diff --git a/clusters/cl01tl/manifests/booklore/Deployment-booklore.yaml b/clusters/cl01tl/manifests/booklore/Deployment-booklore.yaml index 2a2eca7aa..46fdee13c 100644 --- a/clusters/cl01tl/manifests/booklore/Deployment-booklore.yaml +++ b/clusters/cl01tl/manifests/booklore/Deployment-booklore.yaml @@ -50,7 +50,7 @@ spec: value: "6060" - name: SWAGGER_ENABLED value: "false" - image: ghcr.io/booklore-app/booklore:v1.16.5 + image: ghcr.io/booklore-app/booklore:v1.17.0 imagePullPolicy: IfNotPresent name: main resources: diff --git a/clusters/cl01tl/manifests/ollama/Deployment-ollama-web.yaml b/clusters/cl01tl/manifests/ollama/Deployment-ollama-web.yaml index adc44eac1..1c724f677 100644 --- a/clusters/cl01tl/manifests/ollama/Deployment-ollama-web.yaml +++ b/clusters/cl01tl/manifests/ollama/Deployment-ollama-web.yaml @@ -77,7 +77,7 @@ spec: value: Authentik - name: OPENID_PROVIDER_URL value: https://authentik.alexlebens.net/application/o/ollama/.well-known/openid-configuration - image: ghcr.io/open-webui/open-webui:0.6.43 + image: ghcr.io/open-webui/open-webui:0.7.1 imagePullPolicy: IfNotPresent name: main resources: diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml index a7387598d..310ecc4e6 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagerconfigs.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -62,6 +62,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic sourceMatch: description: |- sourceMatch defines matchers for which one or more alerts have to exist for the inhibition @@ -101,6 +102,7 @@ spec: - name type: object type: array + x-kubernetes-list-type: atomic targetMatch: description: |- targetMatch defines matchers that have to be fulfilled in the alerts to be muted. @@ -140,8 +142,10 @@ spec: - name type: object type: array + x-kubernetes-list-type: atomic type: object type: array + x-kubernetes-list-type: atomic muteTimeIntervals: description: muteTimeIntervals defines the list of MuteTimeInterval specifying when the routes should be muted. items: @@ -172,6 +176,7 @@ spec: type: integer type: object type: array + x-kubernetes-list-type: atomic months: description: months defines a list of MonthRange items: @@ -181,6 +186,7 @@ spec: pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|1[0-2]|[1-9]))$)|$) type: string type: array + x-kubernetes-list-type: atomic times: description: times defines a list of TimeRange items: @@ -196,6 +202,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic weekdays: description: weekdays defines a list of WeekdayRange items: @@ -205,6 +212,7 @@ spec: pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$) type: string type: array + x-kubernetes-list-type: atomic years: description: years defines a list of YearRange items: @@ -212,12 +220,15 @@ spec: pattern: ^2\d{3}(?::2\d{3}|$) type: string type: array + x-kubernetes-list-type: atomic type: object type: array + x-kubernetes-list-type: atomic required: - name type: object type: array + x-kubernetes-list-type: atomic receivers: description: receivers defines the list of receivers. items: @@ -917,6 +928,7 @@ spec: - apiURL type: object type: array + x-kubernetes-list-type: atomic emailConfigs: description: emailConfigs defines the list of Email configurations. items: @@ -1011,6 +1023,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic hello: description: |- hello defines the hostname to identify to the SMTP server. @@ -1198,6 +1211,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic msteamsConfigs: description: |- msteamsConfigs defines the list of MSTeams configurations. @@ -1891,6 +1905,7 @@ spec: - webhookUrl type: object type: array + x-kubernetes-list-type: atomic msteamsv2Configs: description: |- msteamsv2Configs defines the list of MSTeamsV2 configurations. @@ -2579,6 +2594,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic name: description: name defines the name of the receiver. Must be unique across all items from the list. minLength: 1 @@ -2624,6 +2640,7 @@ spec: description: |- apiURL defines the URL to send OpsGenie API requests to. When not specified, defaults to the standard OpsGenie API endpoint. + pattern: ^https?://.+$ type: string description: description: |- @@ -2653,6 +2670,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic entity: description: |- entity defines an optional field that can be used to specify which domain alert is related to. @@ -3351,6 +3369,7 @@ spec: - type type: object type: array + x-kubernetes-list-type: atomic sendResolved: description: sendResolved defines whether or not to notify about resolved alerts. type: boolean @@ -3371,6 +3390,7 @@ spec: type: boolean type: object type: array + x-kubernetes-list-type: atomic pagerdutyConfigs: description: pagerdutyConfigs defines the List of PagerDuty configurations. items: @@ -3380,18 +3400,23 @@ spec: properties: class: description: class defines the class/type of the event. + minLength: 1 type: string client: description: client defines the client identification. + minLength: 1 type: string clientURL: description: clientURL defines the backlink to the sender of notification. + pattern: ^https?://.+$ type: string component: description: component defines the part or component of the affected system that is broken. + minLength: 1 type: string description: description: description of the incident. + minLength: 1 type: string details: description: details defines the arbitrary key/value pairs that provide further detail about the incident. @@ -3414,8 +3439,10 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic group: description: group defines a cluster or grouping of sources. + minLength: 1 type: string httpConfig: description: httpConfig defines the HTTP client configuration. @@ -4061,15 +4088,19 @@ spec: properties: alt: description: alt is the optional alternative text for the image. + minLength: 1 type: string href: description: href defines the optional URL; makes the image a clickable link. + pattern: ^https?://.+$ type: string src: description: src of the image being attached to the incident + minLength: 1 type: string type: object type: array + x-kubernetes-list-type: atomic pagerDutyLinkConfigs: description: pagerDutyLinkConfigs defines a list of link details to attach that provide further detail about an incident. items: @@ -4077,12 +4108,15 @@ spec: properties: alt: description: alt defines the text that describes the purpose of the link, and can be used as the link's text. + minLength: 1 type: string href: description: href defines the URL of the link to be attached + pattern: ^https?://.+$ type: string type: object type: array + x-kubernetes-list-type: atomic routingKey: description: |- routingKey defines the secret's key that contains the PagerDuty integration key (when using @@ -4141,15 +4175,25 @@ spec: x-kubernetes-map-type: atomic severity: description: severity of the incident. + minLength: 1 type: string source: description: source defines the unique location of the affected system. + minLength: 1 + type: string + timeout: + description: |- + timeout is the maximum time allowed to invoke the pagerduty + It requires Alertmanager >= v0.30.0. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string url: description: url defines the URL to send requests to. + pattern: ^https?://.+$ type: string type: object type: array + x-kubernetes-list-type: atomic pushoverConfigs: description: pushoverConfigs defines the list of Pushover configurations. items: @@ -4161,6 +4205,7 @@ spec: description: |- device defines the name of a specific device to send the notification to. If not specified, the notification is sent to all user's devices. + minLength: 1 type: string expire: description: |- @@ -4172,6 +4217,7 @@ spec: description: |- html defines whether notification message is HTML or plain text. When true, the message can include HTML formatting tags. + html and monospace formatting are mutually exclusive. type: boolean httpConfig: description: httpConfig defines the HTTP client configuration for Pushover API requests. @@ -4814,6 +4860,7 @@ spec: description: |- message defines the notification message content. This is the main body text of the Pushover notification. + minLength: 1 type: string monospace: description: |- @@ -4824,6 +4871,7 @@ spec: description: |- priority defines the notification priority level. See https://pushover.net/api#priority for valid values and behavior. + minLength: 1 type: string retry: description: |- @@ -4838,11 +4886,13 @@ spec: description: |- sound defines the name of one of the sounds supported by device clients. This overrides the user's default sound choice for this notification. + minLength: 1 type: string title: description: |- title defines the notification title displayed in the Pushover message. This appears as the bold header text in the notification. + minLength: 1 type: string token: description: |- @@ -4877,6 +4927,7 @@ spec: See https://pushover.net/apps for application registration. Either `token` or `tokenFile` is required. It requires Alertmanager >= v0.26.0. + minLength: 1 type: string ttl: description: |- @@ -4888,11 +4939,13 @@ spec: description: |- url defines a supplementary URL shown alongside the message. This creates a clickable link within the Pushover notification. + pattern: ^https?://.+$ type: string urlTitle: description: |- urlTitle defines a title for the supplementary URL. If not specified, the raw URL is shown instead. + minLength: 1 type: string userKey: description: |- @@ -4925,9 +4978,11 @@ spec: userKeyFile defines the user key file that contains the recipient user's user key. Either `userKey` or `userKeyFile` is required. It requires Alertmanager >= v0.26.0. + minLength: 1 type: string type: object type: array + x-kubernetes-list-type: atomic rocketchatConfigs: description: |- rocketchatConfigs defines the list of RocketChat configurations. @@ -4965,6 +5020,7 @@ spec: type: object minItems: 1 type: array + x-kubernetes-list-type: atomic apiURL: description: |- apiURL defines the API URL for RocketChat. @@ -5016,6 +5072,7 @@ spec: type: object minItems: 1 type: array + x-kubernetes-list-type: atomic httpConfig: description: httpConfig defines the HTTP client configuration for RocketChat API requests. properties: @@ -5755,6 +5812,7 @@ spec: - tokenID type: object type: array + x-kubernetes-list-type: atomic slackConfigs: description: slackConfigs defines the list of Slack configurations. items: @@ -5780,11 +5838,13 @@ spec: description: |- dismissText defines the label for the cancel button in the dialog. When not specified, defaults to "Cancel". This button cancels the action. + minLength: 1 type: string okText: description: |- okText defines the label for the confirmation button in the dialog. When not specified, defaults to "Okay". This button proceeds with the action. + minLength: 1 type: string text: description: |- @@ -5796,6 +5856,7 @@ spec: description: |- title defines the title text displayed at the top of the confirmation dialog. When not specified, a default title will be used. + minLength: 1 type: string required: - text @@ -5804,11 +5865,13 @@ spec: description: |- name defines a unique identifier for the action within the message. This value is sent back to your application when the action is triggered. + minLength: 1 type: string style: description: |- style defines the visual appearance of the action element. Valid values include "default", "primary" (green), and "danger" (red). + minLength: 1 type: string text: description: |- @@ -5826,17 +5889,21 @@ spec: description: |- url defines the URL to open when the action is triggered. Only applicable for button-type actions. When set, clicking the button opens this URL. + pattern: ^https?://.+$ type: string value: description: |- value defines the payload sent when the action is triggered. This data is included in the callback sent to your application. + minLength: 1 type: string required: - text - type type: object + minItems: 1 type: array + x-kubernetes-list-type: atomic apiURL: description: |- apiURL defines the secret's key that contains the Slack webhook URL. @@ -5864,17 +5931,21 @@ spec: x-kubernetes-map-type: atomic callbackId: description: callbackId defines an identifier for the message used in interactive components. + minLength: 1 type: string channel: description: channel defines the channel or user to send notifications to. + minLength: 1 type: string color: description: |- color defines the color of the left border of the Slack message attachment. Can be a hex color code (e.g., "#ff0000") or a predefined color name. + minLength: 1 type: string fallback: description: fallback defines a plain-text summary of the attachment for clients that don't support attachments. + minLength: 1 type: string fields: description: fields defines a list of Slack fields that are sent with each notification. @@ -5907,9 +5978,12 @@ spec: - title - value type: object + minItems: 1 type: array + x-kubernetes-list-type: atomic footer: description: footer defines small text displayed at the bottom of the message attachment. + minLength: 1 type: string httpConfig: description: httpConfig defines the HTTP client configuration. @@ -6550,12 +6624,15 @@ spec: type: object iconEmoji: description: iconEmoji defines the emoji to use as the bot's avatar (e.g., ":ghost:"). + minLength: 1 type: string iconURL: description: iconURL defines the URL to an image to use as the bot's avatar. + pattern: ^https?://.+$ type: string imageURL: description: imageURL defines the URL to an image file that will be displayed inside the message attachment. + pattern: ^https?://.+$ type: string linkNames: description: |- @@ -6567,10 +6644,14 @@ spec: mrkdwnIn defines which fields should be parsed as Slack markdown. Valid values include "pretext", "text", and "fields". items: + minLength: 1 type: string + minItems: 1 type: array + x-kubernetes-list-type: atomic pretext: description: pretext defines optional text that appears above the message attachment block. + minLength: 1 type: string sendResolved: description: sendResolved defines whether or not to notify about resolved alerts. @@ -6582,23 +6663,36 @@ spec: type: boolean text: description: text defines the main text content of the Slack message attachment. + minLength: 1 type: string thumbURL: description: |- thumbURL defines the URL to an image file that will be displayed as a thumbnail on the right side of the message attachment. + pattern: ^https?://.+$ + type: string + timeout: + description: |- + timeout defines the maximum time to wait for a webhook request to complete, + before failing the request and allowing it to be retried. + It requires Alertmanager >= v0.30.0. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string title: description: title defines the title text displayed in the Slack message attachment. + minLength: 1 type: string titleLink: description: titleLink defines the URL that the title will link to when clicked. + pattern: ^https?://.+$ type: string username: description: username defines the slack bot user name. + minLength: 1 type: string type: object type: array + x-kubernetes-list-type: atomic snsConfigs: description: snsConfigs defines the list of SNS configurations items: @@ -7353,6 +7447,7 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic telegramConfigs: description: telegramConfigs defines the list of Telegram configurations. items: @@ -7364,6 +7459,7 @@ spec: description: |- apiURL defines the Telegram API URL, e.g. https://api.telegram.org. If not specified, the default Telegram API URL will be used. + pattern: ^https?://.+$ type: string botToken: description: |- @@ -8075,6 +8171,7 @@ spec: - chatID type: object type: array + x-kubernetes-list-type: atomic victoropsConfigs: description: victoropsConfigs defines the list of VictorOps configurations. items: @@ -8111,6 +8208,7 @@ spec: description: |- apiUrl defines the VictorOps API URL. When not specified, defaults to the standard VictorOps API endpoint. + pattern: ^https?://.+$ type: string customFields: description: |- @@ -8135,10 +8233,12 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic entityDisplayName: description: |- entityDisplayName contains a summary of the alerted problem. This appears as the main title or identifier for the incident. + minLength: 1 type: string httpConfig: description: httpConfig defines the HTTP client's configuration for VictorOps API requests. @@ -8781,16 +8881,19 @@ spec: description: |- messageType describes the behavior of the alert. Valid values are "CRITICAL", "WARNING", and "INFO". + minLength: 1 type: string monitoringTool: description: |- monitoringTool defines the monitoring tool the state message is from. This helps identify the source system that generated the alert. + minLength: 1 type: string routingKey: description: |- routingKey defines a key used to map the alert to a team. This determines which VictorOps team will receive the alert notification. + minLength: 1 type: string sendResolved: description: sendResolved defines whether or not to notify about resolved alerts. @@ -8799,9 +8902,13 @@ spec: description: |- stateMessage contains a long explanation of the alerted problem. This provides detailed context about the incident. + minLength: 1 type: string + required: + - routingKey type: object type: array + x-kubernetes-list-type: atomic webexConfigs: description: webexConfigs defines the list of Webex configurations. items: @@ -9464,6 +9571,7 @@ spec: - roomID type: object type: array + x-kubernetes-list-type: atomic webhookConfigs: description: webhookConfigs defines the List of webhook configurations. items: @@ -10129,6 +10237,7 @@ spec: description: |- url defines the URL to send HTTP POST requests to. urlSecret takes precedence over url. One of urlSecret and url should be defined. + pattern: ^https?://.+$ type: string urlSecret: description: |- @@ -10158,6 +10267,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic wechatConfigs: description: wechatConfigs defines the list of WeChat configurations. items: @@ -10199,6 +10309,7 @@ spec: description: |- apiURL defines the WeChat API URL. When not specified, defaults to the standard WeChat Work API endpoint. + pattern: ^https?://.+$ type: string corpID: description: |- @@ -10872,10 +10983,14 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map route: description: |- route defines the Alertmanager route definition for alerts matching the resource's @@ -10887,6 +11002,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set continue: description: |- continue defines the boolean indicating whether an alert should continue matching subsequent @@ -10901,6 +11017,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set groupInterval: description: |- groupInterval defines how long to wait before sending an updated notification. @@ -10953,11 +11070,13 @@ spec: - name type: object type: array + x-kubernetes-list-type: atomic muteTimeIntervals: description: muteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, items: type: string type: array + x-kubernetes-list-type: set receiver: description: |- receiver defines the name of the receiver for this route. If not empty, it should be listed in @@ -10974,10 +11093,106 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + x-kubernetes-list-type: atomic type: object type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the ServiceMonitor. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration resource. + items: + description: WorkloadBinding is a link between a configuration resource and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml index 4bfaa93dd..54b833454 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-alertmanagers.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -2159,7 +2159,7 @@ spec: type: string type: object webex: - description: webex defines the default configuration for Jira. + description: webex defines the default configuration for Webex. properties: apiURL: description: |- @@ -5815,10 +5815,18 @@ spec: type: string minReadySeconds: description: |- - minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready - without any of its container crashing for it to be considered available. + minReadySeconds defines the minimum number of seconds for which a newly + created pod should be ready without any of its container crashing for it + to be considered available. If unset, pods will be considered available as soon as they are ready. + + When the Alertmanager version is greater than or equal to v0.30.0, the + duration is also used to delay the first flush of the aggregation + groups. This delay helps ensuring that all alerts have been resent by + the Prometheus instances to Alertmanager after a roll-out. It is + possible to override this behavior passing a custom value via + `.spec.additionalArgs`. format: int32 minimum: 0 type: integer @@ -5855,6 +5863,21 @@ spec: the replica count to be deleted. type: string type: object + podManagementPolicy: + description: |- + podManagementPolicy defines the policy for creating/deleting pods when + scaling up and down. + + Unlike the default StatefulSet behavior, the default policy is + `Parallel` to avoid manual intervention in case a pod gets stuck during + a rollout. + + Note that updating this value implies the recreation of the StatefulSet + which incurs a service outage. + enum: + - OrderedReady + - Parallel + type: string podMetadata: description: |- podMetadata defines labels and annotations which are propagated to the Alertmanager pods. @@ -7092,6 +7115,47 @@ spec: - whenUnsatisfiable type: object type: array + updateStrategy: + description: |- + updateStrategy indicates the strategy that will be employed to update + Pods in the StatefulSet when a revision is made to statefulset's Pod + Template. + + The default strategy is RollingUpdate. + properties: + rollingUpdate: + description: rollingUpdate is used to communicate parameters when type is RollingUpdate. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable is the maximum number of pods that can be unavailable + during the update. The value can be an absolute number (ex: 5) or a + percentage of desired pods (ex: 10%). Absolute number is calculated from + percentage by rounding up. This can not be 0. Defaults to 1. This field + is alpha-level and is only honored by servers that enable the + MaxUnavailableStatefulSet feature. The field applies to all pods in the + range 0 to Replicas-1. That means if there is any unavailable pod in + the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + type indicates the type of the StatefulSetUpdateStrategy. + + Default is RollingUpdate. + enum: + - OnDelete + - RollingUpdate + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: rollingUpdate requires type to be RollingUpdate + rule: '!(self.type != ''RollingUpdate'' && has(self.rollingUpdate))' version: description: version the cluster should be on. type: string diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml index 5532ef5fc..428a4fc9e 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-podmonitors.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -1122,6 +1122,11 @@ spec: Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-probes.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-probes.monitoring.coreos.com.yaml index 835b8ddaf..17fe89af2 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-probes.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-probes.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -51,7 +51,11 @@ spec: description: spec defines the specification of desired Ingress selection for target discovery by Prometheus. properties: authorization: - description: authorization section for this endpoint + description: |- + authorization configures the Authorization header credentials used by + the client. + + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: description: credentials defines a key of a Secret in the namespace that contains the credentials for authentication. @@ -86,8 +90,10 @@ spec: type: object basicAuth: description: |- - basicAuth allow an endpoint to authenticate over basic authentication. - More info: https://prometheus.io/docs/operating/configuration/#endpoint + basicAuth defines the Basic Authentication credentials used by the + client. + + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- @@ -140,9 +146,14 @@ spec: type: object bearerTokenSecret: description: |- - bearerTokenSecret defines the secret to mount to read bearer token for scraping targets. The secret - needs to be in the same namespace as the probe and accessible by - the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. + + Deprecated: use `authorization` instead. properties: key: description: The key of the secret to select from. Must be a valid secret key. @@ -168,6 +179,9 @@ spec: convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean fallbackScrapeProtocol: description: |- fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. @@ -180,6 +194,11 @@ spec: - PrometheusText0.0.4 - PrometheusText1.0.0 type: string + followRedirects: + description: |- + followRedirects defines whether the client should follow HTTP 3xx + redirects. + type: boolean interval: description: |- interval at which targets are probed using the configured prober. @@ -324,7 +343,12 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true oauth2: - description: oauth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + description: |- + oauth2 defines the OAuth2 settings used by the client. + + It requires Prometheus >= 2.27.0. + + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- @@ -746,6 +770,11 @@ spec: Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the @@ -1051,7 +1080,7 @@ spec: type: object type: object tlsConfig: - description: tlsConfig defines the TLS configuration to use when scraping the endpoint. + description: tlsConfig defines the TLS configuration used by the client. properties: ca: description: ca defines the Certificate authority used when verifying server certificates. diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml index d7a16bc96..4c9881bbe 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusagents.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -4939,6 +4939,21 @@ spec: the replica count to be deleted. type: string type: object + podManagementPolicy: + description: |- + podManagementPolicy defines the policy for creating/deleting pods when + scaling up and down. + + Unlike the default StatefulSet behavior, the default policy is + `Parallel` to avoid manual intervention in case a pod gets stuck during + a rollout. + + Note that updating this value implies the recreation of the StatefulSet + which incurs a service outage. + enum: + - OrderedReady + - Parallel + type: string podMetadata: description: |- podMetadata defines labels and annotations which are propagated to the Prometheus pods. @@ -5284,7 +5299,7 @@ spec: managedIdentity: description: |- managedIdentity defines the Azure User-assigned Managed identity. - Cannot be set at the same time as `oauth` or `sdk`. + Cannot be set at the same time as `oauth`, `sdk` or `workloadIdentity`. properties: clientId: description: |- @@ -5297,7 +5312,7 @@ spec: oauth: description: |- oauth defines the oauth config that is being used to authenticate. - Cannot be set at the same time as `managedIdentity` or `sdk`. + Cannot be set at the same time as `managedIdentity`, `sdk` or `workloadIdentity`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: @@ -5337,11 +5352,17 @@ spec: - clientSecret - tenantId type: object + scope: + description: |- + scope is the custom OAuth 2.0 scope to request when acquiring tokens. + It requires Prometheus >= 3.9.0. Currently not supported by Thanos. + pattern: ^[\w\s:/.\\-]+$ + type: string sdk: description: |- sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication - Cannot be set at the same time as `oauth` or `managedIdentity`. + Cannot be set at the same time as `oauth`, `managedIdentity` or `workloadIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: @@ -5350,6 +5371,25 @@ spec: pattern: ^[0-9a-zA-Z-.]+$ type: string type: object + workloadIdentity: + description: |- + workloadIdentity defines the Azure Workload Identity authentication. + Cannot be set at the same time as `oauth`, `managedIdentity`, or `sdk`. + + It requires Prometheus >= 3.7.0. Currently not supported by Thanos. + properties: + clientId: + description: clientId is the clientID of the Azure Active Directory application. + minLength: 1 + type: string + tenantId: + description: tenantId is the tenant ID of the Azure Active Directory application. + minLength: 1 + type: string + required: + - clientId + - tenantId + type: object type: object basicAuth: description: |- @@ -6926,6 +6966,11 @@ spec: Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the @@ -8220,15 +8265,18 @@ spec: in a breaking way. properties: clientType: - description: clientType defines the client used to export the traces. Supported values are `http` or `grpc`. + description: clientType defines the client used to export the traces. Supported values are `HTTP` and `GRPC`. enum: - http - grpc + - HTTP + - GRPC type: string compression: - description: compression key for supported compression types. The only supported value is `gzip`. + description: compression key for supported compression types. The only supported value is `Gzip`. enum: - gzip + - Gzip type: string endpoint: description: endpoint to send the traces to. Should be provided in format :. @@ -8435,6 +8483,47 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object + updateStrategy: + description: |- + updateStrategy indicates the strategy that will be employed to update + Pods in the StatefulSet when a revision is made to statefulset's Pod + Template. + + The default strategy is RollingUpdate. + properties: + rollingUpdate: + description: rollingUpdate is used to communicate parameters when type is RollingUpdate. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable is the maximum number of pods that can be unavailable + during the update. The value can be an absolute number (ex: 5) or a + percentage of desired pods (ex: 10%). Absolute number is calculated from + percentage by rounding up. This can not be 0. Defaults to 1. This field + is alpha-level and is only honored by servers that enable the + MaxUnavailableStatefulSet feature. The field applies to all pods in the + range 0 to Replicas-1. That means if there is any unavailable pod in + the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + type indicates the type of the StatefulSetUpdateStrategy. + + Default is RollingUpdate. + enum: + - OnDelete + - RollingUpdate + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: rollingUpdate requires type to be RollingUpdate + rule: '!(self.type != ''RollingUpdate'' && has(self.rollingUpdate))' version: description: |- version of Prometheus being deployed. The operator uses this information @@ -10601,6 +10690,16 @@ spec: rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.scrapeConfigSelector))' - message: probeSelector cannot be set when mode is DaemonSet rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.probeSelector))' + - message: scrapeConfigNamespaceSelector cannot be set when mode is DaemonSet + rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.scrapeConfigNamespaceSelector))' + - message: probeNamespaceSelector cannot be set when mode is DaemonSet + rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.probeNamespaceSelector))' + - message: serviceMonitorSelector cannot be set when mode is DaemonSet + rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.serviceMonitorSelector))' + - message: serviceMonitorNamespaceSelector cannot be set when mode is DaemonSet + rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.serviceMonitorNamespaceSelector))' + - message: additionalScrapeConfigs cannot be set when mode is DaemonSet + rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.additionalScrapeConfigs))' status: description: |- status defines the most recent observed status of the Prometheus cluster. Read-only. diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml index 3bbd0a894..0b2e4ef55 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheuses.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -5676,6 +5676,21 @@ spec: the replica count to be deleted. type: string type: object + podManagementPolicy: + description: |- + podManagementPolicy defines the policy for creating/deleting pods when + scaling up and down. + + Unlike the default StatefulSet behavior, the default policy is + `Parallel` to avoid manual intervention in case a pod gets stuck during + a rollout. + + Note that updating this value implies the recreation of the StatefulSet + which incurs a service outage. + enum: + - OrderedReady + - Parallel + type: string podMetadata: description: |- podMetadata defines labels and annotations which are propagated to the Prometheus pods. @@ -6762,7 +6777,7 @@ spec: managedIdentity: description: |- managedIdentity defines the Azure User-assigned Managed identity. - Cannot be set at the same time as `oauth` or `sdk`. + Cannot be set at the same time as `oauth`, `sdk` or `workloadIdentity`. properties: clientId: description: |- @@ -6775,7 +6790,7 @@ spec: oauth: description: |- oauth defines the oauth config that is being used to authenticate. - Cannot be set at the same time as `managedIdentity` or `sdk`. + Cannot be set at the same time as `managedIdentity`, `sdk` or `workloadIdentity`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: @@ -6815,11 +6830,17 @@ spec: - clientSecret - tenantId type: object + scope: + description: |- + scope is the custom OAuth 2.0 scope to request when acquiring tokens. + It requires Prometheus >= 3.9.0. Currently not supported by Thanos. + pattern: ^[\w\s:/.\\-]+$ + type: string sdk: description: |- sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication - Cannot be set at the same time as `oauth` or `managedIdentity`. + Cannot be set at the same time as `oauth`, `managedIdentity` or `workloadIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: @@ -6828,6 +6849,25 @@ spec: pattern: ^[0-9a-zA-Z-.]+$ type: string type: object + workloadIdentity: + description: |- + workloadIdentity defines the Azure Workload Identity authentication. + Cannot be set at the same time as `oauth`, `managedIdentity`, or `sdk`. + + It requires Prometheus >= 3.7.0. Currently not supported by Thanos. + properties: + clientId: + description: clientId is the clientID of the Azure Active Directory application. + minLength: 1 + type: string + tenantId: + description: tenantId is the tenant ID of the Azure Active Directory application. + minLength: 1 + type: string + required: + - clientId + - tenantId + type: object type: object basicAuth: description: |- @@ -8543,6 +8583,11 @@ spec: Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the @@ -10363,15 +10408,18 @@ spec: in a breaking way. properties: clientType: - description: clientType defines the client used to export the traces. Supported values are `http` or `grpc`. + description: clientType defines the client used to export the traces. Supported values are `HTTP` and `GRPC`. enum: - http - grpc + - HTTP + - GRPC type: string compression: - description: compression key for supported compression types. The only supported value is `gzip`. + description: compression key for supported compression types. The only supported value is `Gzip`. enum: - gzip + - Gzip type: string endpoint: description: endpoint to send the traces to. Should be provided in format :. @@ -10578,6 +10626,47 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object + updateStrategy: + description: |- + updateStrategy indicates the strategy that will be employed to update + Pods in the StatefulSet when a revision is made to statefulset's Pod + Template. + + The default strategy is RollingUpdate. + properties: + rollingUpdate: + description: rollingUpdate is used to communicate parameters when type is RollingUpdate. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable is the maximum number of pods that can be unavailable + during the update. The value can be an absolute number (ex: 5) or a + percentage of desired pods (ex: 10%). Absolute number is calculated from + percentage by rounding up. This can not be 0. Defaults to 1. This field + is alpha-level and is only honored by servers that enable the + MaxUnavailableStatefulSet feature. The field applies to all pods in the + range 0 to Replicas-1. That means if there is any unavailable pod in + the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + type indicates the type of the StatefulSetUpdateStrategy. + + Default is RollingUpdate. + enum: + - OnDelete + - RollingUpdate + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: rollingUpdate requires type to be RollingUpdate + rule: '!(self.type != ''RollingUpdate'' && has(self.rollingUpdate))' version: description: |- version of Prometheus being deployed. The operator uses this information diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml index 090381cfb..016230a02 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-prometheusrules.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: prometheusrules.monitoring.coreos.com spec: group: monitoring.coreos.com diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml index adff7c328..5ea14b24b 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-scrapeconfigs.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: scrapeconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -11498,6 +11498,11 @@ spec: description: scrapeInterval defines the interval between consecutive scrapes. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml index bbea29d83..c6946781a 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-servicemonitors.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: servicemonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -94,10 +94,10 @@ spec: properties: authorization: description: |- - authorization configures the Authorization header credentials to use when - scraping the target. + authorization configures the Authorization header credentials used by + the client. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: description: credentials defines a key of a Secret in the namespace that contains the credentials for authentication. @@ -132,10 +132,10 @@ spec: type: object basicAuth: description: |- - basicAuth defines the Basic Authentication credentials to use when - scraping the target. + basicAuth defines the Basic Authentication credentials used by the + client. - Cannot be set at the same time as `authorization`, or `oauth2`. + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- @@ -194,9 +194,12 @@ spec: type: string bearerTokenSecret: description: |- - bearerTokenSecret defines a key of a Secret containing the bearer - token for scraping targets. The secret needs to be in the same namespace - as the ServiceMonitor object and readable by the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. Deprecated: use `authorization` instead. properties: @@ -220,7 +223,7 @@ spec: type: object x-kubernetes-map-type: atomic enableHttp2: - description: enableHttp2 can be used to disable HTTP2 when scraping the target. + description: enableHttp2 can be used to disable HTTP2. type: boolean filterRunning: description: |- @@ -233,8 +236,8 @@ spec: type: boolean followRedirects: description: |- - followRedirects defines whether the scrape requests should follow HTTP - 3xx redirects. + followRedirects defines whether the client should follow HTTP 3xx + redirects. type: boolean honorLabels: description: |- @@ -350,11 +353,11 @@ spec: type: string oauth2: description: |- - oauth2 defines the OAuth2 settings to use when scraping the target. + oauth2 defines the OAuth2 settings used by the client. It requires Prometheus >= 2.27.0. - Cannot be set at the same time as `authorization`, or `basicAuth`. + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- @@ -833,7 +836,7 @@ spec: Service. The port must be specified with the container's port property. x-kubernetes-int-or-string: true tlsConfig: - description: tlsConfig defines the TLS configuration to use when scraping the target. + description: tlsConfig defines TLS configuration used by the client. properties: ca: description: ca defines the Certificate authority used when verifying server certificates. @@ -1112,6 +1115,11 @@ spec: Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean + scrapeNativeHistograms: + description: |- + scrapeNativeHistograms defines whether to enable scraping of native histograms. + It requires Prometheus >= v3.8.0. + type: boolean scrapeProtocols: description: |- scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the diff --git a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml index 650ae9dc5..a4495dd5d 100644 --- a/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml +++ b/clusters/cl01tl/manifests/prometheus-operator-crds/CustomResourceDefinition-thanosrulers.monitoring.coreos.com.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 - operator.prometheus.io/version: 0.87.1 + operator.prometheus.io/version: 0.88.0 name: thanosrulers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -4453,6 +4453,21 @@ spec: paused defines when a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean + podManagementPolicy: + description: |- + podManagementPolicy defines the policy for creating/deleting pods when + scaling up and down. + + Unlike the default StatefulSet behavior, the default policy is + `Parallel` to avoid manual intervention in case a pod gets stuck during + a rollout. + + Note that updating this value implies the recreation of the StatefulSet + which incurs a service outage. + enum: + - OrderedReady + - Parallel + type: string podMetadata: description: |- podMetadata defines labels and annotations which are propagated to the ThanosRuler pods. @@ -4637,7 +4652,7 @@ spec: managedIdentity: description: |- managedIdentity defines the Azure User-assigned Managed identity. - Cannot be set at the same time as `oauth` or `sdk`. + Cannot be set at the same time as `oauth`, `sdk` or `workloadIdentity`. properties: clientId: description: |- @@ -4650,7 +4665,7 @@ spec: oauth: description: |- oauth defines the oauth config that is being used to authenticate. - Cannot be set at the same time as `managedIdentity` or `sdk`. + Cannot be set at the same time as `managedIdentity`, `sdk` or `workloadIdentity`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: @@ -4690,11 +4705,17 @@ spec: - clientSecret - tenantId type: object + scope: + description: |- + scope is the custom OAuth 2.0 scope to request when acquiring tokens. + It requires Prometheus >= 3.9.0. Currently not supported by Thanos. + pattern: ^[\w\s:/.\\-]+$ + type: string sdk: description: |- sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication - Cannot be set at the same time as `oauth` or `managedIdentity`. + Cannot be set at the same time as `oauth`, `managedIdentity` or `workloadIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: @@ -4703,6 +4724,25 @@ spec: pattern: ^[0-9a-zA-Z-.]+$ type: string type: object + workloadIdentity: + description: |- + workloadIdentity defines the Azure Workload Identity authentication. + Cannot be set at the same time as `oauth`, `managedIdentity`, or `sdk`. + + It requires Prometheus >= 3.7.0. Currently not supported by Thanos. + properties: + clientId: + description: clientId is the clientID of the Azure Active Directory application. + minLength: 1 + type: string + tenantId: + description: tenantId is the tenant ID of the Azure Active Directory application. + minLength: 1 + type: string + required: + - clientId + - tenantId + type: object type: object basicAuth: description: |- @@ -6914,6 +6954,47 @@ spec: This field takes precedence over `tracingConfig`. type: string + updateStrategy: + description: |- + updateStrategy indicates the strategy that will be employed to update + Pods in the StatefulSet when a revision is made to statefulset's Pod + Template. + + The default strategy is RollingUpdate. + properties: + rollingUpdate: + description: rollingUpdate is used to communicate parameters when type is RollingUpdate. + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + maxUnavailable is the maximum number of pods that can be unavailable + during the update. The value can be an absolute number (ex: 5) or a + percentage of desired pods (ex: 10%). Absolute number is calculated from + percentage by rounding up. This can not be 0. Defaults to 1. This field + is alpha-level and is only honored by servers that enable the + MaxUnavailableStatefulSet feature. The field applies to all pods in the + range 0 to Replicas-1. That means if there is any unavailable pod in + the range 0 to Replicas-1, it will be counted towards MaxUnavailable. + x-kubernetes-int-or-string: true + type: object + type: + description: |- + type indicates the type of the StatefulSetUpdateStrategy. + + Default is RollingUpdate. + enum: + - OnDelete + - RollingUpdate + type: string + required: + - type + type: object + x-kubernetes-validations: + - message: rollingUpdate requires type to be RollingUpdate + rule: '!(self.type != ''RollingUpdate'' && has(self.rollingUpdate))' version: description: version of Thanos to be deployed. type: string