diff --git a/jsonnetfile.lock.json b/jsonnetfile.lock.json
index 8f6f13bed953b94bb44d1266e7f73a38cffd28f9..cd9235302bc6f6b6bde96145de005730afbe4c84 100644
--- a/jsonnetfile.lock.json
+++ b/jsonnetfile.lock.json
@@ -18,7 +18,7 @@
"subdir": "contrib/mixin"
}
},
- "version": "fb8a315be6660d0560edc94094fa99274c4d0990",
+ "version": "e1ebc260a9bb609ad4c07f7691d8517d1a6c3ad1",
"sum": "GdePvMDfLQcVhwzk/Ephi/jC27ywGObLB5t0eC0lXd4="
},
{
@@ -58,7 +58,7 @@
"subdir": "grafana-builder"
}
},
- "version": "619d7e29bcede0e9ef89c849eeceef0b1c06dcae",
+ "version": "6b312900746a7f379d67afd46f263745e2ab5d01",
"sum": "xEFMv4+ObwP5L1Wu0XK5agWci4AJzNApys6iKAQxLlQ="
},
{
@@ -68,8 +68,8 @@
"subdir": ""
}
},
- "version": "63337d921db856bbcd2e91814a0ac90c250410d6",
- "sum": "x8/bMVUaNMZEh6mcwhLmTlBJnaleRqhhV+w/+h0H0Pc="
+ "version": "baffdc10fb6336c43b549cff3cc52b09d4df3c03",
+ "sum": "eyfIL6KkkWEql9AdFEXA4oNelWbkvzlGuPmHFjFlV+g="
},
{
"source": {
@@ -78,7 +78,7 @@
"subdir": "jsonnet/kube-state-metrics"
}
},
- "version": "76f42c19af50ff7c0390a1c57c680b07b6eb3e8a",
+ "version": "b91dd311397047f15aae4f6dacba0708f24cf446",
"sum": "+dOzAK+fwsFf97uZpjcjTcEJEC1H8hh/j8f5uIQK/5g="
},
{
@@ -88,7 +88,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
- "version": "76f42c19af50ff7c0390a1c57c680b07b6eb3e8a",
+ "version": "b91dd311397047f15aae4f6dacba0708f24cf446",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
},
{
@@ -98,7 +98,7 @@
"subdir": "jsonnet/mixin"
}
},
- "version": "d86d6a449f716137acdbc6d0a2fbce4a7649bda3",
+ "version": "aeceb0b4fadc8307a44dc55afdceca0bea50bbb0",
"sum": "n3flMIzlADeyygb0uipZ4KPp2uNSjdtkrwgHjTC7Ca4=",
"name": "prometheus-operator-mixin"
},
@@ -109,8 +109,8 @@
"subdir": "jsonnet/prometheus-operator"
}
},
- "version": "d86d6a449f716137acdbc6d0a2fbce4a7649bda3",
- "sum": "d6yn0HPnVrFhB+JY4XeSGr7zPr5PWERGU7ISz90h3ew="
+ "version": "aeceb0b4fadc8307a44dc55afdceca0bea50bbb0",
+ "sum": "0jtf0dxDTlCZNgw+l4rgHQR0CkrKmSvrHEtSpjJg3vI="
},
{
"source": {
@@ -119,7 +119,7 @@
"subdir": "doc/alertmanager-mixin"
}
},
- "version": "5ba9b9c7c34cff1276004e893ed0a4b0998f5256",
+ "version": "b517645d951da230fbb078da417c5ac46928dbd6",
"sum": "1d7ZKYArJKacAWXLUz0bRC1uOkozee/PPw97/W5zGhc=",
"name": "alertmanager"
},
@@ -130,7 +130,7 @@
"subdir": "docs/node-mixin"
}
},
- "version": "f34aaa61092fe7e3c6618fdb0b0d16a68a291ff7",
+ "version": "e8c5110ada6152ec0efb8b2dc8be7e493624d232",
"sum": "By6n6U10hYDogUsyhsaKZehbhzxBZZobJloiKyKadgM="
},
{
@@ -140,7 +140,7 @@
"subdir": "documentation/prometheus-mixin"
}
},
- "version": "69edd8709ba7d4b2152eab5fb208a3d74b4a81e1",
+ "version": "86729d4d7b8659e2b90fa65ae2d42ecddc3657bc",
"sum": "8OngT76gVXOUROOOeP9yTe6E/dn+2D2J34Dn690QCG0=",
"name": "prometheus"
},
@@ -151,7 +151,7 @@
"subdir": "config/crd/bases"
}
},
- "version": "bbc6d893a2878986e3954188ccfcfa0acc372666",
+ "version": "8ef5703723f0a4079d7d9ad15ca1fb6bda430a8e",
"sum": "v0uv2DLx8qjW+OviUfzTFOzZ+0IizXqBhuglGHIhGmo="
},
{
@@ -161,7 +161,7 @@
"subdir": "mixin"
}
},
- "version": "9524124d335cda703eca4bb2ffa77d1211a90adb",
+ "version": "6257767ec9d08a0f41014d4ac6f21aeb6a886773",
"sum": "WhheqsiX0maUXByZFsb9xhCEsGXK2955bPmPPf1x+Cs=",
"name": "thanos-mixin"
},
diff --git a/manifests/setup/0prometheusCustomResourceDefinition.yaml b/manifests/setup/0prometheusCustomResourceDefinition.yaml
index 65ff3391d9f955bd0c869554f75bfceea069e5da..beee67c62135c0f7c3f07a7f1a26410a5fb2e27a 100644
--- a/manifests/setup/0prometheusCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusCustomResourceDefinition.yaml
@@ -3349,7 +3349,7 @@ spec:
description: RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
properties:
authorization:
- description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, or `oauth2`."
+ description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`."
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -3374,8 +3374,30 @@ spec:
description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\""
type: string
type: object
+ azureAd:
+ description: "AzureAD for the URL. \n It requires Prometheus >= v2.45.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`."
+ properties:
+ cloud:
+ description: The Azure Cloud. Options are 'AzurePublic', 'AzureChina', or 'AzureGovernment'.
+ enum:
+ - AzureChina
+ - AzureGovernment
+ - AzurePublic
+ type: string
+ managedIdentity:
+ description: ManagedIdentity defines the Azure User-assigned Managed identity.
+ properties:
+ clientId:
+ description: The client id
+ type: string
+ required:
+ - clientId
+ type: object
+ required:
+ - managedIdentity
+ type: object
basicAuth:
- description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, or `oauth2`."
+ description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`."
properties:
password:
description: The secret in the service monitor namespace that contains the password for authentication.
@@ -3436,7 +3458,7 @@ spec:
description: "The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. \n It requires Prometheus >= v2.15.0."
type: string
oauth2:
- description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, or `basicAuth`."
+ description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, `basicAuth`, or `azureAd`."
properties:
clientId:
description: The secret or configmap containing the OAuth2 client id
@@ -3554,7 +3576,7 @@ spec:
description: "Enables sending of native histograms, also known as sparse histograms over remote write. \n It requires Prometheus >= v2.40.0."
type: boolean
sigv4:
- description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, or `oauth2`."
+ description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `azureAd`."
properties:
accessKey:
description: AccessKey is the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used.
diff --git a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
index d8d43a04e2a1dd00604afa68786dda20289d1fe4..fe87a46b0fe0a0928b7bb23f92da74e9687b4754 100644
--- a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
@@ -2749,7 +2749,7 @@ spec:
description: RemoteWriteSpec defines the configuration to write samples from Prometheus to a remote endpoint.
properties:
authorization:
- description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, or `oauth2`."
+ description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`."
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -2774,8 +2774,30 @@ spec:
description: "Defines the authentication type. The value is case-insensitive. \n \"Basic\" is not a supported value. \n Default: \"Bearer\""
type: string
type: object
+ azureAd:
+ description: "AzureAD for the URL. \n It requires Prometheus >= v2.45.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`."
+ properties:
+ cloud:
+ description: The Azure Cloud. Options are 'AzurePublic', 'AzureChina', or 'AzureGovernment'.
+ enum:
+ - AzureChina
+ - AzureGovernment
+ - AzurePublic
+ type: string
+ managedIdentity:
+ description: ManagedIdentity defines the Azure User-assigned Managed identity.
+ properties:
+ clientId:
+ description: The client id
+ type: string
+ required:
+ - clientId
+ type: object
+ required:
+ - managedIdentity
+ type: object
basicAuth:
- description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, or `oauth2`."
+ description: "BasicAuth configuration for the URL. \n Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`."
properties:
password:
description: The secret in the service monitor namespace that contains the password for authentication.
@@ -2836,7 +2858,7 @@ spec:
description: "The name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. \n It requires Prometheus >= v2.15.0."
type: string
oauth2:
- description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, or `basicAuth`."
+ description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as `sigv4`, `authorization`, `basicAuth`, or `azureAd`."
properties:
clientId:
description: The secret or configmap containing the OAuth2 client id
@@ -2954,7 +2976,7 @@ spec:
description: "Enables sending of native histograms, also known as sparse histograms over remote write. \n It requires Prometheus >= v2.40.0."
type: boolean
sigv4:
- description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, or `oauth2`."
+ description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `azureAd`."
properties:
accessKey:
description: AccessKey is the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used.
diff --git a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
index 5a5de71c82454aaa9c117b4125e2add103a0614d..b6cb5b9c6fd25d3776d29cd36ea22a872cb81582 100644
--- a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
+++ b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
@@ -459,6 +459,53 @@ spec:
- names
type: object
type: array
+ ec2SDConfigs:
+ description: EC2SDConfigs defines a list of EC2 service discovery configurations.
+ items:
+ description: EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. The private IP address is used by default, but may be changed to the public IP address with relabeling. The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config
+ properties:
+ accessKey:
+ description: AccessKey is the AWS API key.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ port:
+ description: The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule.
+ type: integer
+ refreshInterval:
+ description: RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ region:
+ description: The AWS region
+ type: string
+ secretKey:
+ description: SecretKey is the AWS API secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ type: array
fileSDConfigs:
description: FileSDConfigs defines a list of file service discovery configurations.
items: