From 6993349a36f7d0019c5cac26ead8a1e149005425 Mon Sep 17 00:00:00 2001 From: Jiri Tyr Date: Thu, 16 Jun 2022 16:00:45 +0100 Subject: [PATCH] fix: Adding PodMonitor resources Signed-off-by: Jiri Tyr --- cmd/build/helmify/static/README.md | 2 ++ .../podmonitor-audit-controller.yaml | 26 +++++++++++++++++++ .../podmonitor-controller-manager.yaml | 26 +++++++++++++++++++ cmd/build/helmify/static/values.yaml | 3 +++ manifest_staging/charts/gatekeeper/README.md | 2 ++ .../podmonitor-audit-controller.yaml | 26 +++++++++++++++++++ .../podmonitor-controller-manager.yaml | 26 +++++++++++++++++++ .../charts/gatekeeper/values.yaml | 3 +++ 8 files changed, 114 insertions(+) create mode 100644 cmd/build/helmify/static/templates/podmonitor-audit-controller.yaml create mode 100644 cmd/build/helmify/static/templates/podmonitor-controller-manager.yaml create mode 100644 manifest_staging/charts/gatekeeper/templates/podmonitor-audit-controller.yaml create mode 100644 manifest_staging/charts/gatekeeper/templates/podmonitor-controller-manager.yaml diff --git a/cmd/build/helmify/static/README.md b/cmd/build/helmify/static/README.md index bb0c705329a..38364f5dc23 100644 --- a/cmd/build/helmify/static/README.md +++ b/cmd/build/helmify/static/README.md @@ -161,6 +161,8 @@ _See [Exempting Namespaces](https://open-policy-agent.github.io/gatekeeper/websi | service.loadBalancerIP | The IP address of LoadBalancer service | `` | | service.healthzPort | Service port to gatekeeper Webhook health port | `9090` | | rbac.create | Enable the creation of RBAC resources | `true` | +| podMonitor.enabled | Whether to install `PodMonitor` resources or not | `false` | +| podMonitor.extraLabels | Extra labels for `PodMonitor` resources | `{}` | ## Contributing Changes diff --git a/cmd/build/helmify/static/templates/podmonitor-audit-controller.yaml b/cmd/build/helmify/static/templates/podmonitor-audit-controller.yaml new file mode 100644 index 00000000000..6240a6fdd8a --- /dev/null +++ b/cmd/build/helmify/static/templates/podmonitor-audit-controller.yaml @@ -0,0 +1,26 @@ +{{- if .Values.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + labels: + app: '{{ template "gatekeeper.name" . }}' + chart: '{{ template "gatekeeper.name" . }}' + gatekeeper.sh/system: "yes" + heritage: '{{ .Release.Service }}' + release: '{{ .Release.Name }}' + {{- with .Values.podMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: gatekeeper-audit-controller +spec: + namespaceSelector: + matchNames: + - '{{ .Release.Namespace }}' + selector: + matchLabels: + app: '{{ template "gatekeeper.name" . }}' + control-plane: audit-controller + release: '{{ .Release.Name }}' + podMetricsEndpoints: + - port: metrics +{{- end }} diff --git a/cmd/build/helmify/static/templates/podmonitor-controller-manager.yaml b/cmd/build/helmify/static/templates/podmonitor-controller-manager.yaml new file mode 100644 index 00000000000..3125fdbc374 --- /dev/null +++ b/cmd/build/helmify/static/templates/podmonitor-controller-manager.yaml @@ -0,0 +1,26 @@ +{{- if .Values.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: gatekeeper-controller-manager + labels: + app: '{{ template "gatekeeper.name" . }}' + chart: '{{ template "gatekeeper.name" . }}' + gatekeeper.sh/system: "yes" + heritage: '{{ .Release.Service }}' + release: '{{ .Release.Name }}' + {{- with .Values.podMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + namespaceSelector: + matchNames: + - '{{ .Release.Namespace }}' + selector: + matchLabels: + app: '{{ template "gatekeeper.name" . }}' + control-plane: controller-manager + release: '{{ .Release.Name }}' + podMetricsEndpoints: + - port: metrics +{{- end }} diff --git a/cmd/build/helmify/static/values.yaml b/cmd/build/helmify/static/values.yaml index cc04a302e1d..77e40962196 100644 --- a/cmd/build/helmify/static/values.yaml +++ b/cmd/build/helmify/static/values.yaml @@ -206,3 +206,6 @@ upgradeCRDs: extraRules: [] rbac: create: true +podMonitor: + enabled: false + extraLabels: {} diff --git a/manifest_staging/charts/gatekeeper/README.md b/manifest_staging/charts/gatekeeper/README.md index bb0c705329a..38364f5dc23 100644 --- a/manifest_staging/charts/gatekeeper/README.md +++ b/manifest_staging/charts/gatekeeper/README.md @@ -161,6 +161,8 @@ _See [Exempting Namespaces](https://open-policy-agent.github.io/gatekeeper/websi | service.loadBalancerIP | The IP address of LoadBalancer service | `` | | service.healthzPort | Service port to gatekeeper Webhook health port | `9090` | | rbac.create | Enable the creation of RBAC resources | `true` | +| podMonitor.enabled | Whether to install `PodMonitor` resources or not | `false` | +| podMonitor.extraLabels | Extra labels for `PodMonitor` resources | `{}` | ## Contributing Changes diff --git a/manifest_staging/charts/gatekeeper/templates/podmonitor-audit-controller.yaml b/manifest_staging/charts/gatekeeper/templates/podmonitor-audit-controller.yaml new file mode 100644 index 00000000000..6240a6fdd8a --- /dev/null +++ b/manifest_staging/charts/gatekeeper/templates/podmonitor-audit-controller.yaml @@ -0,0 +1,26 @@ +{{- if .Values.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + labels: + app: '{{ template "gatekeeper.name" . }}' + chart: '{{ template "gatekeeper.name" . }}' + gatekeeper.sh/system: "yes" + heritage: '{{ .Release.Service }}' + release: '{{ .Release.Name }}' + {{- with .Values.podMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: gatekeeper-audit-controller +spec: + namespaceSelector: + matchNames: + - '{{ .Release.Namespace }}' + selector: + matchLabels: + app: '{{ template "gatekeeper.name" . }}' + control-plane: audit-controller + release: '{{ .Release.Name }}' + podMetricsEndpoints: + - port: metrics +{{- end }} diff --git a/manifest_staging/charts/gatekeeper/templates/podmonitor-controller-manager.yaml b/manifest_staging/charts/gatekeeper/templates/podmonitor-controller-manager.yaml new file mode 100644 index 00000000000..3125fdbc374 --- /dev/null +++ b/manifest_staging/charts/gatekeeper/templates/podmonitor-controller-manager.yaml @@ -0,0 +1,26 @@ +{{- if .Values.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: gatekeeper-controller-manager + labels: + app: '{{ template "gatekeeper.name" . }}' + chart: '{{ template "gatekeeper.name" . }}' + gatekeeper.sh/system: "yes" + heritage: '{{ .Release.Service }}' + release: '{{ .Release.Name }}' + {{- with .Values.podMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + namespaceSelector: + matchNames: + - '{{ .Release.Namespace }}' + selector: + matchLabels: + app: '{{ template "gatekeeper.name" . }}' + control-plane: controller-manager + release: '{{ .Release.Name }}' + podMetricsEndpoints: + - port: metrics +{{- end }} diff --git a/manifest_staging/charts/gatekeeper/values.yaml b/manifest_staging/charts/gatekeeper/values.yaml index cc04a302e1d..77e40962196 100644 --- a/manifest_staging/charts/gatekeeper/values.yaml +++ b/manifest_staging/charts/gatekeeper/values.yaml @@ -206,3 +206,6 @@ upgradeCRDs: extraRules: [] rbac: create: true +podMonitor: + enabled: false + extraLabels: {}