefulSet: - ## If true, use a statefulset instead of a deployment for pod management. - ## This allows to scale replicas to more than 1 pod - ## - enabled: false - - annotations: {} - labels: {} - podManagementPolicy: OrderedReady - - ## Alertmanager headless service to use for the statefulset - ## - headless: - annotations: {} - labels: {} - servicePort: 80 - ## Enable gRPC port on service to allow auto discovery with thanos-querier - gRPC: - enabled: false - servicePort: 10901 - # nodePort: 10901 - - ## Statefulset's persistent volume claim retention policy - ## pvcDeleteOnStsDelete and pvcDeleteOnStsScale determine whether - ## statefulset's PVCs are deleted (true) or retained (false) on scaling down - ## and deleting statefulset, respectively. Requires 1.27.0+. - ## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## - pvcDeleteOnStsDelete: false - pvcDeleteOnStsScale: false - - ## Prometheus server readiness and liveness probe initial delay and timeout - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - ## - tcpSocketProbeEnabled: false - probeScheme: HTTP - readinessProbeInitialDelay: 30 - readinessProbePeriodSeconds: 5 - readinessProbeTimeout: 4 - readinessProbeFailureThreshold: 3 - readinessProbeSuccessThreshold: 1 - livenessProbeInitialDelay: 30 - livenessProbePeriodSeconds: 15 - livenessProbeTimeout: 10 - livenessProbeFailureThreshold: 3 - livenessProbeSuccessThreshold: 1 - startupProbe: - enabled: false - periodSeconds: 5 - failureThreshold: 30 - timeoutSeconds: 10 - - ## Prometheus server resource requests and limits - ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 500m - # memory: 512Mi - - # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), - # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working - ## - hostNetwork: false - - # When hostNetwork is enabled, this will set to ClusterFirstWithHostNet automatically - dnsPolicy: ClusterFirst - - # Use hostPort - # hostPort: 9090 - - # Use portName - portName: "" - - ## Vertical Pod Autoscaler config - ## Ref: https://github.com/kubernetes/autoscaler/tree/master/vertical-pod-autoscaler - verticalAutoscaler: - ## If true a VPA object will be created for the controller (either StatefulSet or Deployemnt, based on above configs) - enabled: false - # updateMode: "Auto" - # containerPolicies: - # - containerName: 'prometheus-server' - - # Custom DNS configuration to be added to prometheus server pods - dnsConfig: {} - # nameservers: - # - 1.2.3.4 - # searches: - # - ns1.svc.cluster-domain.example - # - my.dns.search.suffix - # options: - # - name: ndots - # value: "2" - # - name: edns0 - - ## Security context to be added to server pods - ## - securityContext: - runAsUser: 65534 - runAsNonRoot: true - runAsGroup: 65534 - fsGroup: 65534 - - ## Security context to be added to server container - ## - containerSecurityContext: {} - - service: - ## If false, no Service will be created for the Prometheus server - ## - enabled: true - - annotations: {} - labels: {} - clusterIP: "" - - ## List of IP addresses at which the Prometheus server service is available - ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - ## - externalIPs: [] - - loadBalancerIP: "" - loadBalancerSourceRanges: [] - servicePort: 80 - sessionAffinity: None - type: ClusterIP - - ## Enable gRPC port on service to allow auto discovery with thanos-querier - gRPC: - enabled: false - servicePort: 10901 - # nodePort: 10901 - - ## If using a statefulSet (statefulSet.enabled=true), configure the - ## service to connect to a specific replica to have a consistent view - ## of the data. - statefulsetReplica: - enabled: false - replica: 0 - - ## Additional port to define in the Service - additionalPorts: [] - # additionalPorts: - # - name: authenticated - # port: 8081 - # targetPort: 8081 - - ## Prometheus server pod termination grace period - ## - terminationGracePeriodSeconds: 300 - - ## Prometheus data retention period (default if not specified is 15 days) - ## - retention: "15d" - - ## Prometheus' data retention size. Supported units: B, KB, MB, GB, TB, PB, EB. - ## - retentionSize: "" - -## Prometheus server ConfigMap entries for rule files (allow prometheus labels interpolation) -ruleFiles: {} - -## Prometheus server ConfigMap entries for scrape_config_files -## (allows scrape configs defined in additional files) -## -scrapeConfigFiles: [] - -## Prometheus server ConfigMap entries -## -serverFiles: - ## Alerts configuration - ## Ref: https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ - alerting_rules.yml: {} - # groups: - # - name: Instances - # rules: - # - alert: InstanceDown - # expr: up == 0 - # for: 5m - # labels: - # severity: page - # annotations: - # description: '{{ $labels.instance }} of job {{ $labels.job }} has been down for more than 5 minutes.' - # summary: 'Instance {{ $labels.instance }} down' - ## DEPRECATED DEFAULT VALUE, unless explicitly naming your files, please use alerting_rules.yml - alerts: {} - - ## Records configuration - ## Ref: https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/ - recording_rules.yml: {} - ## DEPRECATED DEFAULT VALUE, unless explicitly naming your files, please use recording_rules.yml - rules: {} - - prometheus.yml: - rule_files: - - /etc/config/recording_rules.yml - - /etc/config/alerting_rules.yml - ## Below two files are DEPRECATED will be removed from this default values file - - /etc/config/rules - - /etc/config/alerts - - scrape_configs: - - job_name: prometheus - static_configs: - - targets: - - localhost:9090 - - # A scrape configuration for running Prometheus on a Kubernetes cluster. - # This uses separate scrape configs for cluster components (i.e. API server, node) - # and services to allow each to use different authentication configs. - # - # Kubernetes labels will be added as Prometheus labels on metrics via the - # `labelmap` relabeling action. - - # Scrape config for API servers. - # - # Kubernetes exposes API servers as endpoints to the default/kubernetes - # service so this uses `endpoints` role and uses relabelling to only keep - # the endpoints associated with the default/kubernetes service using the - # default named port `https`. This works for single API server deployments as - # well as HA API server deployments. - - job_name: 'kubernetes-apiservers' - - kubernetes_sd_configs: - - role: endpoints - - # Default to scraping over https. If required, just disable this or change to - # `http`. - scheme: https - - # This TLS & bearer token file config is used to connect to the actual scrape - # endpoints for cluster components. This is separate to discovery auth - # configuration because discovery & scraping are two separate concerns in - # Prometheus. The discovery auth config is automatic if Prometheus runs inside - # the cluster. Otherwise, more config options have to be provided within the - # . - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # If your node certificates are self-signed or use a different CA to the - # master CA, then disable certificate verification below. Note that - # certificate verification is an integral part of a secure infrastructure - # so this should only be disabled in a controlled environment. You can - # disable certificate verification by uncommenting the line below. - # - insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - # Keep only the default/kubernetes service endpoints for the https port. This - # will add targets for each API server which Kubernetes adds an endpoint to - # the default/kubernetes service. - relabel_configs: - - source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: default;kubernetes;https - - - job_name: 'kubernetes-nodes' - - # Default to scraping over https. If required, just disable this or change to - # `http`. - scheme: https - - # This TLS & bearer token file config is used to connect to the actual scrape - # endpoints for cluster components. This is separate to discovery auth - # configuration because discovery & scraping are two separate concerns in - # Prometheus. The discovery auth config is automatic if Prometheus runs inside - # the cluster. Otherwise, more config options have to be provided within the - # . - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # If your node certificates are self-signed or use a different CA to the - # master CA, then disable certificate verification below. Note that - # certificate verification is an integral part of a secure infrastructure - # so this should only be disabled in a controlled environment. You can - # disable certificate verification by uncommenting the line below. - # - insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: node - - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - target_label: __address__ - replacement: kubernetes.default.svc:443 - - source_labels: [__meta_kubernetes_node_name] - regex: (.+) - target_label: __metrics_path__ - replacement: /api/v1/nodes/$1/proxy/metrics - - - - job_name: 'kubernetes-nodes-cadvisor' - - # Default to scraping over https. If required, just disable this or change to - # `http`. - scheme: https - - # This TLS & bearer token file config is used to connect to the actual scrape - # endpoints for cluster components. This is separate to discovery auth - # configuration because discovery & scraping are two separate concerns in - # Prometheus. The discovery auth config is automatic if Prometheus runs inside - # the cluster. Otherwise, more config options have to be provided within the - # . - tls_config: - ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt - # If your node certificates are self-signed or use a different CA to the - # master CA, then disable certificate verification below. Note that - # certificate verification is an integral part of a secure infrastructure - # so this should only be disabled in a controlled environment. You can - # disable certificate verification by uncommenting the line below. - # - insecure_skip_verify: true - bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - - kubernetes_sd_configs: - - role: node - - # This configuration will work only on kubelet 1.7.3+ - # As the scrape endpoints for cAdvisor have changed - # if you are using older version you need to change the replacement to - # replacement: /api/v1/nodes/$1:4194/proxy/metrics - # more info here https://github.com/coreos/prometheus-operator/issues/633 - relabel_configs: - - action: labelmap - regex: __meta_kubernetes_node_label_(.+) - - target_label: __address__ - replacement: kubernetes.default.svc:443 - - source_labels: [__meta_kubernetes_node_name] - regex: (.+) - target_label: __metrics_path__ - replacement: /api/v1/nodes/$1/proxy/metrics/cadvisor - - # Metric relabel configs to apply to samples before ingestion. - # [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) - # metric_relabel_configs: - # - action: labeldrop - # regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone) - - # Scrape config for service endpoints. - # - # The relabeling allows the actual service scrape endpoint to be configured - # via the following annotations: - # - # * `prometheus.io/scrape`: Only scrape services that have a value of - # `true`, except if `prometheus.io/scrape-slow` is set to `true` as well. - # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need - # to set this to `https` & most likely set the `tls_config` of the scrape config. - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: If the metrics are exposed on a different port to the - # service then set this appropriately. - # * `prometheus.io/param_`: If the metrics endpoint uses parameters - # then you can set any parameter - - job_name: 'kubernetes-service-endpoints' - honor_labels: true - - kubernetes_sd_configs: - - role: endpoints - - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] - action: drop - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: service - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node - - # Scrape config for slow service endpoints; same as above, but with a larger - # timeout and a larger interval - # - # The relabeling allows the actual service scrape endpoint to be configured - # via the following annotations: - # - # * `prometheus.io/scrape-slow`: Only scrape services that have a value of `true` - # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need - # to set this to `https` & most likely set the `tls_config` of the scrape config. - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: If the metrics are exposed on a different port to the - # service then set this appropriately. - # * `prometheus.io/param_`: If the metrics endpoint uses parameters - # then you can set any parameter - - job_name: 'kubernetes-service-endpoints-slow' - honor_labels: true - - scrape_interval: 5m - scrape_timeout: 30s - - kubernetes_sd_configs: - - role: endpoints - - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape_slow] - action: keep - regex: true - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme] - action: replace - target_label: __scheme__ - regex: (https?) - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port] - action: replace - target_label: __address__ - regex: (.+?)(?::\d+)?;(\d+) - replacement: $1:$2 - - action: labelmap - regex: __meta_kubernetes_service_annotation_prometheus_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_service_name] - action: replace - target_label: service - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node - - - job_name: 'prometheus-pushgateway' - honor_labels: true - - kubernetes_sd_configs: - - role: service - - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe] - action: keep - regex: pushgateway - - # Example scrape config for probing services via the Blackbox Exporter. - # - # The relabeling allows the actual service scrape endpoint to be configured - # via the following annotations: - # - # * `prometheus.io/probe`: Only probe services that have a value of `true` - - job_name: 'kubernetes-services' - honor_labels: true - - metrics_path: /probe - params: - module: [http_2xx] - - kubernetes_sd_configs: - - role: service - - relabel_configs: - - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_probe] - action: keep - regex: true - - source_labels: [__address__] - target_label: __param_target - - target_label: __address__ - replacement: blackbox - - source_labels: [__param_target] - target_label: instance - - action: labelmap - regex: __meta_kubernetes_service_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - target_label: namespace - - source_labels: [__meta_kubernetes_service_name] - target_label: service - - # Example scrape config for pods - # - # The relabeling allows the actual pod scrape endpoint to be configured via the - # following annotations: - # - # * `prometheus.io/scrape`: Only scrape pods that have a value of `true`, - # except if `prometheus.io/scrape-slow` is set to `true` as well. - # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need - # to set this to `https` & most likely set the `tls_config` of the scrape config. - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. - - job_name: 'kubernetes-pods' - honor_labels: true - - kubernetes_sd_configs: - - role: pod - - relabel_configs: - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] - action: keep - regex: true - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape_slow] - action: drop - regex: true - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scheme] - action: replace - regex: (https?) - target_label: __scheme__ - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] - action: replace - regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) - replacement: '[$2]:$1' - target_label: __address__ - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] - action: replace - regex: (\d+);((([0-9]+?)(\.|$)){4}) - replacement: $2:$1 - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: pod - - source_labels: [__meta_kubernetes_pod_phase] - regex: Pending|Succeeded|Failed|Completed - action: drop - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node - - # Example Scrape config for pods which should be scraped slower. An useful example - # would be stackriver-exporter which queries an API on every scrape of the pod - # - # The relabeling allows the actual pod scrape endpoint to be configured via the - # following annotations: - # - # * `prometheus.io/scrape-slow`: Only scrape pods that have a value of `true` - # * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need - # to set this to `https` & most likely set the `tls_config` of the scrape config. - # * `prometheus.io/path`: If the metrics path is not `/metrics` override this. - # * `prometheus.io/port`: Scrape the pod on the indicated port instead of the default of `9102`. - - job_name: 'kubernetes-pods-slow' - honor_labels: true - - scrape_interval: 5m - scrape_timeout: 30s - - kubernetes_sd_configs: - - role: pod - - relabel_configs: - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape_slow] - action: keep - regex: true - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scheme] - action: replace - regex: (https?) - target_label: __scheme__ - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] - action: replace - target_label: __metrics_path__ - regex: (.+) - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] - action: replace - regex: (\d+);(([A-Fa-f0-9]{1,4}::?){1,7}[A-Fa-f0-9]{1,4}) - replacement: '[$2]:$1' - target_label: __address__ - - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_port, __meta_kubernetes_pod_ip] - action: replace - regex: (\d+);((([0-9]+?)(\.|$)){4}) - replacement: $2:$1 - target_label: __address__ - - action: labelmap - regex: __meta_kubernetes_pod_annotation_prometheus_io_param_(.+) - replacement: __param_$1 - - action: labelmap - regex: __meta_kubernetes_pod_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: pod - - source_labels: [__meta_kubernetes_pod_phase] - regex: Pending|Succeeded|Failed|Completed - action: drop - - source_labels: [__meta_kubernetes_pod_node_name] - action: replace - target_label: node - -# adds additional scrape configs to prometheus.yml -# must be a string so you have to add a | after extraScrapeConfigs: -# example adds prometheus-blackbox-exporter scrape config -extraScrapeConfigs: "" - # - job_name: 'prometheus-blackbox-exporter' - # metrics_path: /probe - # params: - # module: [http_2xx] - # static_configs: - # - targets: - # - https://example.com - # relabel_configs: - # - source_labels: [__address__] - # target_label: __param_target - # - source_labels: [__param_target] - # target_label: instance - # - target_label: __address__ - # replacement: prometheus-blackbox-exporter:9115 - -# Adds option to add alert_relabel_configs to avoid duplicate alerts in alertmanager -# useful in H/A prometheus with different external labels but the same alerts -alertRelabelConfigs: {} - # alert_relabel_configs: - # - source_labels: [dc] - # regex: (.+)\d+ - # target_label: dc - -networkPolicy: - ## Enable creation of NetworkPolicy resources. - ## - enabled: false - -# Force namespace of namespaced resources -forceNamespace: "" - -# Extra manifests to deploy as an array -extraManifests: [] - # - | - # apiVersion: v1 - # kind: ConfigMap - # metadata: - # labels: - # name: prometheus-extra - # data: - # extra-data: "value" - -# Configuration of subcharts defined in Chart.yaml - -## alertmanager sub-chart configurable values -## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/alertmanager -## -alertmanager: - ## If false, alertmanager will not be installed - ## - enabled: true - - persistence: - size: 2Gi - - podSecurityContext: - runAsUser: 65534 - runAsNonRoot: true - runAsGroup: 65534 - fsGroup: 65534 - -## kube-state-metrics sub-chart configurable values -## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics -## -kube-state-metrics: - ## If false, kube-state-metrics sub-chart will not be installed - ## - enabled: true - -## prometheus-node-exporter sub-chart configurable values -## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter -## -prometheus-node-exporter: - ## If false, node-exporter will not be installed - ## - enabled: true - - rbac: - pspEnabled: false - - containerSecurityContext: - allowPrivilegeEscalation: false - -## prometheus-pushgateway sub-chart configurable values -## Please see https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-pushgateway -## -prometheus-pushgateway: - ## If false, pushgateway will not be installed - ## - enabled: true - - # Optional service annotations - serviceAnnotations: - prometheus.io/probe: pushgateway diff --git a/composio/charts/temporal/ci/cassandra-es-values.yaml b/composio/charts/temporal/ci/cassandra-es-values.yaml deleted file mode 100644 index df1718f..0000000 --- a/composio/charts/temporal/ci/cassandra-es-values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -server: - replicaCount: 1 -cassandra: - enabled: true - config: - cluster_size: 1 -elasticsearch: - enabled: true - replicas: 1 -prometheus: - enabled: false -grafana: - enabled: false diff --git a/composio/charts/temporal/ci/postgres-es-values.yaml b/composio/charts/temporal/ci/postgres-es-values.yaml deleted file mode 100644 index c0b83b7..0000000 --- a/composio/charts/temporal/ci/postgres-es-values.yaml +++ /dev/null @@ -1,26 +0,0 @@ -server: - replicaCount: 1 - config: - persistence: - defaultStore: default - default: - driver: "sql" - sql: - driver: "postgres12" - host: "postgres-postgresql.postgres" - port: 5432 - database: "temporal" - user: "temporal" - password: "temporal" - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" -elasticsearch: - enabled: true - replicas: 1 -cassandra: - enabled: false -prometheus: - enabled: false -grafana: - enabled: false diff --git a/composio/charts/temporal/ci/postgres-values.yaml b/composio/charts/temporal/ci/postgres-values.yaml deleted file mode 100644 index 825e7f1..0000000 --- a/composio/charts/temporal/ci/postgres-values.yaml +++ /dev/null @@ -1,37 +0,0 @@ -server: - replicaCount: 1 - config: - persistence: - defaultStore: default - default: - driver: "sql" - sql: - driver: "postgres12" - host: "postgres-postgresql.postgres" - port: 5432 - database: "temporal" - user: "temporal" - password: "temporal" - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - visibility: - driver: "sql" - sql: - driver: "postgres12" - host: "postgres-postgresql.postgres" - port: 5432 - database: "temporal" - user: "temporal" - password: "temporal" - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" -cassandra: - enabled: false -elasticsearch: - enabled: false -prometheus: - enabled: false -grafana: - enabled: false diff --git a/composio/charts/temporal/templates/NOTES.txt b/composio/charts/temporal/templates/NOTES.txt deleted file mode 100644 index 96b5069..0000000 --- a/composio/charts/temporal/templates/NOTES.txt +++ /dev/null @@ -1,3 +0,0 @@ -To verify that Temporal has started, run: - - kubectl --namespace={{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/composio/charts/temporal/templates/_admintools-env.yaml b/composio/charts/temporal/templates/_admintools-env.yaml deleted file mode 100644 index 56d78a6..0000000 --- a/composio/charts/temporal/templates/_admintools-env.yaml +++ /dev/null @@ -1,97 +0,0 @@ -{{- define "temporal.admintools-env" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driver := include "temporal.persistence.driver" (list $global $store) -}} -{{- $driverConfig := index $storeConfig $driver }} -{{- if eq $driver "elasticsearch" -}} -{{- $driverConfig = $global.Values.elasticsearch -}} -{{- end -}} -{{- if eq $driver "cassandra" -}} -- name: CASSANDRA_HOST - value: {{ first (splitList "," (include "temporal.persistence.cassandra.hosts" (list $global $store))) }} -- name: CASSANDRA_PORT - value: {{ include "temporal.persistence.cassandra.port" (list $global $store) | quote }} -- name: CASSANDRA_KEYSPACE - value: {{ $driverConfig.keyspace }} -- name: CASSANDRA_USER - value: {{ $driverConfig.user }} -- name: CASSANDRA_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "temporal.persistence.secretName" (list $global $store) }} - key: {{ include "temporal.persistence.secretKey" (list $global $store) }} - {{- with $driverConfig.tls }} -- name: CASSANDRA_ENABLE_TLS - value: {{ .enabled | quote }} - {{- with .caFile }} -- name: CASSANDRA_TLS_CA - value: {{ . }} - {{- end }} - {{- if hasKey . "enableHostVerification" }} -- name: CASSANDRA_TLS_DISABLE_HOST_VERIFICATION - value: {{ not .enableHostVerification | quote }} - {{- end }} - {{- end }} -{{- else if eq $driver "sql" -}} -- name: SQL_PLUGIN - value: {{ include "temporal.persistence.sql.driver" (list $global $store) }} -- name: SQL_HOST - value: {{ include "temporal.persistence.sql.host" (list $global $store) }} -- name: SQL_PORT - value: {{ include "temporal.persistence.sql.port" (list $global $store) | quote }} -- name: SQL_DATABASE - value: {{ include "temporal.persistence.sql.database" (list $global $store) }} -- name: SQL_USER - value: {{ $driverConfig.user }} -- name: SQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "temporal.persistence.secretName" (list $global $store) }} - key: {{ include "temporal.persistence.secretKey" (list $global $store) }} - {{- with $driverConfig.connectAttributes }} -- name: SQL_CONNECT_ATTRIBUTES - value: {{ include "temporal.persistence.sql.connectAttributes" (list $global $store) | quote }} - {{- end }} - {{- with $driverConfig.tls }} -- name: SQL_TLS - value: {{ .enabled | quote }} - {{- with .caFile }} -- name: SQL_TLS_CA_FILE - value: {{ . }} - {{- end }} - {{- if and .certFile .keyFile }} -- name: SQL_TLS_CERT_FILE - value: {{ .certFile }} -- name: SQL_TLS_KEY_FILE - value: {{ .keyFile }} - {{- end }} - {{- with .serverName }} -- name: SQL_TLS_SERVER_NAME - value: {{ . }} - {{- end }} - {{- if hasKey . "enableHostVerification" }} -- name: SQL_TLS_DISABLE_HOST_VERIFICATION - value: {{ not .enableHostVerification | quote }} - {{- end }} - {{- end }} -{{- else if eq $driver "elasticsearch" -}} -- name: ES_SCHEME - value: {{ $driverConfig.scheme }} -- name: ES_HOST - value: {{ $driverConfig.host }} -- name: ES_PORT - value: {{ $driverConfig.port | quote }} -- name: ES_USER - value: {{ $driverConfig.username | quote }} -- name: ES_PWD - valueFrom: - secretKeyRef: - name: {{ include "temporal.persistence.secretName" (list $global $store) }} - key: {{ include "temporal.persistence.secretKey" (list $global $store) }} -- name: ES_VERSION - value: {{ $driverConfig.version }} -- name: ES_VISIBILITY_INDEX - value: {{ $driverConfig.visibilityIndex }} -{{- end }} -{{- end -}} diff --git a/composio/charts/temporal/templates/_helpers.tpl b/composio/charts/temporal/templates/_helpers.tpl deleted file mode 100644 index 3dbff79..0000000 --- a/composio/charts/temporal/templates/_helpers.tpl +++ /dev/null @@ -1,453 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "temporal.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "temporal.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "temporal.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account -*/}} -{{- define "temporal.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} -{{ default (include "temporal.fullname" .) .Values.serviceAccount.name }} -{{- else -}} -{{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Define the service account as needed -*/}} -{{- define "temporal.serviceAccount" -}} -serviceAccountName: {{ include "temporal.serviceAccountName" . }} -{{- end -}} - -{{/* -Create a default fully qualified component name from the full app name and a component name. -We truncate the full name at 63 - 1 (last dash) - len(component name) chars because some Kubernetes name fields are limited to this (by the DNS naming spec) -and we want to make sure that the component is included in the name. -*/}} -{{- define "temporal.componentname" -}} -{{- $global := index . 0 -}} -{{- $component := index . 1 | trimPrefix "-" -}} -{{- printf "%s-%s" (include "temporal.fullname" $global | trunc (sub 62 (len $component) | int) | trimSuffix "-" ) $component | trimSuffix "-" -}} -{{- end -}} - -{{/* -Define the AppVersion -*/}} -{{- define "temporal.appVersion" -}} -{{- if .Chart.AppVersion -}} -{{ .Chart.AppVersion | replace "+" "_" | quote }} -{{- else -}} -{{ include "temporal.chart" $ }} -{{- end -}} -{{- end -}} - -{{/* -Create the annotations for all resources -*/}} -{{- define "temporal.resourceAnnotations" -}} -{{- $global := index . 0 -}} -{{- $scope := index . 1 -}} -{{- $resourceType := index . 2 -}} -{{- $component := "server" -}} -{{- if (or (eq $scope "admintools") (eq $scope "web")) -}} -{{- $component = $scope -}} -{{- end -}} -{{- with $resourceType -}} -{{- $resourceTypeKey := printf "%sAnnotations" . -}} -{{- $componentAnnotations := (index $global.Values $component $resourceTypeKey) -}} -{{- $scopeAnnotations := dict -}} -{{- if hasKey (index $global.Values $component) $scope -}} -{{- $scopeAnnotations = (index $global.Values $component $scope $resourceTypeKey) -}} -{{- end -}} -{{- $resourceAnnotations := merge $scopeAnnotations $componentAnnotations -}} -{{- range $annotation_name, $annotation_value := $resourceAnnotations }} -{{ $annotation_name }}: {{ $annotation_value | quote }} -{{- end -}} -{{- end -}} -{{- range $annotation_name, $annotation_value := $global.Values.additionalAnnotations }} -{{ $annotation_name }}: {{ $annotation_value | quote }} -{{- end -}} -{{- end -}} - -{{/* -Create the labels for all resources -*/}} -{{- define "temporal.resourceLabels" -}} -{{- $global := index . 0 -}} -{{- $scope := index . 1 -}} -{{- $resourceType := index . 2 -}} -{{- $component := "server" -}} -{{- if (or (eq $scope "admintools") (eq $scope "web")) -}} -{{- $component = $scope -}} -{{- end -}} -{{- with $scope -}} -app.kubernetes.io/component: {{ . }} -{{ end -}} -app.kubernetes.io/name: {{ include "temporal.name" $global }} -helm.sh/chart: {{ include "temporal.chart" $global }} -app.kubernetes.io/managed-by: {{ index $global "Release" "Service" }} -app.kubernetes.io/instance: {{ index $global "Release" "Name" }} -app.kubernetes.io/version: {{ include "temporal.appVersion" $global }} -app.kubernetes.io/part-of: {{ $global.Chart.Name }} -{{- with $resourceType -}} -{{- $resourceTypeKey := printf "%sLabels" . -}} -{{- $componentLabels := (index $global.Values $component $resourceTypeKey) -}} -{{- $scopeLabels := dict -}} -{{- if hasKey (index $global.Values $component) $scope -}} -{{- $scopeLabels = (index $global.Values $component $scope $resourceTypeKey) -}} -{{- end -}} -{{- $resourceLabels := merge $scopeLabels $componentLabels -}} -{{- range $label_name, $label_value := $resourceLabels }} -{{ $label_name}}: {{ $label_value | quote }} -{{- end -}} -{{- end -}} -{{- range $label_name, $label_value := $global.Values.additionalLabels }} -{{ $label_name }}: {{ $label_value | quote }} -{{- end -}} -{{- end -}} - -{{/* -Call nested templates. -Source: https://stackoverflow.com/a/52024583/3027614 -*/}} -{{- define "call-nested" }} -{{- $dot := index . 0 }} -{{- $subchart := index . 1 }} -{{- $template := index . 2 }} -{{- include $template (dict "Chart" (dict "Name" $subchart) "Values" (index $dot.Values $subchart) "Release" $dot.Release "Capabilities" $dot.Capabilities) }} -{{- end }} - -{{- define "temporal.persistence.schema" -}} -{{- if eq . "default" -}} -{{- print "temporal" -}} -{{- else -}} -{{- print . -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.driver" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if and (eq $store "default") $global.Values.cassandra.enabled -}} -{{- print "cassandra" -}} -{{- else if and (eq $store "visibility") (or $global.Values.elasticsearch.enabled $global.Values.elasticsearch.external) -}} -{{- print "elasticsearch" -}} -{{- else if $storeConfig.driver -}} -{{- $storeConfig.driver -}} -{{- else if $global.Values.mysql.enabled -}} -{{- print "sql" -}} -{{- else if $global.Values.postgresql.enabled -}} -{{- print "sql" -}} -{{- else -}} -{{- required (printf "Please specify persistence driver for %s store" $store) $storeConfig.driver -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.cassandra.hosts" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.cassandra.hosts -}} -{{- $storeConfig.cassandra.hosts | join "," -}} -{{- else if and $global.Values.cassandra.enabled (eq (include "temporal.persistence.driver" (list $global $store)) "cassandra") -}} -{{- include "cassandra.hosts" $global -}} -{{- else -}} -{{- required (printf "Please specify cassandra hosts for %s store" $store) $storeConfig.cassandra.hosts -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.cassandra.port" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.cassandra.port -}} -{{- $storeConfig.cassandra.port -}} -{{- else if and $global.Values.cassandra.enabled (eq (include "temporal.persistence.driver" (list $global $store)) "cassandra") -}} -{{- $global.Values.cassandra.config.ports.cql -}} -{{- else -}} -{{- required (printf "Please specify cassandra port for %s store" $store) $storeConfig.cassandra.port -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.cassandra.secretName" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driverConfig := $storeConfig.cassandra -}} -{{- if $driverConfig.existingSecret -}} -{{- $driverConfig.existingSecret -}} -{{- else if $driverConfig.password -}} -{{- include "temporal.componentname" (list $global (printf "%s-store" $store)) -}} -{{- else -}} -{{/* Cassandra password is optional, but we will create an empty secret for it */}} -{{- include "temporal.componentname" (list $global (printf "%s-store" $store)) -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.cassandra.secretKey" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driverConfig := $storeConfig.cassandra -}} -{{- with $driverConfig.secretKey -}} -{{- print . -}} -{{- else -}} -{{/* Cassandra password is optional, but we will create an empty secret for it */}} -{{- print "password" -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.database" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.database -}} -{{- $storeConfig.sql.database -}} -{{- else -}} -{{- required (printf "Please specify database for %s store" $store) -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.driver" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.driver -}} -{{- $storeConfig.sql.driver -}} -{{- else if $global.Values.mysql.enabled -}} -{{- print "mysql" -}} -{{- else if $global.Values.postgresql.enabled -}} -{{- print "postgres" -}} -{{- else -}} -{{- required (printf "Please specify sql driver for %s store" $store) $storeConfig.sql.host -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.host" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.host -}} -{{- $storeConfig.sql.host -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- include "mysql.host" $global -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- include "postgresql.host" $global -}} -{{- else -}} -{{- required (printf "Please specify sql host for %s store" $store) $storeConfig.sql.host -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.port" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.port -}} -{{- $storeConfig.sql.port -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- $global.Values.mysql.service.port -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- $global.Values.postgresql.service.port -}} -{{- else -}} -{{- required (printf "Please specify sql port for %s store" $store) $storeConfig.sql.port -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.user" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.user -}} -{{- $storeConfig.sql.user -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- $global.Values.mysql.mysqlUser -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- $global.Values.postgresql.postgresqlUser -}} -{{- else -}} -{{- required (printf "Please specify sql user for %s store" $store) $storeConfig.sql.user -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.password" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- if $storeConfig.sql.password -}} -{{- $storeConfig.sql.password -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- if or $global.Values.schema.setup.enabled $global.Values.schema.update.enabled -}} -{{- required "Please specify password for MySQL chart" $global.Values.mysql.mysqlPassword -}} -{{- else -}} -{{- $global.Values.mysql.mysqlPassword -}} -{{- end -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- if or $global.Values.schema.setup.enabled $global.Values.schema.update.enabled -}} -{{- required "Please specify password for PostgreSQL chart" $global.Values.postgresql.postgresqlPassword -}} -{{- else -}} -{{- $global.Values.postgresql.postgresqlPassword -}} -{{- end -}} -{{- else -}} -{{- required (printf "Please specify sql password for %s store" $store) $storeConfig.sql.password -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.secretName" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driverConfig := $storeConfig.sql -}} -{{- if $driverConfig.existingSecret -}} -{{- $driverConfig.existingSecret -}} -{{- else if $driverConfig.secretName -}} -{{- print $driverConfig.secretName -}} -{{- else if $storeConfig.sql.password -}} -{{- include "temporal.componentname" (list $global (printf "%s-store" $store)) -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- include "call-nested" (list $global "mysql" "mysql.secretName") -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- include "call-nested" (list $global "postgresql" "postgresql.secretName") -}} -{{- else -}} -{{- required (printf "Please specify sql password or existing secret for %s store" $store) $storeConfig.sql.existingSecret -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.secretKey" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driverConfig := $storeConfig.sql -}} -{{- if $driverConfig.secretKey -}} -{{- print $driverConfig.secretKey -}} -{{- else if or $driverConfig.existingSecret $driverConfig.password -}} -{{- print "password" -}} -{{- else if and $global.Values.mysql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "mysql8")) -}} -{{- print "mysql-password" -}} -{{- else if and $global.Values.postgresql.enabled (and (eq (include "temporal.persistence.driver" (list $global $store)) "sql") (eq (include "temporal.persistence.sql.driver" (list $global $store)) "postgres12")) -}} -{{- print "postgresql-password" -}} -{{- else -}} -{{- fail (printf "Please specify sql password or existing secret for %s store" $store) -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.sql.connectAttributes" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $storeConfig := index $global.Values.server.config.persistence $store -}} -{{- $driverConfig := $storeConfig.sql -}} -{{- $result := list -}} -{{- range $key, $value := $driverConfig.connectAttributes -}} - {{- $result = append $result (printf "%s=%v" $key $value) -}} -{{- end -}} -{{- join "&" $result -}} -{{- end -}} - -{{- define "temporal.persistence.elasticsearch.secretName" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $driverConfig := $global.Values.elasticsearch -}} -{{- if $driverConfig.existingSecret -}} -{{- print $driverConfig.existingSecret -}} -{{- else if $driverConfig.secretName -}} -{{- print $driverConfig.secretName -}} -{{- else -}} -{{- include "temporal.componentname" (list $global (printf "%s-store" $store)) -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.elasticsearch.secretKey" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- $driverConfig := $global.Values.elasticsearch -}} -{{- if $driverConfig.secretKey -}} -{{- print $driverConfig.secretKey -}} -{{- else -}} -{{- "password" -}} -{{- end -}} -{{- end -}} - -{{- define "temporal.persistence.secretName" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- include (printf "temporal.persistence.%s.secretName" (include "temporal.persistence.driver" (list $global $store))) (list $global $store) -}} -{{- end -}} - -{{- define "temporal.persistence.secretKey" -}} -{{- $global := index . 0 -}} -{{- $store := index . 1 -}} -{{- include (printf "temporal.persistence.%s.secretKey" (include "temporal.persistence.driver" (list $global $store))) (list $global $store) -}} -{{- end -}} - -{{/* -All Cassandra hosts. -*/}} -{{- define "cassandra.hosts" -}} -{{- range $i := (until (int .Values.cassandra.config.cluster_size)) }} -{{- $cassandraName := include "call-nested" (list $ "cassandra" "cassandra.fullname") -}} -{{- printf "%s.%s," $cassandraName $.Release.Namespace -}} -{{- end }} -{{- end -}} - -{{/* -The first Cassandra host in the stateful set. -*/}} -{{- define "cassandra.host" -}} -{{- $cassandraName := include "call-nested" (list . "cassandra" "cassandra.fullname") -}} -{{- printf "%s.%s" $cassandraName .Release.Namespace -}} -{{- end -}} - -{{/* -Based on Bitnami charts method -Renders a value that contains template. -Usage: -{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }} -*/}} -{{- define "common.tplvalues.render" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} - -{{/* -To modify camelCase to hyphenated internal-frontend service name -*/}} -{{- define "serviceName" -}} - {{- $service := index . 0 -}} - {{- if eq $service "internalFrontend" }} - {{- print "internal-frontend" }} - {{- else }} - {{- print $service }} - {{- end }} -{{- end -}} \ No newline at end of file diff --git a/composio/charts/temporal/templates/admintools-deployment.yaml b/composio/charts/temporal/templates/admintools-deployment.yaml deleted file mode 100644 index 23b21e6..0000000 --- a/composio/charts/temporal/templates/admintools-deployment.yaml +++ /dev/null @@ -1,110 +0,0 @@ -{{- if $.Values.admintools.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "temporal.componentname" (list $ "admintools") }} - annotations: - {{- include "temporal.resourceAnnotations" (list $ "admintools" "deployment") | nindent 4 }} - labels: - {{- include "temporal.resourceLabels" (list $ "admintools" "deployment") | nindent 4 }} -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: admintools - template: - metadata: - annotations: - {{- include "temporal.resourceAnnotations" (list $ "admintools" "pod") | nindent 8 }} - labels: - {{- include "temporal.resourceLabels" (list $ "admintools" "pod") | nindent 8 }} - spec: - {{ include "temporal.serviceAccount" $ }} - {{- with $.Values.admintools.additionalInitContainers }} - initContainers: - {{- toYaml .| nindent 8 }} - {{- end }} - containers: - - name: admin-tools - image: "{{ .Values.admintools.image.repository }}:{{ .Values.admintools.image.tag }}" - imagePullPolicy: {{ .Values.admintools.image.pullPolicy }} - {{- if .Values.admintools.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: {{ .Values.admintools.readinessProbe.httpGet.path }} - port: {{ .Values.admintools.readinessProbe.httpGet.port }} - scheme: {{ .Values.admintools.readinessProbe.httpGet.scheme }} - failureThreshold: {{ .Values.admintools.readinessProbe.failureThreshold }} - initialDelaySeconds: {{ .Values.admintools.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.admintools.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.admintools.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.admintools.readinessProbe.timeoutSeconds }} - {{- end }} - env: - # TEMPORAL_CLI_ADDRESS is deprecated, use TEMPORAL_ADDRESS instead - - name: TEMPORAL_CLI_ADDRESS - {{- if and (hasKey .Values.server "internalFrontend") .Values.server.internalFrontend.enabled }} - value: {{ include "temporal.fullname" $ }}-internal-frontend:{{ .Values.server.internalFrontend.service.port }} - {{- else }} - value: {{ include "temporal.fullname" $ }}-frontend:{{ .Values.server.frontend.service.port }} - {{- end }} - - name: TEMPORAL_ADDRESS - {{- if and (hasKey .Values.server "internalFrontend") .Values.server.internalFrontend.enabled }} - value: {{ include "temporal.fullname" $ }}-internal-frontend:{{ .Values.server.internalFrontend.service.port }} - {{- else }} - value: {{ include "temporal.fullname" $ }}-frontend:{{ .Values.server.frontend.service.port }} - {{- end }} - {{- with .Values.admintools.additionalEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.admintools.additionalEnvSecretName }} - envFrom: - - secretRef: - name: {{ . }} - {{- end }} - livenessProbe: - exec: - command: - - ls - - / - initialDelaySeconds: 5 - periodSeconds: 5 - {{- with $.Values.admintools.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12}} - {{- end }} - {{- with .Values.admintools.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.admintools.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.admintools.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.admintools.additionalVolumes }} - volumes: - {{- toYaml . | nindent 8}} - {{- end }} - {{- with .Values.admintools.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.admintools.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.admintools.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/frontend-ingress.yaml b/composio/charts/temporal/templates/frontend-ingress.yaml deleted file mode 100644 index 067f78b..0000000 --- a/composio/charts/temporal/templates/frontend-ingress.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if .Values.server.frontend.ingress.enabled -}} - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} -apiVersion: networking.k8s.io/v1 - {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 - {{- else if .Capabilities.APIVersions.Has "extensions/v1beta1" }} -apiVersion: extensions/v1beta1 - {{- end }} -kind: Ingress -metadata: - name: {{ include "temporal.componentname" (list $ "frontend") }} - labels: - {{- include "temporal.resourceLabels" (list $ "frontend" "") | nindent 4 }} -{{- with .Values.server.frontend.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - {{- with .Values.server.frontend.ingress.className }} - ingressClassName: {{ . | quote }} - {{- end }} - {{- if .Values.server.frontend.ingress.tls }} - tls: - {{- range .Values.server.frontend.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.server.frontend.ingress.hosts }} - {{- $url := splitList "/" . }} - - host: {{ first $url }} - http: - paths: - - path: /{{ rest $url | join "/" }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} - pathType: Prefix - backend: - service: - name: {{ include "temporal.fullname" $ }}-frontend - port: - number: {{ $.Values.server.frontend.service.port }} - {{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} - backend: - serviceName: {{ include "temporal.fullname" $ }}-frontend - servicePort: {{ $.Values.server.frontend.service.port }} - {{- end }} - {{- end}} -{{- end }} diff --git a/composio/charts/temporal/templates/server-configmap.yaml b/composio/charts/temporal/templates/server-configmap.yaml deleted file mode 100644 index 155569c..0000000 --- a/composio/charts/temporal/templates/server-configmap.yaml +++ /dev/null @@ -1,202 +0,0 @@ -{{- if .Values.server.enabled -}} -{{- $server := .Values.server -}} -{{- $elasticsearch := .Values.elasticsearch -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "temporal.fullname" $ }}-config" - labels: - {{- include "temporal.resourceLabels" (list $ "" "") | nindent 4 }} -data: - config_template.yaml: |- - log: - stdout: true - level: {{ $server.config.logLevel | quote }} - - persistence: - defaultStore: {{ $server.config.persistence.defaultStore }} - visibilityStore: visibility - numHistoryShards: {{ $server.config.numHistoryShards }} - datastores: - {{- if ne (include "temporal.persistence.driver" (list $ "default")) "custom" }} - default: - {{- if eq (include "temporal.persistence.driver" (list $ "default")) "cassandra" }} - cassandra: - hosts: "{{ include "temporal.persistence.cassandra.hosts" (list $ "default") }}" - port: {{ include "temporal.persistence.cassandra.port" (list $ "default") }} - password: {{ `{{ .Env.TEMPORAL_STORE_PASSWORD | quote }}` }} - {{- with (omit $server.config.persistence.default.cassandra "hosts" "port" "password" "existingSecret") }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- else if eq (include "temporal.persistence.driver" (list $ "default")) "sql" }} - sql: - pluginName: "{{ include "temporal.persistence.sql.driver" (list $ "default") }}" - driverName: "{{ include "temporal.persistence.sql.driver" (list $ "default") }}" - databaseName: "{{ $server.config.persistence.default.sql.database }}" - connectAddr: "{{ include "temporal.persistence.sql.host" (list $ "default") }}:{{ include "temporal.persistence.sql.port" (list $ "default") }}" - connectProtocol: "tcp" - user: {{ include "temporal.persistence.sql.user" (list $ "default") }} - password: {{ `{{ .Env.TEMPORAL_STORE_PASSWORD | quote }}` }} - {{- with (omit $server.config.persistence.default.sql "driver" "driverName" "host" "port" "connectAddr" "connectProtocol" "database" "databaseName" "user" "password" "existingSecret") }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with $server.config.persistence.default.faultInjection}} - faultInjection: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with $server.config.persistence.additionalStores }} - {{- toYaml . | nindent 8 }} - {{- end }} - visibility: - {{- if or $elasticsearch.enabled $elasticsearch.external }} - elasticsearch: - version: "{{ $elasticsearch.version }}" - url: - scheme: "{{ $elasticsearch.scheme }}" - host: "{{ $elasticsearch.host }}:{{ $elasticsearch.port }}" - username: "{{ $elasticsearch.username }}" - password: {{ `{{ .Env.TEMPORAL_VISIBILITY_STORE_PASSWORD | quote }}` }} - logLevel: "{{ $elasticsearch.logLevel }}" - indices: - visibility: "{{ $elasticsearch.visibilityIndex }}" - {{- with $elasticsearch.tls }} - tls: - {{- toYaml . | nindent 16 }} - {{- end }} - {{- else if eq (include "temporal.persistence.driver" (list $ "visibility")) "sql" }} - sql: - pluginName: "{{ include "temporal.persistence.sql.driver" (list $ "visibility") }}" - driverName: "{{ include "temporal.persistence.sql.driver" (list $ "visibility") }}" - databaseName: "{{ $server.config.persistence.visibility.sql.database }}" - connectAddr: "{{ include "temporal.persistence.sql.host" (list $ "visibility") }}:{{ include "temporal.persistence.sql.port" (list $ "visibility") }}" - connectProtocol: "tcp" - user: "{{ include "temporal.persistence.sql.user" (list $ "visibility") }}" - password: {{ `{{ .Env.TEMPORAL_VISIBILITY_STORE_PASSWORD | quote }}` }} - {{- with (omit $server.config.persistence.visibility.sql "driver" "driverName" "host" "port" "connectAddr" "connectProtocol" "database" "databaseName" "user" "password" "existingSecret") }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - - global: - membership: - name: temporal - maxJoinDuration: 30s - broadcastAddress: {{ `{{ default .Env.POD_IP "0.0.0.0" }}` }} - - pprof: - port: 7936 - - metrics: - tags: - type: {{ `{{ .Env.SERVICES }}` }} - {{- with $server.metrics.tags }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with $server.metrics.excludeTags }} - excludeTags: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with $server.metrics.prefix }} - prefix: "{{- . }}" - {{- end }} - {{- with $server.config.prometheus }} - prometheus: - {{- toYaml . | nindent 10 }} - {{- else }} - prometheus: - timerType: histogram - listenAddress: "0.0.0.0:9090" - {{- end }} - - {{- with $server.config.tls }} - tls: - {{- toYaml . | nindent 10 }} - {{- end }} - - {{- with $server.config.authorization }} - authorization: - {{- toYaml . | nindent 10 }} - {{- end }} - - services: - frontend: - rpc: - grpcPort: {{ $server.frontend.service.port }} - httpPort: {{ $server.frontend.service.httpPort }} - membershipPort: {{ $server.frontend.service.membershipPort }} - bindOnIP: "0.0.0.0" - - {{- if and (hasKey .Values.server "internalFrontend") .Values.server.internalFrontend.enabled }} - internal-frontend: - rpc: - grpcPort: {{ $server.internalFrontend.service.port }} - httpPort: {{ $server.internalFrontend.service.httpPort }} - membershipPort: {{ $server.internalFrontend.service.membershipPort }} - bindOnIP: "0.0.0.0" - {{- end }} - - history: - rpc: - grpcPort: {{ $server.history.service.port }} - membershipPort: {{ $server.history.service.membershipPort }} - bindOnIP: "0.0.0.0" - - matching: - rpc: - grpcPort: {{ $server.matching.service.port }} - membershipPort: {{ $server.matching.service.membershipPort }} - bindOnIP: "0.0.0.0" - - worker: - rpc: - membershipPort: {{ $server.worker.service.membershipPort }} - bindOnIP: "0.0.0.0" - - clusterMetadata: - {{- with $server.config.clusterMetadata }} - {{- toYaml . | nindent 8 }} - {{- else }} - enableGlobalDomain: false - failoverVersionIncrement: 10 - masterClusterName: "active" - currentClusterName: "active" - clusterInformation: - active: - enabled: true - initialFailoverVersion: 1 - rpcName: "temporal-frontend" - rpcAddress: "127.0.0.1:{{ $server.frontend.service.port }}" - httpAddress: "127.0.0.1:{{ $server.frontend.service.httpPort }}" - {{- end }} - - dcRedirectionPolicy: - {{- with $server.config.dcRedirectionPolicy }} - {{- toYaml . | nindent 8 }} - {{- else }} - policy: "noop" - toDC: "" - {{- end }} - - archival: - {{- with $server.archival }} - {{- toYaml . | nindent 6 }} - {{- else }} - status: "disabled" - {{- end }} - - {{- with $server.namespaceDefaults }} - namespaceDefaults: - {{- toYaml . | nindent 6 }} - {{- end }} - - {{- if not (and (hasKey .Values.server "internalFrontend") .Values.server.internalFrontend.enabled) }} - publicClient: - hostPort: "{{ include "temporal.componentname" (list $ "frontend") }}:{{ $server.frontend.service.port }}" - {{- end }} - - dynamicConfigClient: - filepath: "/etc/temporal/dynamic_config/dynamic_config.yaml" - pollInterval: "10s" -{{- end }} diff --git a/composio/charts/temporal/templates/server-deployment.yaml b/composio/charts/temporal/templates/server-deployment.yaml deleted file mode 100644 index 7a3a336..0000000 --- a/composio/charts/temporal/templates/server-deployment.yaml +++ /dev/null @@ -1,206 +0,0 @@ -{{- if $.Values.server.enabled }} -{{- range $rawService := (list "frontend" "internalFrontend" "history" "matching" "worker") }} -{{- $service := include "serviceName" (list $rawService) }} -{{- $serviceValues := index $.Values.server $rawService }} -{{- if or (not (hasKey $serviceValues "enabled")) $serviceValues.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "temporal.componentname" (list $ $service) }} - annotations: - {{- include "temporal.resourceAnnotations" (list $ $service "deployment") | nindent 4 }} - labels: - {{- include "temporal.resourceLabels" (list $ $service "deployment") | nindent 4 }} -spec: - replicas: {{ default $.Values.server.replicaCount $serviceValues.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: {{ $service }} - template: - metadata: - annotations: - checksum/config: {{ include (print $.Template.BasePath "/server-configmap.yaml") $ | sha256sum }} - {{- if (dig "metrics" "annotations" "enabled" $.Values.server.metrics.annotations.enabled $serviceValues) }} - prometheus.io/job: {{ $.Chart.Name }}-{{ $service }} - prometheus.io/scrape: 'true' - prometheus.io/port: '9090' - {{- end }} - {{- include "temporal.resourceAnnotations" (list $ $service "pod") | nindent 8 }} - labels: - {{- include "temporal.resourceLabels" (list $ $service "pod") | nindent 8 }} - spec: - {{ include "temporal.serviceAccount" $ }} - {{- if semverCompare ">=1.13.0" $.Chart.AppVersion}} - {{- with $.Values.server.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if or (or $.Values.server.additionalInitContainers $.Values.cassandra.enabled) (or $.Values.elasticsearch.enabled $.Values.elasticsearch.external)}} - initContainers: - {{- with $.Values.server.additionalInitContainers }} - {{- toYaml . | nindent 8}} - {{- end }} - {{- if $.Values.cassandra.enabled }} - - name: check-cassandra - image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" - imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} - command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SHOW VERSION"; do echo waiting for cassandra to start; sleep 1; done;'] - {{- with $serviceValues.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: check-cassandra-temporal-schema - image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" - imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} - command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SELECT keyspace_name FROM system_schema.keyspaces" | grep {{ $.Values.server.config.persistence.default.cassandra.keyspace }}$; do echo waiting for default keyspace to become ready; sleep 1; done;'] - {{- with $serviceValues.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- if or $.Values.elasticsearch.enabled $.Values.elasticsearch.external }} - - name: check-elasticsearch-index - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - command: ['sh', '-c', 'until curl --silent --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT/$ES_VISIBILITY_INDEX 2>&1 > /dev/null; do echo waiting for elasticsearch index to become ready; sleep 1; done;'] - env: - {{- include "temporal.admintools-env" (list $ "visibility") | nindent 12 }} - {{- with $serviceValues.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- end }} - containers: - - name: {{ $.Chart.Name }}-{{ $service }} - image: "{{ $.Values.server.image.repository }}:{{ $.Values.server.image.tag }}" - imagePullPolicy: {{ $.Values.server.image.pullPolicy }} - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: SERVICES - value: {{ $service }} - {{- if ne (include "temporal.persistence.driver" (list $ "default")) "custom" }} - - name: TEMPORAL_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "temporal.persistence.secretName" (list $ "default") }} - key: {{ include "temporal.persistence.secretKey" (list $ "default") }} - {{- end }} - {{- if ne (include "temporal.persistence.driver" (list $ "visibility")) "custom" }} - - name: TEMPORAL_VISIBILITY_STORE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "temporal.persistence.secretName" (list $ "visibility") }} - key: {{ include "temporal.persistence.secretKey" (list $ "visibility") }} - {{- end }} - {{- if and (hasKey $.Values.server "internalFrontend") $.Values.server.internalFrontend.enabled }} - - name: USE_INTERNAL_FRONTEND - value: "1" - {{- end }} - {{- if $.Values.server.versionCheckDisabled }} - - name: TEMPORAL_VERSION_CHECK_DISABLED - value: "1" - {{- end }} - {{- if or $.Values.server.additionalEnv $serviceValues.additionalEnv }} - {{- toYaml (default $.Values.server.additionalEnv $serviceValues.additionalEnv) | nindent 12 }} - {{- end }} - {{- if $.Values.server.additionalEnvSecretName }} - envFrom: - - secretRef: - name: {{ $.Values.server.additionalEnvSecretName }} - {{- end }} - # For Istio service mesh - make sure ports are defined here and in the headless service, see: - # https://istio.io/latest/docs/ops/configuration/traffic-management/traffic-routing/#headless-services - ports: - {{- if ne $service "worker" }} - - name: rpc - containerPort: {{ $serviceValues.service.port }} - protocol: TCP - {{- end }} - - name: membership - containerPort: {{ $serviceValues.service.membershipPort }} - protocol: TCP - {{- if or (eq $service "frontend") (eq $service "internal-frontend") }} - - name: http - containerPort: {{ $serviceValues.service.httpPort }} - protocol: TCP - {{- end }} - - name: metrics - containerPort: 9090 - protocol: TCP - {{- if ne $service "worker" }} - livenessProbe: - initialDelaySeconds: 150 - tcpSocket: - port: rpc - {{- end }} - {{- if $.Values.server.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: {{ .Values.server.readinessProbe.httpGet.path }} - port: {{ .Values.server.readinessProbe.httpGet.port }} - scheme: {{ .Values.server.readinessProbe.httpGet.scheme }} - failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} - initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.server.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} - {{- end }} - volumeMounts: - - name: config - mountPath: /etc/temporal/config/config_template.yaml - subPath: config_template.yaml - - name: dynamic-config - mountPath: /etc/temporal/dynamic_config - {{- if $.Values.server.additionalVolumeMounts }} - {{- toYaml $.Values.server.additionalVolumeMounts | nindent 12}} - {{- end }} - resources: - {{- toYaml (default $.Values.server.resources $serviceValues.resources) | nindent 12 }} - {{- with $serviceValues.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: config - configMap: - name: "{{ include "temporal.fullname" $ }}-config" - - name: dynamic-config - configMap: - name: "{{ include "temporal.fullname" $ }}-dynamic-config" - items: - - key: dynamic_config.yaml - path: dynamic_config.yaml - {{- if $.Values.server.additionalVolumes }} - {{- toYaml $.Values.server.additionalVolumes | nindent 8}} - {{- end }} - {{- with (default $.Values.server.nodeSelector $serviceValues.nodeSelector) }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with (default $.Values.server.affinity $serviceValues.affinity) }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with (default $.Values.server.tolerations $serviceValues.tolerations) }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $serviceValues.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} ---- -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/server-dynamicconfigmap.yaml b/composio/charts/temporal/templates/server-dynamicconfigmap.yaml deleted file mode 100644 index df8b591..0000000 --- a/composio/charts/temporal/templates/server-dynamicconfigmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if $.Values.server.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "temporal.fullname" $ }}-dynamic-config" - labels: - {{- include "temporal.resourceLabels" (list $ "" "") | nindent 4 }} -data: - dynamic_config.yaml: |- - {{- if $.Values.server.dynamicConfig }} - {{- toYaml .Values.server.dynamicConfig | nindent 4 }} - {{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/server-job.yaml b/composio/charts/temporal/templates/server-job.yaml deleted file mode 100644 index 4b79ef1..0000000 --- a/composio/charts/temporal/templates/server-job.yaml +++ /dev/null @@ -1,220 +0,0 @@ -{{- if or $.Values.schema.createDatabase.enabled $.Values.schema.setup.enabled $.Values.schema.update.enabled }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "temporal.componentname" (list $ (printf "schema-%d" .Release.Revision | replace "." "-")) }} - labels: - {{- include "temporal.resourceLabels" (list $ "database" "") | nindent 4 }} -spec: - backoffLimit: {{ $.Values.schema.setup.backoffLimit }} - ttlSecondsAfterFinished: 86400 - template: - metadata: - name: {{ include "temporal.componentname" (list $ (printf "schema-%d" .Release.Revision | replace "." "-")) }} - labels: - {{- include "temporal.resourceLabels" (list $ "database" "") | nindent 8 }} - {{- with $.Values.schema.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.schema.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{ include "temporal.serviceAccount" $ }} - restartPolicy: OnFailure - initContainers: - {{- with $.Values.admintools.additionalInitContainers }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if $.Values.cassandra.enabled }} - - name: check-cassandra - image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" - imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} - command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SHOW VERSION"; do echo waiting for cassandra to start; sleep 1; done;'] - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- if or $.Values.elasticsearch.enabled }} - - name: check-elasticsearch - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - command: ['sh', '-c', 'until curl --silent --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT 2>&1 > /dev/null; do echo waiting for elasticsearch to start; sleep 1; done;'] - env: - {{- include "temporal.admintools-env" (list $ "visibility") | nindent 12 }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- if $.Values.schema.createDatabase.enabled }} - {{- range $store := (list "default" "visibility") }} - {{- $storeConfig := index $.Values.server.config.persistence $store }} - {{- $driver := include "temporal.persistence.driver" (list $ $store) }} - {{- if and (ne $driver "elasticsearch") (ne $driver "custom") }} - - name: create-{{ $store }}-store - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - {{- if eq $driver "cassandra" }} - command: ['temporal-cassandra-tool', 'create', '-k', '{{ $storeConfig.cassandra.keyspace }}', '--replication-factor', '{{ $storeConfig.cassandra.replicationFactor }}'{{- if $storeConfig.cassandra.datacenter }}, '--datacenter', '{{ $storeConfig.cassandra.datacenter }}'{{- end }}] - {{- else if eq $driver "sql" }} - command: ['temporal-sql-tool', 'create-database'] - {{- end }} - env: - {{- include "temporal.admintools-env" (list $ $store) | nindent 12 }} - {{- with $.Values.admintools.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if $.Values.schema.setup.enabled }} - {{- range $store := (list "default" "visibility") }} - {{- $storeConfig := index $.Values.server.config.persistence $store }} - {{- $driver := include "temporal.persistence.driver" (list $ $store) }} - {{- if ne $driver "custom" }} - - name: setup-{{ $store }}-store - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - {{- if eq $driver "cassandra" }} - command: ['temporal-cassandra-tool', 'setup-schema', '-v', '0.0'] - {{- else if eq $driver "sql" }} - command: ['temporal-sql-tool', 'setup-schema', '-v', '0.0'] - {{- else if eq $driver "elasticsearch" }} - command: ['sh', '-c'] - args: - - 'curl -X PUT --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT/_template/temporal_visibility_v1_template -H "Content-Type: application/json" --data-binary "@schema/elasticsearch/visibility/index_template_$ES_VERSION.json" 2>&1 && - curl --head --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT/$ES_VISIBILITY_INDEX 2>&1 || - curl -X PUT --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT/$ES_VISIBILITY_INDEX 2>&1' - {{- end }} - env: - {{- include "temporal.admintools-env" (list $ $store) | nindent 12 }} - {{- with $.Values.admintools.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if $.Values.schema.update.enabled }} - {{- range $store := (list "default" "visibility") }} - {{- $storeConfig := index $.Values.server.config.persistence $store }} - {{- $driver := include "temporal.persistence.driver" (list $ $store) }} - {{- $schema := include "temporal.persistence.schema" $store }} - {{- if and (ne $driver "elasticsearch") (ne $driver "custom") }} - - name: update-{{ $store }}-store - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - {{- if eq $driver "cassandra" }} - command: ['temporal-cassandra-tool', 'update-schema', '--schema-dir', '/etc/temporal/schema/cassandra/{{ $schema }}/versioned'] - {{- else if eq $driver "sql" }} - {{- $plugin := include "temporal.persistence.sql.driver" (list $ $store) }} - {{- if eq $plugin "mysql8" }} - command: ['temporal-sql-tool', 'update-schema', '--schema-dir', '/etc/temporal/schema/mysql/v8/{{ $schema }}/versioned'] - {{- else if or (eq $plugin "postgres12") (eq $plugin "postgres12_pgx") }} - command: ['temporal-sql-tool', 'update-schema', '--schema-dir', '/etc/temporal/schema/postgresql/v12/{{ $schema }}/versioned'] - {{- end }} - {{- end }} - env: - {{- include "temporal.admintools-env" (list $ $store) | nindent 12 }} - {{- with $.Values.admintools.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if $.Values.server.config.namespaces.create }} - {{- range $namespace := $.Values.server.config.namespaces.namespace }} - - name: create-{{ $namespace.name }}-namespace - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - command: ['/bin/sh','-c'] - args: ['temporal operator namespace describe -n {{ $namespace.name }} || temporal operator namespace create -n {{ $namespace.name }}{{- if hasKey $namespace "retention" }} --retention {{ $namespace.retention }}{{- end }}'] - env: - - name: TEMPORAL_ADDRESS - {{- if and (hasKey $.Values.server "internalFrontend") $.Values.server.internalFrontend.enabled }} - value: {{ include "temporal.fullname" $ }}-internal-frontend.{{ $.Release.Namespace }}.svc:{{ $.Values.server.internalFrontend.service.port }} - {{- else if $.Values.server.frontend.ingress.enabled }} - value: "{{ index $.Values.server.frontend.ingress.hosts 0 }}" - {{- else }} - value: "{{ include "temporal.fullname" $ }}-frontend.{{ $.Release.Namespace }}.svc:{{ $.Values.server.frontend.service.port }}" - {{- end }} - {{- with $.Values.admintools.additionalEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.admintools.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- end }} - containers: - - name: done - image: "{{ $.Values.admintools.image.repository }}:{{ $.Values.admintools.image.tag }}" - imagePullPolicy: {{ $.Values.admintools.image.pullPolicy }} - command: ['sh', '-c', 'echo "Store setup completed"'] - {{- with $.Values.schema.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $.Values.schema.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.admintools.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.admintools.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.admintools.additionalVolumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end -}} diff --git a/composio/charts/temporal/templates/server-pdb.yaml b/composio/charts/temporal/templates/server-pdb.yaml deleted file mode 100644 index afa3b45..0000000 --- a/composio/charts/temporal/templates/server-pdb.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if $.Values.server.enabled }} -{{- range $rawService := (list "frontend" "internalFrontend" "history" "matching" "worker") }} -{{- $service := include "serviceName" (list $rawService) }} -{{- $serviceValues := index $.Values.server $rawService }} -{{- if or (not (hasKey $serviceValues "enabled")) $serviceValues.enabled }} -{{- if and (gt ($serviceValues.replicaCount | int) 1) ($serviceValues.podDisruptionBudget) }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "temporal.componentname" (list $ $service) }}-pdb - labels: - {{- include "temporal.resourceLabels" (list $ $service "") | nindent 4 }} -spec: - {{ toYaml $serviceValues.podDisruptionBudget }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: {{ $service }} -{{- end }} ---- -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/server-secret.yaml b/composio/charts/temporal/templates/server-secret.yaml deleted file mode 100644 index 42e791f..0000000 --- a/composio/charts/temporal/templates/server-secret.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if or $.Values.server.enabled $.Values.schema.createDatabase.enabled $.Values.schema.setup.enabled $.Values.schema.update.enabled }} - {{- range $store := (list "default" "visibility") }} - {{- $storeConfig := index $.Values.server.config.persistence $store }} - {{- $driver := include "temporal.persistence.driver" (list $ $store) -}} - {{- $driverConfig := index $storeConfig $driver }} - {{- if eq $driver "elasticsearch" -}} - {{- $driverConfig = $.Values.elasticsearch -}} - {{- end -}} - {{- $secretName := include "temporal.componentname" (list $ (printf "%s-store" $store)) }} - {{- if and (ne $driver "custom") (not $driverConfig.existingSecret) (eq (include "temporal.persistence.secretName" (list $ $store)) $secretName) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - labels: - {{- include "temporal.resourceLabels" (list $ "" "secret") | nindent 4 }} - {{- with $.Values.server.secretAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if eq $driver "cassandra" }} - password: {{ $driverConfig.password | b64enc | quote }} - {{- else if eq $driver "sql" }} - password: {{ include "temporal.persistence.sql.password" (list $ $store) | b64enc | quote }} - {{- else if eq $driver "elasticsearch" }} - password: {{ $driverConfig.password | b64enc | quote }} - {{- end }} ---- -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/server-service-monitor.yaml b/composio/charts/temporal/templates/server-service-monitor.yaml deleted file mode 100644 index 398377d..0000000 --- a/composio/charts/temporal/templates/server-service-monitor.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if $.Values.server.enabled }} -{{- range $rawService := (list "frontend" "internalFrontend" "matching" "history" "worker") }} -{{- $service := include "serviceName" (list $rawService) }} -{{- $serviceValues := index $.Values.server $rawService }} -{{- if or (not (hasKey $serviceValues "enabled")) $serviceValues.enabled }} -{{- if (default $.Values.server.metrics.serviceMonitor.enabled $serviceValues.metrics.serviceMonitor.enabled) }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "temporal.componentname" (list $ $service) }} - labels: - {{- include "temporal.resourceLabels" (list $ $service "") | nindent 4 }} - {{- with (default $.Values.server.metrics.serviceMonitor.additionalLabels $serviceValues.metrics.serviceMonitor.additionalLabels) }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - interval: {{ default $.Values.server.metrics.serviceMonitor.interval $serviceValues.metrics.serviceMonitor.interval }} - {{- with (default $.Values.server.metrics.serviceMonitor.metricRelabelings $serviceValues.metrics.serviceMonitor.metricRelabelings) }} - metricRelabelings: - {{- toYaml . | nindent 4 }} - {{- end }} - jobLabel: {{ include "temporal.componentname" (list $ $service) }} - namespaceSelector: - matchNames: - - "{{ $.Release.Namespace }}" - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: {{ $service }} - app.kubernetes.io/headless: 'true' ---- -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/server-service.yaml b/composio/charts/temporal/templates/server-service.yaml deleted file mode 100644 index e71ff49..0000000 --- a/composio/charts/temporal/templates/server-service.yaml +++ /dev/null @@ -1,98 +0,0 @@ -{{- if $.Values.server.enabled }} -{{- range $rawService := (list "frontend" "internalFrontend") }} -{{- $service := include "serviceName" (list $rawService) }} -{{- $serviceValues := index $.Values.server $rawService }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "temporal.componentname" (list $ $service) }} - labels: - {{- include "temporal.resourceLabels" (list $ $service "") | nindent 4 }} - {{- if $serviceValues.service.annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $serviceValues.service.annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ $serviceValues.service.type }} - ports: - - port: {{ $serviceValues.service.port }} - targetPort: rpc - protocol: TCP - name: grpc-rpc - {{- if hasKey $serviceValues.service "nodePort" }} - nodePort: {{ $serviceValues.service.nodePort }} - {{- end }} - - port: {{ $serviceValues.service.httpPort }} - targetPort: http - protocol: TCP - name: http - # TODO: Allow customizing the node HTTP port - selector: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: {{ $service }} - ---- -{{- end }} -{{- end }} - -{{- if $.Values.server.enabled }} -{{- range $rawService := (list "frontend" "internalFrontend" "matching" "history" "worker") }} -{{- $service := include "serviceName" (list $rawService) }} -{{- $serviceValues := index $.Values.server $rawService }} -{{- if or (not (hasKey $serviceValues "enabled")) $serviceValues.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "temporal.componentname" (list $ (printf "%s-headless" $service)) }} - labels: - {{- include "temporal.resourceLabels" (list $ $service "") | nindent 4 }} - app.kubernetes.io/headless: 'true' - annotations: - # Use this annotation in addition to the actual field below because the - # annotation will stop being respected soon but the field is broken in - # some versions of Kubernetes: - # https://github.com/kubernetes/kubernetes/issues/58662 - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" - {{- if (dig "metrics" "annotations" "enabled" $.Values.server.metrics.annotations.enabled $serviceValues) }} - prometheus.io/job: {{ $.Chart.Name }}-{{ $service }} - prometheus.io/scrape: 'true' - prometheus.io/scheme: http - prometheus.io/port: "9090" - {{- end }} - -spec: - type: ClusterIP - clusterIP: None - publishNotReadyAddresses: true - # For Istio service mesh - make sure all ports are defined here and in the deployment: - # https://istio.io/latest/docs/ops/configuration/traffic-management/traffic-routing/#headless-services - # Also for Istio - make sure to set the `appProtocol` property, see: - # https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/#explicit-protocol-selection - # Note that only the monitoring port is used for discovery (by prometheus). - # The other ports are listed here solely to allow Istio to configure itself to intercept traffic. - # https://istio.io/latest/docs/ops/configuration/traffic-management/traffic-routing/#headless-services - ports: - - port: {{ $serviceValues.service.port }} - targetPort: rpc - appProtocol: tcp - protocol: TCP - name: grpc-rpc - - port: {{ $serviceValues.service.membershipPort }} - targetPort: membership - appProtocol: tcp - protocol: TCP - name: grpc-membership - - port: 9090 - targetPort: metrics - appProtocol: http - protocol: TCP - name: metrics - selector: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: {{ $service }} - ---- -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/composio/charts/temporal/templates/serviceaccount.yaml b/composio/charts/temporal/templates/serviceaccount.yaml deleted file mode 100644 index 811c9b4..0000000 --- a/composio/charts/temporal/templates/serviceaccount.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "temporal.serviceAccountName" $ }} - labels: - {{- include "temporal.resourceLabels" (list $ "" "") | nindent 4 }} - annotations: - helm.sh/hook: pre-install, pre-upgrade - helm.sh/hook-weight: "-10" - {{- with .Values.serviceAccount.extraAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/composio/charts/temporal/templates/web-deployment.yaml b/composio/charts/temporal/templates/web-deployment.yaml deleted file mode 100644 index 7002ec3..0000000 --- a/composio/charts/temporal/templates/web-deployment.yaml +++ /dev/null @@ -1,102 +0,0 @@ -{{- if .Values.web.enabled -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "temporal.componentname" (list $ "web") }} - annotations: - {{- include "temporal.resourceAnnotations" (list $ "web" "deployment") | nindent 4 }} - labels: - {{- include "temporal.resourceLabels" (list $ "web" "deployment") | nindent 4 }} -spec: - replicas: {{ .Values.web.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: web - template: - metadata: - annotations: - {{- include "temporal.resourceAnnotations" (list $ "web" "pod") | nindent 8 }} - labels: - {{- include "temporal.resourceLabels" (list $ "web" "pod") | nindent 8 }} - spec: - {{- with .Values.web.additionalInitContainers }} - initContainers: - {{- toYaml . | nindent 8 }} - {{- end }} - {{ include "temporal.serviceAccount" $ }} - {{- if .Values.web.additionalVolumes }} - volumes: - {{- toYaml .Values.web.additionalVolumes | nindent 8 }} - {{- end }} - containers: - - name: {{ .Chart.Name }}-web - image: "{{ .Values.web.image.repository }}:{{ .Values.web.image.tag }}" - imagePullPolicy: {{ .Values.web.image.pullPolicy }} - env: - - name: TEMPORAL_ADDRESS - value: "{{ include "temporal.fullname" $ }}-frontend.{{ .Release.Namespace }}.svc:{{ .Values.server.frontend.service.port }}" - {{- if .Values.web.additionalEnv }} - {{- toYaml .Values.web.additionalEnv | nindent 12 }} - {{- end }} - {{- if .Values.web.additionalEnvSecretName }} - envFrom: - - secretRef: - name: {{ .Values.web.additionalEnvSecretName }} - {{- end }} - livenessProbe: - initialDelaySeconds: 10 - tcpSocket: - port: http - {{- if .Values.web.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: {{ .Values.web.readinessProbe.httpGet.path }} - port: {{ .Values.web.readinessProbe.httpGet.port }} - scheme: {{ .Values.web.readinessProbe.httpGet.scheme }} - failureThreshold: {{ .Values.web.readinessProbe.failureThreshold }} - initialDelaySeconds: {{ .Values.web.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.web.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.web.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.web.readinessProbe.timeoutSeconds }} - {{- end }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - resources: - {{- toYaml .Values.web.resources | nindent 12 }} - {{- with .Values.web.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.web.additionalVolumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.web.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $.Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} diff --git a/composio/charts/temporal/templates/web-ingress.yaml b/composio/charts/temporal/templates/web-ingress.yaml deleted file mode 100644 index 24aca10..0000000 --- a/composio/charts/temporal/templates/web-ingress.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if .Values.web.ingress.enabled -}} - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} -apiVersion: networking.k8s.io/v1 - {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} -apiVersion: networking.k8s.io/v1beta1 - {{- else if .Capabilities.APIVersions.Has "extensions/v1beta1" }} -apiVersion: extensions/v1beta1 - {{- end }} -kind: Ingress -metadata: - name: {{ include "temporal.componentname" (list $ "web") }} - labels: - {{- include "temporal.resourceLabels" (list $ "web" "") | nindent 4 }} -{{- with .Values.web.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - {{- with .Values.web.ingress.className }} - ingressClassName: {{ . | quote }} - {{- end }} - {{- if .Values.web.ingress.tls }} - tls: - {{- range .Values.web.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.web.ingress.hosts }} - {{- $url := splitList "/" . }} - - host: {{ first $url }} - http: - paths: - - path: /{{ rest $url | join "/" }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} - pathType: Prefix - backend: - service: - name: {{ include "temporal.fullname" $ }}-web - port: - number: {{ $.Values.web.service.port }} - {{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} - backend: - serviceName: {{ include "temporal.fullname" $ }}-web - servicePort: {{ $.Values.web.service.port }} - {{- end }} - {{- end}} -{{- end }} diff --git a/composio/charts/temporal/templates/web-pdb.yaml b/composio/charts/temporal/templates/web-pdb.yaml deleted file mode 100644 index 6e6a2d4..0000000 --- a/composio/charts/temporal/templates/web-pdb.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if $.Values.web.enabled }} -{{- if $.Values.web.podDisruptionBudget }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "temporal.componentname" (list $ "web") }}-pdb - labels: - {{- include "temporal.resourceLabels" (list $ "web" "") | nindent 4 }} -spec: - {{ toYaml $.Values.web.podDisruptionBudget }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/component: web -{{- end }} -{{- end }} diff --git a/composio/charts/temporal/templates/web-service.yaml b/composio/charts/temporal/templates/web-service.yaml deleted file mode 100644 index 6ad62d8..0000000 --- a/composio/charts/temporal/templates/web-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.web.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "temporal.componentname" (list $ "web") }} - labels: - {{- include "temporal.resourceLabels" (list $ "web" "") | nindent 4 }} - {{- if .Values.web.service.annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.web.service.annotations "context" $) | nindent 4 }} - {{- end }} -spec: - {{- with .Values.web.service.loadBalancerIP }} - loadBalancerIP: {{.}} - {{- end }} - type: {{ .Values.web.service.type }} - {{- with .Values.web.service.clusterIP }} - clusterIP: {{.}} - {{- end }} - ports: - - port: {{ .Values.web.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if hasKey .Values.web.service "nodePort" }} - nodePort: {{ .Values.web.service.nodePort }} - {{- end }} - selector: - app.kubernetes.io/name: {{ include "temporal.name" $ }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: web - {{- end }} diff --git a/composio/charts/temporal/values.yaml b/composio/charts/temporal/values.yaml deleted file mode 100644 index 0fab06b..0000000 --- a/composio/charts/temporal/values.yaml +++ /dev/null @@ -1,681 +0,0 @@ -nameOverride: "" -fullnameOverride: "" -# Chart debug mode -# (eg. disable helm hook delete policy) -debug: false -imagePullSecrets: {} -# Custom Service account management -serviceAccount: - # Whether to create service account or not - create: false - # Name of the service account. - # Uses `name` if set. - # If `create: true` defaults to temporal.fullname, otherwise uses the namespace's default serviceAccount. - name: - # extraAnnotations would let users add additional annotations - extraAnnotations: -additionalAnnotations: {} -additionalLabels: {} -server: - enabled: true - image: - repository: temporalio/server - tag: 1.29.0 - pullPolicy: IfNotPresent - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - # Global default settings (can be overridden per service) - replicaCount: 1 - metrics: - # Annotate pods directly with Prometheus annotations. - # Use this if you installed Prometheus from a Helm chart. - annotations: - enabled: true - # Additional tags to be added to Prometheus metrics - tags: {} - # Tags to be excluded in Prometheus metrics - excludeTags: {} - prefix: - # Enable Prometheus ServiceMonitor - # Use this if you installed the Prometheus Operator (https://github.com/coreos/prometheus-operator). - serviceMonitor: - enabled: false - interval: 30s - # Set additional lables to all the ServiceMonitor resources - additionalLabels: {} - # label1: value1 - # label2: value2 - # Set Prometheus metric_relabel_configs via ServiceMonitor - # Use metricRelabelings to adjust metric and label names as needed - metricRelabelings: [] - # - action: replace - # sourceLabels: - # - exported_namespace - # targetLabel: temporal_namespace - # - action: replace - # regex: service_errors_(.+) - # replacement: ${1} - # sourceLabels: - # - __name__ - # targetLabel: temporal_error_kind - # - action: replace - # regex: service_errors_.+ - # replacement: temporal_service_errors - # sourceLabels: - # - __name__ - # targetLabel: __name__ - prometheus: - timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - secretLabels: {} - secretAnnotations: {} - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - nodeSelector: {} - tolerations: [] - affinity: {} - additionalVolumes: [] - additionalVolumeMounts: [] - additionalEnv: [] - # for sidecar containers, add containers here with restartPolicy: Always - additionalInitContainers: [] - securityContext: - fsGroup: 1000 - runAsUser: 1000 - config: - logLevel: "debug,info" - # IMPORTANT: This value cannot be changed, once it's set. - numHistoryShards: 512 - # Define your TLS configuration here. See https://docs.temporal.io/references/configuration#tls - # for configuration options. You must also use `server.additionalVolumeMounts` and `server.additionalVolumes` - # to mount certificates (from Secret or ConfigMap etc) to the path you use below. - # tls: - # internode: - # server: - # certFile: /path/to/internode/cert/file - # keyFile: /path/to/internode/key/file - # requireClientAuth: true - # clientCaFiles: - # - /path/to/internode/serverCa - # client: - # serverName: dnsSanInInternodeCertificate - # rootCaFiles: - # - /path/to/internode/serverCa - # frontend: - # server: - # certFile: /path/to/frontend/cert/file - # keyFile: /path/to/frontend/key/file - # requireClientAuth: true - # clientCaFiles: - # - /path/to/internode/serverCa - # - /path/to/sdkClientPool1/ca - # - /path/to/sdkClientPool2/ca - # client: - # serverName: dnsSanInFrontendCertificate - # rootCaFiles: - # - /path/to/frontend/serverCa - # Define your Authorizer and ClaimMapper configuration here. See https://docs.temporal.io/self-hosted-guide/security#authorization - # authorization: - # jwtKeyProvider: - # keySourceURIs: - # - http://localhost:/jwks.json - # refreshInterval: 1m - # permissionsClaimName: permissions - # authorizer: default - # claimMapper: default - persistence: - defaultStore: default - additionalStores: {} - default: - driver: "cassandra" - cassandra: - hosts: [] - # port: 9042 - keyspace: "temporal" - user: "user" - password: "password" - existingSecret: "" - replicationFactor: 1 - # datacenter: "us-east-1a" - # maxQPS: 1000 - # maxConns: 2 - consistency: - default: - consistency: "local_quorum" - serialConsistency: "local_serial" - sql: - driver: "mysql8" - host: "mysql" - port: 3306 - database: "temporal" - user: "temporal" - password: "temporal" - existingSecret: "" - secretName: "" - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - # connectAttributes: - # tx_isolation: 'READ-COMMITTED' - visibility: - driver: "cassandra" - cassandra: - hosts: [] - # port: 9042 - keyspace: "temporal_visibility" - user: "user" - password: "password" - existingSecret: "" - # datacenter: "us-east-1a" - # maxQPS: 1000 - # maxConns: 2 - replicationFactor: 1 - consistency: - default: - consistency: "local_quorum" - serialConsistency: "local_serial" - sql: - driver: "mysql8" - host: "mysql" - port: 3306 - database: "temporal_visibility" - user: "temporal" - password: "temporal" - existingSecret: "" - secretName: "" - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - # connectAttributes: - # tx_isolation: 'READ-COMMITTED' - namespaces: - # Enable this to create namespaces - create: false - namespace: - - name: default - retention: 3d - frontend: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - - service: - # Evaluated as template - annotations: {} - type: ClusterIP - port: 7233 - membershipPort: 6933 - httpPort: 7243 - ingress: - enabled: false - # className: - annotations: {} - # kubernetes.io/ingress.class: traefik - # ingress.kubernetes.io/ssl-redirect: "false" - # traefik.frontend.rule.type: PathPrefix - hosts: - - "/" - # - "domain.com/xyz" - # - "domain.com" - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - metrics: - annotations: - enabled: true - serviceMonitor: {} - # enabled: false - prometheus: {} - # timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalEnv: [] - containerSecurityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} - internalFrontend: - # Enable this to create internal-frontend - enabled: false - service: - # Evaluated as template - annotations: {} - type: ClusterIP - port: 7236 - membershipPort: 6936 - httpPort: 7246 - metrics: - annotations: - enabled: true - serviceMonitor: {} - # enabled: false - prometheus: {} - # timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalEnv: [] - containerSecurityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} - history: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - service: - # type: ClusterIP - port: 7234 - membershipPort: 6934 - metrics: - annotations: - enabled: true - serviceMonitor: {} - # enabled: false - prometheus: {} - # timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalEnv: [] - additionalEnvSecretName: "" - containerSecurityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} - matching: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - service: - # type: ClusterIP - port: 7235 - membershipPort: 6935 - metrics: - annotations: - enabled: false - serviceMonitor: {} - # enabled: false - prometheus: {} - # timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalEnv: [] - containerSecurityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} - worker: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - service: - # type: ClusterIP - port: 7239 - membershipPort: 6939 - metrics: - annotations: - enabled: true - serviceMonitor: {} - # enabled: false - prometheus: {} - # timerType: histogram - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalEnv: [] - containerSecurityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} -admintools: - enabled: true - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - image: - repository: temporalio/admin-tools - tag: "1.29" - pullPolicy: IfNotPresent - service: - type: ClusterIP - port: 22 - annotations: {} - deploymentLabels: {} - deploymentAnnotations: {} - podLabels: {} - podAnnotations: {} - nodeSelector: {} - tolerations: [] - affinity: {} - additionalVolumes: [] - additionalVolumeMounts: [] - additionalEnv: [] - additionalEnvSecretName: "" - # for sidecar containers, add containers here with restartPolicy: Always - additionalInitContainers: [] - resources: {} - containerSecurityContext: {} - securityContext: {} - podDisruptionBudget: {} -web: - # additionalInitContainers: [] - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - - enabled: true - replicaCount: 1 - image: - repository: temporalio/ui - tag: 2.40.1 - pullPolicy: IfNotPresent - service: - # set type to NodePort if access to web needs access from outside the cluster - # for more info see https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - type: ClusterIP - # The below clusterIP setting can be set to "None" to make the temporal-web service headless. - # Note that this requires the web.service.type to be the default ClusterIP value. - # clusterIP: - port: 8080 - annotations: {} - # loadBalancerIP: - ingress: - enabled: false - # className: - annotations: {} - # kubernetes.io/ingress.class: traefik - # ingress.kubernetes.io/ssl-redirect: "false" - # traefik.frontend.rule.type: PathPrefix - hosts: - - "/" - # - "domain.com/xyz" - # - "domain.com" - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - deploymentLabels: {} - deploymentAnnotations: {} - podAnnotations: {} - podLabels: {} - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - nodeSelector: {} - tolerations: [] - affinity: {} - additionalVolumes: [] - additionalVolumeMounts: [] - # Adjust Web UI config with environment variables: - # https://docs.temporal.io/references/web-ui-environment-variables - additionalEnv: [] - additionalEnvSecretName: "" - containerSecurityContext: {} - securityContext: {} - topologySpreadConstraints: [] - podDisruptionBudget: {} -schema: - createDatabase: - enabled: true - setup: - enabled: true - backoffLimit: 100 - update: - enabled: true - backoffLimit: 100 - podAnnotations: {} - podLabels: {} - resources: {} - containerSecurityContext: {} - securityContext: {} -elasticsearch: - enabled: true - replicas: 3 - persistence: - enabled: false - imageTag: 7.17.3 - host: elasticsearch-master-headless - scheme: http - port: 9200 - version: "v7" - logLevel: "error" - username: "" - password: "" - visibilityIndex: "temporal_visibility_v1_dev" -prometheus: - enabled: true - nodeExporter: - enabled: false -grafana: - enabled: true - replicas: 1 - testFramework: - enabled: false - rbac: - create: false - pspEnabled: false - namespaced: true - dashboardProviders: - dashboardproviders.yaml: - apiVersion: 1 - providers: - - name: "default" - orgId: 1 - folder: "" - type: file - disableDeletion: false - editable: true - options: - path: /var/lib/grafana/dashboards/default - datasources: - datasources.yaml: - apiVersion: 1 - datasources: - - name: TemporalMetrics - type: prometheus - url: http://{{ .Release.Name }}-prometheus-server - access: proxy - isDefault: true - dashboards: - default: - server-general-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/server/server-general.json - datasource: TemporalMetrics - sdk-general-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/sdk/sdk-general.json - datasource: TemporalMetrics - misc-advanced-visibility-specific-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/advanced-visibility-specific.json - datasource: TemporalMetrics - misc-clustermonitoring-kubernetes-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/clustermonitoring-kubernetes.json - datasource: TemporalMetrics - misc-frontend-service-specific-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/frontend-service-specific.json - datasource: TemporalMetrics - misc-history-service-specific-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/history-service-specific.json - datasource: TemporalMetrics - misc-matching-service-specific-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/matching-service-specific.json - datasource: TemporalMetrics - misc-worker-service-specific-github: - url: https://raw.githubusercontent.com/temporalio/dashboards/helm/misc/worker-service-specific.json - datasource: TemporalMetrics -cassandra: - enabled: true - persistence: - enabled: false - image: - repo: cassandra - tag: 3.11.3 - pullPolicy: IfNotPresent - config: - cluster_size: 3 - ports: - cql: 9042 - num_tokens: 4 - max_heap_size: 512M - heap_new_size: 128M - seed_size: 0 - service: - type: ClusterIP -mysql: - enabled: false diff --git a/composio/charts/temporal/values/values.antiaffinity.yaml b/composio/charts/temporal/values/values.antiaffinity.yaml deleted file mode 100644 index 29cd877..0000000 --- a/composio/charts/temporal/values/values.antiaffinity.yaml +++ /dev/null @@ -1,228 +0,0 @@ -cassandra: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - frontend - - history - - matching - - worker - topologyKey: kubernetes.io/hostname - - weight: 50 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - elasticsearch-master - topologyKey: kubernetes.io/hostname - - weight: 5 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - prometheus - topologyKey: kubernetes.io/hostname - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - grafana - topologyKey: kubernetes.io/hostname - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - cassandra - topologyKey: kubernetes.io/hostname - -server: - frontend: - affinity: - podAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 50 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - history - - matching - - worker - topologyKey: kubernetes.io/hostname - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - cassandra - topologyKey: kubernetes.io/hostname - - weight: 75 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - elasticsearch-master - topologyKey: kubernetes.io/hostname - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - frontend - topologyKey: kubernetes.io/hostname - - history: - affinity: - podAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 50 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - frontend - - matching - - worker - topologyKey: kubernetes.io/hostname - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - cassandra - topologyKey: kubernetes.io/hostname - - weight: 75 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - elasticsearch-master - topologyKey: kubernetes.io/hostname - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - history - topologyKey: kubernetes.io/hostname - - matching: - affinity: - podAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 50 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - frontend - - history - - worker - topologyKey: kubernetes.io/hostname - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - cassandra - topologyKey: kubernetes.io/hostname - - weight: 75 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - elasticsearch-master - topologyKey: kubernetes.io/hostname - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - matching - topologyKey: kubernetes.io/hostname - - worker: - affinity: - podAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 50 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - frontend - - matching - - history - topologyKey: kubernetes.io/hostname - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - cassandra - topologyKey: kubernetes.io/hostname - - weight: 75 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - elasticsearch-master - topologyKey: kubernetes.io/hostname - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/component - operator: In - values: - - worker - topologyKey: kubernetes.io/hostname diff --git a/composio/charts/temporal/values/values.archival.filestore.yaml b/composio/charts/temporal/values/values.archival.filestore.yaml deleted file mode 100644 index c4693d1..0000000 --- a/composio/charts/temporal/values/values.archival.filestore.yaml +++ /dev/null @@ -1,25 +0,0 @@ -server: - archival: - history: - state: "enabled" - enableRead: true - provider: - filestore: - fileMode: "0666" - dirMode: "0766" - visibility: - state: "enabled" - enableRead: true - provider: - filestore: - fileMode: "0666" - dirMode: "0766" - - namespaceDefaults: - archival: - history: - state: "enabled" - URI: "file:///tmp/temporal_archival/development" - visibility: - state: "enabled" - URI: "file:///tmp/temporal_vis_archival/development" \ No newline at end of file diff --git a/composio/charts/temporal/values/values.archival.gcloud.yaml b/composio/charts/temporal/values/values.archival.gcloud.yaml deleted file mode 100644 index e6f3511..0000000 --- a/composio/charts/temporal/values/values.archival.gcloud.yaml +++ /dev/null @@ -1,23 +0,0 @@ -server: - archival: - history: - state: "enabled" - enableRead: true - provider: - gstorage: - credentialsPath: "/tmp/keyfile.json" - visibility: - state: "enabled" - enableRead: true - provider: - gstorage: - credentialsPath: "/tmp/keyfile.json" - - namespaceDefaults: - archival: - history: - state: "enabled" - URI: "gs://my-bucket-cad/temporal_archival/development" - visibility: - state: "enabled" - URI: "gs://my-bucket-cad/temporal_archival/visibility" \ No newline at end of file diff --git a/composio/charts/temporal/values/values.archival.s3.yaml b/composio/charts/temporal/values/values.archival.s3.yaml deleted file mode 100644 index 8a62c5d..0000000 --- a/composio/charts/temporal/values/values.archival.s3.yaml +++ /dev/null @@ -1,23 +0,0 @@ -server: - archival: - history: - state: "enabled" - enableRead: true - provider: - s3store: - region: "us-east-1" - visibility: - state: "enabled" - enableRead: true - provider: - s3store: - region: "us-east-1" - - namespaceDefaults: - archival: - history: - state: "enabled" - URI: "s3://archival-bucket-name" - visibility: - state: "enabled" - URI: "s3://visibility-archival-bucket-name" \ No newline at end of file diff --git a/composio/charts/temporal/values/values.aurora-mysql.yaml b/composio/charts/temporal/values/values.aurora-mysql.yaml deleted file mode 100644 index 6338005..0000000 --- a/composio/charts/temporal/values/values.aurora-mysql.yaml +++ /dev/null @@ -1,51 +0,0 @@ -server: - config: - persistence: - default: - driver: "sql" - - sql: - driver: "mysql8" - host: _HOST_ - port: 3306 - database: temporal - user: _USERNAME_ - password: _PASSWORD_ - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - connectAttributes: - tx_isolation: 'READ-COMMITTED' - - visibility: - driver: "sql" - - sql: - driver: "mysql8" - host: _HOST_ - port: 3306 - database: temporal_visibility - user: _USERNAME_ - password: _PASSWORD_ - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - connectAttributes: - tx_isolation: 'READ-COMMITTED' - -cassandra: - enabled: false - -mysql: - enabled: true - -postgresql: - enabled: false - -schema: - createDatabase: - enabled: true - setup: - enabled: false - update: - enabled: false diff --git a/composio/charts/temporal/values/values.cassandra.yaml b/composio/charts/temporal/values/values.cassandra.yaml deleted file mode 100644 index 8c9f532..0000000 --- a/composio/charts/temporal/values/values.cassandra.yaml +++ /dev/null @@ -1,57 +0,0 @@ -server: - config: - logLevel: "debug,info" - - numHistoryShards: 512 - - persistence: - default: - driver: "cassandra" - -# faultInjection: -# targets: -# dataStores: -# ExecutionStore: -# methods: -# GetCurrentExecution: -# errors: -# ResourceExhausted: 0.1 -# AppendHistoryNodes: -# errors: -# ResourceExhausted: 0.05 -# UpdateWorkflowExecution: -# errors: -# ResourceExhausted: 0.15 -# GetWorkflowExecution: -# errors: -# ResourceExhausted: 0.15 - - cassandra: - hosts: ["cassandra.default.svc.cluster.local"] - port: 9042 - keyspace: temporal - user: "user" - password: "password" - existingSecret: "" - replicationFactor: 1 - consistency: - default: - consistency: "local_quorum" - serialConsistency: "local_serial" - -cassandra: - enabled: false - -mysql: - enabled: false - -postgresql: - enabled: false - -schema: - createDatabase: - enabled: true - setup: - enabled: false - update: - enabled: false diff --git a/composio/charts/temporal/values/values.cloudsqlproxy.yaml b/composio/charts/temporal/values/values.cloudsqlproxy.yaml deleted file mode 100644 index 84898ba..0000000 --- a/composio/charts/temporal/values/values.cloudsqlproxy.yaml +++ /dev/null @@ -1,43 +0,0 @@ -admintools: - additionalInitContainers: - - name: cloud-sql-proxy - image: gcr.io/cloudsql-docker/gce-proxy:1.17 - command: - - "/cloud_sql_proxy" - - "-ip_address_types=PRIVATE" - - "-instances=_PROJECTNAME_:_REGION_:_INSTANCENAME_=tcp:5432" - - "-credential_file=/etc/google-cloud-key/key.json" - restartPolicy: Always - securityContext: - runAsNonRoot: true - volumeMounts: - - name: google-cloud-key - mountPath: /etc/google-cloud-key - readOnly: true - - additionalVolumes: - - name: google-cloud-key - secret: - secretName: cloud-sql-proxy-sa - -server: - additionalInitContainers: - - name: cloud-sql-proxy - image: gcr.io/cloudsql-docker/gce-proxy:1.17 - command: - - "/cloud_sql_proxy" - - "-ip_address_types=PRIVATE" - - "-instances=_PROJECTNAME_:_REGION_:_INSTANCENAME_=tcp:5432" - - "-credential_file=/etc/google-cloud-key/key.json" - restartPolicy: Always - securityContext: - runAsNonRoot: true - volumeMounts: - - name: google-cloud-key - mountPath: /etc/google-cloud-key - readOnly: true - - additionalVolumes: - - name: google-cloud-key - secret: - secretName: cloud-sql-proxy-sa diff --git a/composio/charts/temporal/values/values.dynamic_config.yaml b/composio/charts/temporal/values/values.dynamic_config.yaml deleted file mode 100644 index df797cd..0000000 --- a/composio/charts/temporal/values/values.dynamic_config.yaml +++ /dev/null @@ -1,8 +0,0 @@ -server: - dynamicConfig: - matching.numTaskqueueReadPartitions: - - value: 5 - constraints: {} - matching.numTaskqueueWritePartitions: - - value: 5 - constraints: {} diff --git a/composio/charts/temporal/values/values.elasticsearch.yaml b/composio/charts/temporal/values/values.elasticsearch.yaml deleted file mode 100644 index bd16922..0000000 --- a/composio/charts/temporal/values/values.elasticsearch.yaml +++ /dev/null @@ -1,8 +0,0 @@ -elasticsearch: - enabled: false - external: true - host: "elasticsearch-master-headless" - port: "9200" - version: "v7" - scheme: "http" - logLevel: "error" diff --git a/composio/charts/temporal/values/values.mysql.yaml b/composio/charts/temporal/values/values.mysql.yaml deleted file mode 100644 index 957fd3f..0000000 --- a/composio/charts/temporal/values/values.mysql.yaml +++ /dev/null @@ -1,47 +0,0 @@ -server: - config: - persistence: - default: - driver: "sql" - - sql: - driver: "mysql8" - host: _HOST_ - port: 3306 - database: temporal - user: _USERNAME_ - password: _PASSWORD_ - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - - visibility: - driver: "sql" - - sql: - driver: "mysql8" - host: _HOST_ - port: 3306 - database: temporal_visibility - user: _USERNAME_ - password: _PASSWORD_ - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - -cassandra: - enabled: false - -mysql: - enabled: true - -postgresql: - enabled: false - -schema: - createDatabase: - enabled: true - setup: - enabled: false - update: - enabled: false diff --git a/composio/charts/temporal/values/values.ndc.yaml b/composio/charts/temporal/values/values.ndc.yaml deleted file mode 100644 index 70d6758..0000000 --- a/composio/charts/temporal/values/values.ndc.yaml +++ /dev/null @@ -1,34 +0,0 @@ -server: - config: - dcRedirectionPolicy: - policy: "selected-apis-forwarding" - toDC: "" - - clusterMetadata: - enableGlobalNamespace: true - replicationConsumer: - type: rpc - failoverVersionIncrement: 100 - masterClusterName: cluster_a - currentClusterName: # - # clusterInformation: - # : - # enabled: true - # initialFailoverVersion: - # rpcName: "frontend" - # rpcAddress: - # cluster_a: - # enabled: true - # initialFailoverVersion: 1 - # rpcName: "frontend" - # rpcAddress: "localhost:7233" - # cluster_b: - # enabled: true - # initialFailoverVersion: 2 - # rpcName: "frontend" - # rpcAddress: "localhost:8233" - # cluster_c: - # enabled: false - # initialFailoverVersion: 3 - # rpcName: "frontend" - # rpcAddress: "localhost:9233" diff --git a/composio/charts/temporal/values/values.postgresql.yaml b/composio/charts/temporal/values/values.postgresql.yaml deleted file mode 100644 index 00976a2..0000000 --- a/composio/charts/temporal/values/values.postgresql.yaml +++ /dev/null @@ -1,84 +0,0 @@ -server: - config: - persistence: - default: - driver: "sql" - - sql: - driver: "postgres12" - host: _HOST_ - port: 5432 - database: temporal - user: _USERNAME_ - password: _PASSWORD_ - # for a production deployment use this instead of `password` and provision the secret beforehand e.g. with a sealed secret - # it has a single key called `password` - # existingSecret: temporal-default-store - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - # tls: - # enabled: true - # enableHostVerification: true - # serverName: _HOST_ # this is strictly required when using serverless CRDB offerings - # caFile: /path/to/certs/ # Here we assumed that caFile, certFile, keyFile are stored in one secret mounted as 'secret-with-certs' (see: server.additionalVolumes and server.additionalVolumeMounts sections). - # certFile: /path/to/certs/ - # keyFile: /path/to/certs/ - - visibility: - driver: "sql" - - sql: - driver: "postgres12" - host: _HOST_ - port: 5432 - database: temporal_visibility - user: _USERNAME_ - password: _PASSWORD_ - # for a production deployment use this instead of `password` and provision the secret beforehand e.g. with a sealed secret - # it has a single key called `password` - # existingSecret: temporal-visibility-store - maxConns: 20 - maxIdleConns: 20 - maxConnLifetime: "1h" - # tls: - # enabled: true - # enableHostVerification: true - # serverName: _HOST_ # this is strictly required when using serverless CRDB offerings - # caFile: /path/to/certs/ # Here we assumed that caFile, certFile, keyFile are stored in one secret mounted as 'secret-with-certs' (see: server.additionalVolumes and server.additionalVolumeMounts sections). - # certFile: /path/to/certs/ - # keyFile: /path/to/certs/ - - # additionalVolumes: - # - name: secret-with-certs - # secret: - # secretName: secret-with-certs - # additionalVolumeMounts: - # - name: secret-with-certs - # mountPath: /path/to/certs/ - -cassandra: - enabled: false - -mysql: - enabled: false - -postgresql: - enabled: true - -prometheus: - enabled: true - -grafana: - enabled: true - -elasticsearch: - enabled: true - -schema: - createDatabase: - enabled: true - setup: - enabled: false - update: - enabled: false diff --git a/composio/charts/temporal/values/values.prometheus.external.yaml b/composio/charts/temporal/values/values.prometheus.external.yaml deleted file mode 100644 index b70fef3..0000000 --- a/composio/charts/temporal/values/values.prometheus.external.yaml +++ /dev/null @@ -1,28 +0,0 @@ -prometheus: - alertmanager: - enabled: false - alertmanagerFiles: - alertmanager.yml: {} - kubeStateMetrics: - enabled: false - nodeExporter: - enabled: false - pushgateway: - enabled: false - server: - persistentVolume: - enabled: false - extraArgs: - # minimal possible values - storage.tsdb.retention: 6h - storage.tsdb.min-block-duration: 2h - storage.tsdb.max-block-duration: 2h - serverFiles: - alerts: {} - prometheus.yml: - remote_write: - - url: _URL_ - basic_auth: - password: _PASSWORD_ - username: _USERNAME_ - rules: {} diff --git a/composio/charts/temporal/values/values.resources.yaml b/composio/charts/temporal/values/values.resources.yaml deleted file mode 100644 index 8d0a9aa..0000000 --- a/composio/charts/temporal/values/values.resources.yaml +++ /dev/null @@ -1,24 +0,0 @@ -server: - frontend: - resources: - requests: - cpu: 100m - memory: 512Mi - - history: - resources: - requests: - cpu: 100m - memory: 512Mi - - matching: - resources: - requests: - cpu: 100m - memory: 512Mi - - worker: - resources: - requests: - cpu: 100m - memory: 512Mi diff --git a/composio/templates/apollo-db-init-job.yaml b/composio/templates/apollo-db-init-job.yaml index 28e3895..13a56e8 100644 --- a/composio/templates/apollo-db-init-job.yaml +++ b/composio/templates/apollo-db-init-job.yaml @@ -27,7 +27,7 @@ spec: restartPolicy: {{ .Values.dbInit.job.restartPolicy | default "OnFailure" }} containers: - name: apollo-db-init - image: "{{ .Values.global.registry.name }}/{{ .Values.apollo.dbInit.image.repository }}:{{ .Values.apollo.dbInit.image.tag }}" + image: "{{ .Values.apollo.dbInit.image.repository }}:{{ .Values.apollo.dbInit.image.tag }}" imagePullPolicy: {{ .Values.apollo.dbInit.image.pullPolicy }} securityContext: {{- toYaml .Values.apollo.dbInit.containerSecurityContext | nindent 12 }} diff --git a/composio/templates/apollo.yaml b/composio/templates/apollo.yaml index f802ed7..df1dc1d 100644 --- a/composio/templates/apollo.yaml +++ b/composio/templates/apollo.yaml @@ -42,7 +42,7 @@ spec: {{- end }} containers: - name: apollo - image: "{{ .Values.global.registry.name }}/{{ .Values.apollo.image.repository }}:{{ .Values.apollo.image.tag }}" + image: "{{ .Values.apollo.image.repository }}:{{ .Values.apollo.image.tag }}" imagePullPolicy: {{ .Values.apollo.image.pullPolicy }} securityContext: {{- toYaml .Values.apollo.containerSecurityContext | nindent 12 }} diff --git a/composio/templates/mercury.yaml b/composio/templates/mercury.yaml index 69ddb9d..d80c962 100644 --- a/composio/templates/mercury.yaml +++ b/composio/templates/mercury.yaml @@ -38,7 +38,7 @@ spec: {{- end }} containers: - name: mercury - image: "{{ .Values.global.registry.name }}/{{ .Values.mercury.image.repository }}:{{ .Values.mercury.image.tag }}" + image: "{{ .Values.mercury.image.repository }}:{{ .Values.mercury.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.mercury.image.pullPolicy }} ports: - containerPort: {{ .Values.mercury.service.port | default 8080 }} diff --git a/composio/templates/minio.yaml b/composio/templates/minio.yaml index 64db876..2102b7f 100644 --- a/composio/templates/minio.yaml +++ b/composio/templates/minio.yaml @@ -29,7 +29,7 @@ spec: {{- toYaml .Values.minio.podSecurityContext | nindent 8 }} initContainers: - name: minio-data-init - image: "{{ .Values.global.registry.name }}/{{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}" + image: "{{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag | default .Chart.AppVersion }}" command: ["/bin/sh"] args: - -c @@ -121,7 +121,7 @@ spec: - name: {{ .Chart.Name }}-minio securityContext: {{- toYaml .Values.minio.containerSecurityContext | nindent 12 }} - image: "{{ .Values.global.registry.name }}/{{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}" + image: "{{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.minio.image.pullPolicy }} ports: - name: api diff --git a/composio/templates/thermos-db-init-job.yaml b/composio/templates/thermos-db-init-job.yaml index 33369ce..078968f 100644 --- a/composio/templates/thermos-db-init-job.yaml +++ b/composio/templates/thermos-db-init-job.yaml @@ -27,7 +27,7 @@ spec: restartPolicy: {{ .Values.dbInit.job.restartPolicy | default "OnFailure" }} containers: - name: thermos-db-init - image: "{{ .Values.global.registry.name }}/{{ .Values.thermos.dbInit.image.repository }}:{{ .Values.thermos.dbInit.image.tag }}" + image: "{{ .Values.thermos.dbInit.image.repository }}:{{ .Values.thermos.dbInit.image.tag }}" imagePullPolicy: {{ .Values.thermos.dbInit.image.pullPolicy }} securityContext: {{- toYaml .Values.thermos.dbInit.containerSecurityContext | nindent 12 }} diff --git a/composio/templates/thermos.yaml b/composio/templates/thermos.yaml index 90e1325..0f6ac5c 100644 --- a/composio/templates/thermos.yaml +++ b/composio/templates/thermos.yaml @@ -42,7 +42,7 @@ spec: {{- end }} containers: - name: thermos - image: "{{ .Values.global.registry.name }}/{{ .Values.thermos.image.repository }}:{{ .Values.thermos.image.tag }}" + image: "{{ .Values.thermos.image.repository }}:{{ .Values.thermos.image.tag }}" imagePullPolicy: {{ .Values.thermos.image.pullPolicy }} command: ["/usr/local/bin/thermos", "--cache-dir", "/tmp/.lookup"] workingDir: "/tmp" diff --git a/composio/values.yaml b/composio/values.yaml index 21b3a0b..86829ca 100644 --- a/composio/values.yaml +++ b/composio/values.yaml @@ -14,8 +14,6 @@ namespace: global: environment: development domain: localhost - registry: - name: "008971668139.dkr.ecr.us-east-1.amazonaws.com" imagePullSecrets: - name: ecr-secret # Add global security defaults for GKE Autopilot @@ -74,7 +72,7 @@ redis: apollo: replicaCount: 2 image: - repository: composio-self-host/apollo + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/apollo tag: "495d325" pullPolicy: Always nodeSelector: {} @@ -96,7 +94,7 @@ apollo: dbInit: enabled: true image: - repository: composio-self-host/apollo-db-init + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/apollo-db-init tag: "495d325" pullPolicy: Always podSecurityContext: @@ -153,7 +151,7 @@ apollo: thermos: replicaCount: 2 image: - repository: composio-self-host/thermos + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/thermos tag: "495d325" pullPolicy: Always @@ -178,7 +176,7 @@ thermos: dbInit: enabled: true image: - repository: composio-self-host/thermos-db-init + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/thermos-db-init tag: "495d325" pullPolicy: Always @@ -240,31 +238,7 @@ temporal: server: enabled: true - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - replicaCount: 2 - image: - repository: temporalio/server - tag: 1.28.0 - pullPolicy: IfNotPresent config: logLevel: "info" @@ -310,25 +284,6 @@ temporal: # Frontend service configuration frontend: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 service: type: ClusterIP port: 7233 @@ -350,76 +305,19 @@ temporal: web: enabled: true replicaCount: 1 - image: - repository: temporalio/ui - tag: 2.38.3 - pullPolicy: IfNotPresent service: type: ClusterIP port: 8080 - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 - service: - type: ClusterIP - port: 7233 - membershipPort: 6933 - httpPort: 7243 - admintools: - livenessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # initialDelaySeconds: 120 - # timeoutSeconds: 10 - - readinessProbe: - enabled: false - # httpGet: - # path: /api/health - # port: 3000 - # scheme: HTTP - # failureThreshold: 3 - # initialDelaySeconds: 30 - # periodSeconds: 10 - # successThreshold: 1 - # timeoutSeconds: 1 enabled: true - image: - repository: temporalio/admin-tools - tag: 1.28.0-tctl-1.18.2-cli-1.3.0 - pullPolicy: IfNotPresent cassandra: enabled: false - image: - repo: cassandra - tag: 3.11.3 - pullPolicy: IfNotPresent mysql: enabled: false elasticsearch: enabled: false - imageTag: 7.17.3 prometheus: enabled: false @@ -654,7 +552,7 @@ minio: maxSurge: 0 # Don't create new pod until old one is gone image: - repository: composio-self-host/minio + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/minio tag: "495d325" pullPolicy: Always @@ -701,7 +599,7 @@ mercury: useKnative: true replicaCount: 1 image: - repository: composio-self-host/mercury + repository: 008971668139.dkr.ecr.us-east-1.amazonaws.com/composio-self-host/mercury tag: "495d325" pullPolicy: Always