chore(deps): update prometheus-stack by renovate[bot] · Pull Request #1380 · defenseunicorns/uds-core

renovate · 2025-03-24T19:03:15Z

This PR contains the following updates:

Package	Update	Change
cgr.dev/du-uds-defenseunicorns/kube-webhook-certgen-fips (source)	patch	`1.12.0` -> `1.12.1`
kube-prometheus-stack (source)	minor	`70.2.1` -> `70.3.0`
registry.k8s.io/ingress-nginx/kube-webhook-certgen	patch	`v1.5.1` -> `v1.5.2`
registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen (source)	patch	`v1.5.1` -> `v1.5.2`

Release Notes

prometheus-community/helm-charts (kube-prometheus-stack)

`v70.3.0`

Compare Source

kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.

What's Changed

[kube-prometheus-stack] feat: allow setting scrapeProtocols for Prometheus by @KevinGimbel in https://github.com/prometheus-community/helm-charts/pull/5474

New Contributors

@KevinGimbel made their first contribution in https://github.com/prometheus-community/helm-charts/pull/5474

Full Changelog: prometheus-community/helm-charts@prometheus-operator-admission-webhook-0.21.0...kube-prometheus-stack-70.3.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

noahpb · 2025-03-25T12:22:48Z

This release introduces the ability to define a default scrapeProtocol for Prometheus objects. Should we choose to use this feature, investigation may required as this could conflict with our operator logic that injects fallbackScrapeProtocol when not defined.

| datasource | package | from | to | | ---------- | ------------------------------------------------------------------------ | ------ | ------ | | docker | cgr.dev/du-uds-defenseunicorns/kube-webhook-certgen-fips | 1.12.0 | 1.12.1 | | helm | kube-prometheus-stack | 70.2.1 | 70.3.0 | | docker | registry.k8s.io/ingress-nginx/kube-webhook-certgen | v1.5.1 | v1.5.2 | | docker | registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen | v1.5.1 | v1.5.2 |

renovate · 2025-03-27T19:15:34Z

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

🤖 I have created a release *beep* *boop* --- ## [0.39.0](v0.38.0...v0.39.0) (2025-04-01) ### ⚠ BREAKING CHANGES * dynamic generation of Istio AuthorizationPolicy resources in ambient mode based on the configuration defined in a UDSPackage. ALL requests to a pod with authservice protection MUST have a jwt from Keycloak. More fine-grained protection can be done with additional DENY policies, but there will always be a requirement for a Keycloak JWT in addition. ### Features * add alertmanager datasource to grafana ([#1374](#1374)) ([818a3a0](818a3a0)) * ambient mesh authorization policy generation (#1384) ([b47daba](b47daba)) * new webauth and mfa flows ([#1370](#1370)) ([1ac1b03](1ac1b03)) * theme customization ([#1382](#1382)) ([55ef41b](55ef41b)) * use Client Credentials for managing Keycloak Clients ([#1341](#1341)) ([4db9cc7](4db9cc7)) ### Bug Fixes * add delete credential keycloak secret value ([#1398](#1398)) ([d45b3e6](d45b3e6)) * broken selectors for internal dependencies on charts ([#1403](#1403)) ([d72b194](d72b194)) ### Miscellaneous * add additionalNetworkAllow to keycloak and loki ([#1379](#1379)) ([8200bce](8200bce)) * add docs for layer selection ([#1216](#1216)) ([c170322](c170322)) * **deps:** update grafana ([#1383](#1383)) ([122dc58](122dc58)) * **deps:** update grafana to v8.10.4 ([#1363](#1363)) ([fb163bd](fb163bd)) * **deps:** update istio to v1.25.0 ([#1335](#1335)) ([1803ea7](1803ea7)) * **deps:** update keycloak to v0.11.1 ([#1400](#1400)) ([6fdcd0c](6fdcd0c)) * **deps:** update keycloak to v26.1.4 ([#1356](#1356)) ([31152f7](31152f7)) * **deps:** update pepr to v0.46.3 ([#1365](#1365)) ([304a556](304a556)) * **deps:** update prometheus-stack ([#1362](#1362)) ([ae40b27](ae40b27)) * **deps:** update prometheus-stack ([#1380](#1380)) ([eec3337](eec3337)) * **deps:** update support dependencies to v22.13.17 ([#1401](#1401)) ([8a81eec](8a81eec)) * **deps:** update support-deps ([#1364](#1364)) ([7819bec](7819bec)) * **deps:** update support-deps ([#1376](#1376)) ([dd22589](dd22589)) * **deps:** update support-deps ([#1390](#1390)) ([f06bb70](f06bb70)) * **deps:** update support-deps ([#1392](#1392)) ([c0762a3](c0762a3)) * **deps:** update ts-jest to v29.3.0 ([#1377](#1377)) ([8b2174a](8b2174a)) * **deps:** update velero to v8.6.0 ([#1371](#1371)) ([93a44e6](93a44e6)) * remove kiali and tempo references from repo ([#1375](#1375)) ([8374de3](8374de3)) * update how to scrape metrics ([#1378](#1378)) ([e808f7d](e808f7d)) * update unicorn ztunnel image to 1.25.0 ([#1389](#1389)) ([7e446cb](7e446cb)) ### Documentation * velero csi vsphere backups ([#1385](#1385)) ([5ae33b2](5ae33b2)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cgr.dev/du-uds-defenseunicorns/kube-webhook-certgen-fips](https://images.chainguard.dev/directory/image/kube-webhook-certgen-fips/overview) ([source](https://github.com/chainguard-images/images-private/tree/HEAD/images/kube-webhook-certgen-fips)) | patch | `1.12.0` -> `1.12.1` | | [kube-prometheus-stack](https://github.com/prometheus-operator/kube-prometheus) ([source](https://github.com/prometheus-community/helm-charts)) | minor | `70.2.1` -> `70.3.0` | | [registry.k8s.io/ingress-nginx/kube-webhook-certgen](https://github.com/kubernetes/ingress-nginx) | patch | `v1.5.1` -> `v1.5.2` | | [registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen](https://github.com/kubernetes/ingress-nginx/) ([source](https://repo1.dso.mil/dsop/opensource/kubernetes/ingress-nginx/kube-webhook-certgen)) | patch | `v1.5.1` -> `v1.5.2` | --- ### Release Notes <details> <summary>prometheus-community/helm-charts (kube-prometheus-stack)</summary> ### [`v70.3.0`](https://github.com/prometheus-community/helm-charts/releases/tag/kube-prometheus-stack-70.3.0) [Compare Source](https://github.com/prometheus-community/helm-charts/compare/kube-prometheus-stack-70.2.1...kube-prometheus-stack-70.3.0) kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator. #### What's Changed - \[kube-prometheus-stack] feat: allow setting scrapeProtocols for Prometheus by [@KevinGimbel](https://github.com/KevinGimbel) in [https://github.com/prometheus-community/helm-charts/pull/5474](https://github.com/prometheus-community/helm-charts/pull/5474) #### New Contributors - [@KevinGimbel](https://github.com/KevinGimbel) made their first contribution in [https://github.com/prometheus-community/helm-charts/pull/5474](https://github.com/prometheus-community/helm-charts/pull/5474) **Full Changelog**: prometheus-community/helm-charts@prometheus-operator-admission-webhook-0.21.0...kube-prometheus-stack-70.3.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/defenseunicorns/uds-core).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

🤖 I have created a release *beep* *boop* --- ## [0.39.0](defenseunicorns/uds-core@v0.38.0...v0.39.0) (2025-04-01) ### ⚠ BREAKING CHANGES * dynamic generation of Istio AuthorizationPolicy resources in ambient mode based on the configuration defined in a UDSPackage. ALL requests to a pod with authservice protection MUST have a jwt from Keycloak. More fine-grained protection can be done with additional DENY policies, but there will always be a requirement for a Keycloak JWT in addition. ### Features * add alertmanager datasource to grafana ([defenseunicorns#1374](defenseunicorns#1374)) ([818a3a0](defenseunicorns@818a3a0)) * ambient mesh authorization policy generation (defenseunicorns#1384) ([b47daba](defenseunicorns@b47daba)) * new webauth and mfa flows ([defenseunicorns#1370](defenseunicorns#1370)) ([1ac1b03](defenseunicorns@1ac1b03)) * theme customization ([defenseunicorns#1382](defenseunicorns#1382)) ([55ef41b](defenseunicorns@55ef41b)) * use Client Credentials for managing Keycloak Clients ([defenseunicorns#1341](defenseunicorns#1341)) ([4db9cc7](defenseunicorns@4db9cc7)) ### Bug Fixes * add delete credential keycloak secret value ([defenseunicorns#1398](defenseunicorns#1398)) ([d45b3e6](defenseunicorns@d45b3e6)) * broken selectors for internal dependencies on charts ([defenseunicorns#1403](defenseunicorns#1403)) ([d72b194](defenseunicorns@d72b194)) ### Miscellaneous * add additionalNetworkAllow to keycloak and loki ([defenseunicorns#1379](defenseunicorns#1379)) ([8200bce](defenseunicorns@8200bce)) * add docs for layer selection ([defenseunicorns#1216](defenseunicorns#1216)) ([c170322](defenseunicorns@c170322)) * **deps:** update grafana ([defenseunicorns#1383](defenseunicorns#1383)) ([122dc58](defenseunicorns@122dc58)) * **deps:** update grafana to v8.10.4 ([defenseunicorns#1363](defenseunicorns#1363)) ([fb163bd](defenseunicorns@fb163bd)) * **deps:** update istio to v1.25.0 ([defenseunicorns#1335](defenseunicorns#1335)) ([1803ea7](defenseunicorns@1803ea7)) * **deps:** update keycloak to v0.11.1 ([defenseunicorns#1400](defenseunicorns#1400)) ([6fdcd0c](defenseunicorns@6fdcd0c)) * **deps:** update keycloak to v26.1.4 ([defenseunicorns#1356](defenseunicorns#1356)) ([31152f7](defenseunicorns@31152f7)) * **deps:** update pepr to v0.46.3 ([defenseunicorns#1365](defenseunicorns#1365)) ([304a556](defenseunicorns@304a556)) * **deps:** update prometheus-stack ([defenseunicorns#1362](defenseunicorns#1362)) ([ae40b27](defenseunicorns@ae40b27)) * **deps:** update prometheus-stack ([defenseunicorns#1380](defenseunicorns#1380)) ([eec3337](defenseunicorns@eec3337)) * **deps:** update support dependencies to v22.13.17 ([defenseunicorns#1401](defenseunicorns#1401)) ([8a81eec](defenseunicorns@8a81eec)) * **deps:** update support-deps ([defenseunicorns#1364](defenseunicorns#1364)) ([7819bec](defenseunicorns@7819bec)) * **deps:** update support-deps ([defenseunicorns#1376](defenseunicorns#1376)) ([dd22589](defenseunicorns@dd22589)) * **deps:** update support-deps ([defenseunicorns#1390](defenseunicorns#1390)) ([f06bb70](defenseunicorns@f06bb70)) * **deps:** update support-deps ([defenseunicorns#1392](defenseunicorns#1392)) ([c0762a3](defenseunicorns@c0762a3)) * **deps:** update ts-jest to v29.3.0 ([defenseunicorns#1377](defenseunicorns#1377)) ([8b2174a](defenseunicorns@8b2174a)) * **deps:** update velero to v8.6.0 ([defenseunicorns#1371](defenseunicorns#1371)) ([93a44e6](defenseunicorns@93a44e6)) * remove kiali and tempo references from repo ([defenseunicorns#1375](defenseunicorns#1375)) ([8374de3](defenseunicorns@8374de3)) * update how to scrape metrics ([defenseunicorns#1378](defenseunicorns#1378)) ([e808f7d](defenseunicorns@e808f7d)) * update unicorn ztunnel image to 1.25.0 ([defenseunicorns#1389](defenseunicorns#1389)) ([7e446cb](defenseunicorns@7e446cb)) ### Documentation * velero csi vsphere backups ([defenseunicorns#1385](defenseunicorns#1385)) ([5ae33b2](defenseunicorns@5ae33b2)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

renovate Bot requested a review from a team as a code owner March 24, 2025 19:03

renovate Bot force-pushed the renovate/prometheus-stack branch from ff9c5d5 to 49a9145 Compare March 24, 2025 20:47

renovate Bot changed the title ~~chore(deps): update prometheus-stack to v1.5.2~~ chore(deps): update prometheus-stack Mar 24, 2025

renovate Bot force-pushed the renovate/prometheus-stack branch from 49a9145 to 5cbe53a Compare March 25, 2025 15:07

renovate Bot force-pushed the renovate/prometheus-stack branch from 5cbe53a to f6ae493 Compare March 25, 2025 18:48

Merge branch 'main' into renovate/prometheus-stack

82a3338

mjnagel added the renovate-ready Label used to trigger Renovate PR CI label Mar 27, 2025

mjnagel approved these changes Mar 27, 2025

View reviewed changes

mjnagel enabled auto-merge (squash) March 27, 2025 19:26

mjnagel merged commit eec3337 into main Mar 27, 2025
15 of 19 checks passed

mjnagel deleted the renovate/prometheus-stack branch March 27, 2025 20:08

github-actions Bot mentioned this pull request Mar 27, 2025

chore(main): release 0.39.0 #1373

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update prometheus-stack#1380

chore(deps): update prometheus-stack#1380
mjnagel merged 2 commits intomainfrom
renovate/prometheus-stack

renovate Bot commented Mar 24, 2025 •

edited

Loading

Uh oh!

noahpb commented Mar 25, 2025

Uh oh!

renovate Bot commented Mar 27, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

renovate Bot commented Mar 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v70.3.0

What's Changed

New Contributors

Configuration

Uh oh!

noahpb commented Mar 25, 2025

Uh oh!

renovate Bot commented Mar 27, 2025

Edited/Blocked Notification

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

renovate Bot commented Mar 24, 2025 •

edited

Loading

`v70.3.0`