diff --git a/jsonnet/kube-prometheus/versions.json b/jsonnet/kube-prometheus/versions.json
index 698b746b56d35f5d88a747eceef56075c751f94b..4f09a46b01c745e997ba762179e7b436465dca37 100644
--- a/jsonnet/kube-prometheus/versions.json
+++ b/jsonnet/kube-prometheus/versions.json
@@ -7,7 +7,7 @@
"prometheus": "2.52.0",
"prometheusAdapter": "0.12.0",
"prometheusOperator": "0.74.0",
- "kubeRbacProxy": "0.17.1",
+ "kubeRbacProxy": "0.18.0",
"configmapReload": "0.13.0",
"pyrra": "0.6.4"
}
diff --git a/jsonnetfile.lock.json b/jsonnetfile.lock.json
index e16fba5ef297f12eccf49560038d46e5562dab81..22a82021ceb189117e66587e86c63f17e8f635c2 100644
--- a/jsonnetfile.lock.json
+++ b/jsonnetfile.lock.json
@@ -18,7 +18,7 @@
"subdir": "contrib/mixin"
}
},
- "version": "0b2f15f616be1c18ef49d24178055b724b82e220",
+ "version": "8a0054fecb0d52d8c7d513652c770a533a4c1037",
"sum": "IXI3LQIT9NmTPJAk8WLUJd5+qZfcGpeNCyWIK7oEpws="
},
{
@@ -58,7 +58,7 @@
"subdir": "gen/grafonnet-latest"
}
},
- "version": "fb76e2b3e511769900d9ec7bbf9dd77b5051ecfe",
+ "version": "119d65363dff84a1976bba609f2ac3a8f450e760",
"sum": "eyuJ0jOXeA4MrobbNgU4/v5a7ASDHslHZ0eS6hDdWoI="
},
{
@@ -68,7 +68,7 @@
"subdir": "gen/grafonnet-v10.0.0"
}
},
- "version": "fb76e2b3e511769900d9ec7bbf9dd77b5051ecfe",
+ "version": "119d65363dff84a1976bba609f2ac3a8f450e760",
"sum": "xdcrJPJlpkq4+5LpGwN4tPAuheNNLXZjE6tDcyvFjr0="
},
{
@@ -78,8 +78,8 @@
"subdir": "gen/grafonnet-v11.0.0"
}
},
- "version": "fb76e2b3e511769900d9ec7bbf9dd77b5051ecfe",
- "sum": "NFIxfF9YprxwmcpqC5f05faEj4Gl740Abs6YDUun0M4="
+ "version": "119d65363dff84a1976bba609f2ac3a8f450e760",
+ "sum": "Fuo+qTZZzF+sHDBWX/8fkPsUmwW6qhH8hRVz45HznfI="
},
{
"source": {
@@ -98,7 +98,7 @@
"subdir": "mixin-utils"
}
},
- "version": "6db8202a2360090ff19144c48a14b9fb1a314625",
+ "version": "553b9c250567ff618f70f3ff681eb2804dbb752d",
"sum": "A0f0G3aJEkdu5sqHXtizHDyU1jOSx6VuEXLRlI9Psp8="
},
{
@@ -138,7 +138,7 @@
"subdir": "jsonnet/kube-state-metrics"
}
},
- "version": "85762cdf9790999957d8e9afdfc7253b1fa705db",
+ "version": "7995d5fd23bcff7ae24ab6849f7c393d262fb025",
"sum": "msMZyUvcebzRILLzNlTIiSOwa1XgQKtP7jbZTkiqwM0="
},
{
@@ -148,7 +148,7 @@
"subdir": "jsonnet/kube-state-metrics-mixin"
}
},
- "version": "85762cdf9790999957d8e9afdfc7253b1fa705db",
+ "version": "7995d5fd23bcff7ae24ab6849f7c393d262fb025",
"sum": "qclI7LwucTjBef3PkGBkKxF0mfZPbHnn4rlNWKGtR4c="
},
{
@@ -158,7 +158,7 @@
"subdir": "jsonnet/mixin"
}
},
- "version": "2adc2bade4b143c74b3af1d766298358781b9edb",
+ "version": "0d8575e0f5a801d368f181b4f9350c05d7adb5d5",
"sum": "gi+knjdxs2T715iIQIntrimbHRgHnpM8IFBJDD1gYfs=",
"name": "prometheus-operator-mixin"
},
@@ -169,8 +169,8 @@
"subdir": "jsonnet/prometheus-operator"
}
},
- "version": "2adc2bade4b143c74b3af1d766298358781b9edb",
- "sum": "dep5QbZrBzG8kBt9x8xqRSm6RWBsBH9IRh3BKedcY7o="
+ "version": "0d8575e0f5a801d368f181b4f9350c05d7adb5d5",
+ "sum": "jmdawkwvv5xPgbtNpOgH7QlpbSX/giVhdu3OEfNOO6Q="
},
{
"source": {
@@ -179,7 +179,7 @@
"subdir": "doc/alertmanager-mixin"
}
},
- "version": "b67bde8cf981dd2f5e86cbb7b886074bf24d7a9c",
+ "version": "b59669f43821a59b89e846ff2f89c2f171fde336",
"sum": "IpF46ZXsm+0wJJAPtAre8+yxTNZA57mBqGpBP/r7/kw=",
"name": "alertmanager"
},
@@ -190,7 +190,7 @@
"subdir": "docs/node-mixin"
}
},
- "version": "6603633c0e758d7876519cdf5804e5138e3eb1d7",
+ "version": "dc185bc0f640293944f332745e94f3278dbcaab0",
"sum": "R9ROsvpjZLgQJ78WAyD4HzrIq976Bpr4V2P2Fo2Kfns="
},
{
@@ -200,7 +200,7 @@
"subdir": "documentation/prometheus-mixin"
}
},
- "version": "bfdca40fd2fa78c7d80f335c0b67cdaa2b5432fd",
+ "version": "08621bebe976c683683aa8198303bb000381be57",
"sum": "vGD+MxGadIBvvDC+/71BRKWEA8vHgcuBP5PcuCKZGEs=",
"name": "prometheus"
},
@@ -222,7 +222,7 @@
"subdir": "mixin"
}
},
- "version": "863d914432e89683658bd7f9d4f15b9667329674",
+ "version": "b72f7da3407a9d47468453684e8e2dee1aea2289",
"sum": "HhSSbGGCNHCMy1ee5jElYDm0yS9Vesa7QB2/SHKdjsY=",
"name": "thanos-mixin"
},
diff --git a/manifests/blackboxExporter-deployment.yaml b/manifests/blackboxExporter-deployment.yaml
index 5c1c86159f718f9d30b6537903e2e996462f727a..99992081cbc2a4cca9220414a7cb757ecdee92ac 100644
--- a/manifests/blackboxExporter-deployment.yaml
+++ b/manifests/blackboxExporter-deployment.yaml
@@ -86,7 +86,7 @@ spec:
- --secure-listen-address=:9115
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:19115/
- image: quay.io/brancz/kube-rbac-proxy:v0.17.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.18.0
name: kube-rbac-proxy
ports:
- containerPort: 9115
diff --git a/manifests/kubeStateMetrics-deployment.yaml b/manifests/kubeStateMetrics-deployment.yaml
index 910a9fa2c8a7ddad93679511750395fb9e725400..aa57b5b5e90a173de0ad6a933335065794381c65 100644
--- a/manifests/kubeStateMetrics-deployment.yaml
+++ b/manifests/kubeStateMetrics-deployment.yaml
@@ -56,7 +56,7 @@ spec:
- --secure-listen-address=:8443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8081/
- image: quay.io/brancz/kube-rbac-proxy:v0.17.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.18.0
name: kube-rbac-proxy-main
ports:
- containerPort: 8443
@@ -83,7 +83,7 @@ spec:
- --secure-listen-address=:9443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8082/
- image: quay.io/brancz/kube-rbac-proxy:v0.17.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.18.0
name: kube-rbac-proxy-self
ports:
- containerPort: 9443
diff --git a/manifests/nodeExporter-daemonset.yaml b/manifests/nodeExporter-daemonset.yaml
index df874b1b52ac2a55ad9d894332ad0056d17cc0bc..fe944d2c7816bb1f863adfb6b91ffbf304a1f6ef 100644
--- a/manifests/nodeExporter-daemonset.yaml
+++ b/manifests/nodeExporter-daemonset.yaml
@@ -72,7 +72,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: status.podIP
- image: quay.io/brancz/kube-rbac-proxy:v0.17.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.18.0
name: kube-rbac-proxy
ports:
- containerPort: 9100
diff --git a/manifests/prometheusOperator-deployment.yaml b/manifests/prometheusOperator-deployment.yaml
index 84f327320cc0187d78fd8e4afd25eba1ca1d8e24..a64ef32c94d63a337a02b186c32c001c8c62800f 100644
--- a/manifests/prometheusOperator-deployment.yaml
+++ b/manifests/prometheusOperator-deployment.yaml
@@ -55,7 +55,7 @@ spec:
- --secure-listen-address=:8443
- --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- --upstream=http://127.0.0.1:8080/
- image: quay.io/brancz/kube-rbac-proxy:v0.17.1
+ image: quay.io/brancz/kube-rbac-proxy:v0.18.0
name: kube-rbac-proxy
ports:
- containerPort: 8443
diff --git a/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml b/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
index 0adaad2b77b344d452448156b3b03463f0b07aa9..4070574d18f47c3486028e6bd8c3901128ab753d 100644
--- a/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
+++ b/manifests/setup/0alertmanagerConfigCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: alertmanagerconfigs.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0alertmanagerCustomResourceDefinition.yaml b/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
index b647863b423757d7893be0947589beab676c592e..5b13d50c72210a39906c899db74a852e0505828c 100644
--- a/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
+++ b/manifests/setup/0alertmanagerCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: alertmanagers.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0podmonitorCustomResourceDefinition.yaml b/manifests/setup/0podmonitorCustomResourceDefinition.yaml
index ae7e9f25f19b9f06324e5bb4bc4cdfeb4f0fd496..c03e9630a235189a3120cf554dcc8dcca6c76c87 100644
--- a/manifests/setup/0podmonitorCustomResourceDefinition.yaml
+++ b/manifests/setup/0podmonitorCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: podmonitors.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0probeCustomResourceDefinition.yaml b/manifests/setup/0probeCustomResourceDefinition.yaml
index 5118a41e6ca210245c02f18720faf21f4e5bc02d..b380646166b29a12670c322889e992745041212c 100644
--- a/manifests/setup/0probeCustomResourceDefinition.yaml
+++ b/manifests/setup/0probeCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: probes.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0prometheusCustomResourceDefinition.yaml b/manifests/setup/0prometheusCustomResourceDefinition.yaml
index 488378d0ee2f629896001c0a9fd72374f21d2f48..508a978751af5af582b99155d542972aecfadcbd 100644
--- a/manifests/setup/0prometheusCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: prometheuses.monitoring.coreos.com
spec:
@@ -5177,10 +5177,11 @@ spec:
type: object
overrideHonorLabels:
description: |-
- When true, Prometheus resolves label conflicts by renaming the labels in
- the scraped data to "exported_<label value>" for all targets created
- from service and pod monitors.
- Otherwise the HonorLabels field of the service or pod monitor applies.
+ When true, Prometheus resolves label conflicts by renaming the labels in the scraped data
+ to “exported_†for all targets created from ServiceMonitor, PodMonitor and
+ ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
+ In practice,`overrideHonorLaels:true` enforces `honorLabels:false`
+ for all ServiceMonitor, PodMonitor and ScrapeConfig objects.
type: boolean
overrideHonorTimestamps:
description: |-
diff --git a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
index af50ece69deff94ead6e91bbfb6956542a5a8528..f966959fab0bd8cbcf09b610df2aca95825051b5 100644
--- a/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusagentCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: prometheusagents.monitoring.coreos.com
spec:
@@ -4468,6 +4468,17 @@ spec:
enabling the StatefulSetMinReadySeconds feature gate.
format: int32
type: integer
+ mode:
+ description: |-
+ Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s).
+ For now this field has no effect.
+
+
+ (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled.
+ enum:
+ - StatefulSet
+ - DaemonSet
+ type: string
nodeSelector:
additionalProperties:
type: string
@@ -4475,10 +4486,11 @@ spec:
type: object
overrideHonorLabels:
description: |-
- When true, Prometheus resolves label conflicts by renaming the labels in
- the scraped data to "exported_<label value>" for all targets created
- from service and pod monitors.
- Otherwise the HonorLabels field of the service or pod monitor applies.
+ When true, Prometheus resolves label conflicts by renaming the labels in the scraped data
+ to “exported_†for all targets created from ServiceMonitor, PodMonitor and
+ ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies.
+ In practice,`overrideHonorLaels:true` enforces `honorLabels:false`
+ for all ServiceMonitor, PodMonitor and ScrapeConfig objects.
type: boolean
overrideHonorTimestamps:
description: |-
diff --git a/manifests/setup/0prometheusruleCustomResourceDefinition.yaml b/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
index d210d11f1cd0b225ac62cdff9c47045a96428898..3abfe6066e0954dd3739f2c614f97862bf5a4762 100644
--- a/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
+++ b/manifests/setup/0prometheusruleCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: prometheusrules.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
index 43dbd5dd00099a82bef444620b85e1132d67dae0..869425c5936dbfdf75a90b2ed4361ad2e7dd687d 100644
--- a/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
+++ b/manifests/setup/0scrapeconfigCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: scrapeconfigs.monitoring.coreos.com
spec:
@@ -2002,120 +2002,12 @@ spec:
- host
type: object
type: array
- ec2SDConfigs:
- description: EC2SDConfigs defines a list of EC2 service discovery configurations.
- items:
- description: |-
- EC2SDConfig allow retrieving scrape targets from AWS EC2 instances.
- The private IP address is used by default, but may be changed to the public IP address with relabeling.
- The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config
- properties:
- accessKey:
- description: AccessKey is the AWS API key.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- filters:
- description: |-
- Filters can be used optionally to filter the instance list by other criteria.
- Available filter criteria can be found here:
- https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html
- Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html
- items:
- description: EC2Filter is the configuration for filtering EC2 instances.
- properties:
- name:
- type: string
- values:
- items:
- type: string
- type: array
- required:
- - name
- - values
- type: object
- type: array
- port:
- description: |-
- The port to scrape metrics from. If using the public IP address, this must
- instead be specified in the relabeling rule.
- type: integer
- refreshInterval:
- description: RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- region:
- description: The AWS region
- type: string
- roleARN:
- description: AWS Role ARN, an alternative to using AWS API keys.
- type: string
- secretKey:
- description: SecretKey is the AWS API secret.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- enableCompression:
- description: |-
- When false, Prometheus will request uncompressed response from the scraped target.
-
-
- It requires Prometheus >= v2.49.0.
-
-
- If unset, Prometheus uses true by default.
- type: boolean
- eurekaSDConfigs:
- description: EurekaSDConfigs defines a list of Eureka service discovery configurations.
+ dockerSwarmSDConfigs:
+ description: DockerswarmSDConfigs defines a list of Dockerswarm service discovery configurations.
items:
- description: |-
- Eureka SD configurations allow retrieving scrape targets using the Eureka REST API.
- Prometheus will periodically check the REST endpoint and create a target for every app instance.
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config
properties:
authorization:
- description: Authorization header to use on every scrape request.
+ description: Authorization header configuration to authenticate against the target HTTP endpoint.
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -2153,7 +2045,7 @@ spec:
type: string
type: object
basicAuth:
- description: BasicAuth information to use on every scrape request.
+ description: Optional HTTP basic authentication information.
properties:
password:
description: |-
@@ -2211,9 +2103,38 @@ spec:
enableHTTP2:
description: Whether to enable HTTP2.
type: boolean
+ filters:
+ description: |-
+ Optional filters to limit the discovery process to a subset of available
+ resources.
+ The available filters are listed in the upstream documentation:
+ Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList
+ Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList
+ Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList
+ items:
+ description: Filter is the configuration to limit the discovery process to a subset of available resources.
+ properties:
+ name:
+ description: Name is the key of the field to check against.
+ type: string
+ values:
+ description: Values is the value or set of values to check for a match.
+ items:
+ type: string
+ minItems: 1
+ type: array
+ required:
+ - name
+ - values
+ type: object
+ type: array
followRedirects:
description: Configure whether HTTP requests follow HTTP 3xx redirects.
type: boolean
+ host:
+ description: Address of the Docker daemon
+ pattern: ^[a-zA-Z][a-zA-Z0-9+.-]*://.+$
+ type: string
noProxy:
description: |-
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
@@ -2226,7 +2147,7 @@ spec:
oauth2:
description: |-
Optional OAuth 2.0 configuration.
- Cannot be set at the same time as `authorization` or `basic_auth`.
+ Cannot be set at the same time as `authorization`, or `basicAuth`.
properties:
clientId:
description: |-
@@ -2329,6 +2250,14 @@ spec:
- clientSecret
- tokenUrl
type: object
+ port:
+ description: |-
+ The port to scrape metrics from, when `role` is nodes, and for discovered
+ tasks and services that don't have published ports.
+ format: int32
+ maximum: 65535
+ minimum: 0
+ type: integer
proxyConnectHeader:
additionalProperties:
items:
@@ -2381,15 +2310,18 @@ spec:
pattern: ^http(s)?://.+$
type: string
refreshInterval:
- description: Refresh interval to re-read the instance list.
+ description: The time after which the service discovery data is refreshed.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- server:
- description: The URL to connect to the Eureka server.
- minLength: 1
+ role:
+ description: Role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`.
+ enum:
+ - Services
+ - Tasks
+ - Nodes
type: string
tlsConfig:
- description: TLS configuration applying to the target HTTP endpoint.
+ description: TLS configuration to use on every scrape request
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -2527,99 +2459,124 @@ spec:
type: string
type: object
required:
- - server
+ - host
+ - role
type: object
type: array
- fileSDConfigs:
- description: FileSDConfigs defines a list of file service discovery configurations.
+ ec2SDConfigs:
+ description: EC2SDConfigs defines a list of EC2 service discovery configurations.
items:
description: |-
- FileSDConfig defines a Prometheus file service discovery configuration
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config
+ EC2SDConfig allow retrieving scrape targets from AWS EC2 instances.
+ The private IP address is used by default, but may be changed to the public IP address with relabeling.
+ The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config
properties:
- files:
+ accessKey:
+ description: AccessKey is the AWS API key.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ filters:
description: |-
- List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the
- prometheus-operator project makes no guarantees about the working directory where the configuration file is
- stored.
- Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets.
+ Filters can be used optionally to filter the instance list by other criteria.
+ Available filter criteria can be found here:
+ https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html
+ Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html
items:
- description: SDFile represents a file used for service discovery
- pattern: ^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$
- type: string
- minItems: 1
+ description: EC2Filter is the configuration for filtering EC2 instances.
+ properties:
+ name:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - name
+ - values
+ type: object
type: array
- refreshInterval:
- description: RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- required:
- - files
- type: object
- type: array
- gceSDConfigs:
- description: GCESDConfigs defines a list of GCE service discovery configurations.
- items:
- description: |-
- GCESDConfig configures scrape targets from GCP GCE instances.
- The private IP address is used by default, but may be changed to
- the public IP address with relabeling.
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config
-
-
- The GCE service discovery will load the Google Cloud credentials
- from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable.
- See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform
-
-
- A pre-requisite for using GCESDConfig is that a Secret containing valid
- Google Cloud credentials is mounted into the Prometheus or PrometheusAgent
- pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS
- environment variable is set to /etc/prometheus/secrets/<secret-name>/<credentials-filename.json>.
- properties:
- filter:
- description: |-
- Filter can be used optionally to filter the instance list by other criteria
- Syntax of this filter is described in the filter query parameter section:
- https://cloud.google.com/compute/docs/reference/latest/instances/list
- type: string
port:
description: |-
The port to scrape metrics from. If using the public IP address, this must
instead be specified in the relabeling rule.
type: integer
- project:
- description: The Google Cloud Project ID
- minLength: 1
- type: string
refreshInterval:
description: RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- tagSeparator:
- description: The tag separator is used to separate the tags on concatenation
+ region:
+ description: The AWS region
type: string
- zone:
- description: The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs.
- minLength: 1
+ roleARN:
+ description: AWS Role ARN, an alternative to using AWS API keys.
type: string
- required:
- - project
- - zone
+ secretKey:
+ description: SecretKey is the AWS API secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
type: object
type: array
- hetznerSDConfigs:
- description: HetznerSDConfigs defines a list of Hetzner service discovery configurations.
+ enableCompression:
+ description: |-
+ When false, Prometheus will request uncompressed response from the scraped target.
+
+
+ It requires Prometheus >= v2.49.0.
+
+
+ If unset, Prometheus uses true by default.
+ type: boolean
+ eurekaSDConfigs:
+ description: EurekaSDConfigs defines a list of Eureka service discovery configurations.
items:
description: |-
- HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API.
- This service discovery uses the public IPv4 address by default, but that can be changed with relabeling
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config
+ Eureka SD configurations allow retrieving scrape targets using the Eureka REST API.
+ Prometheus will periodically check the REST endpoint and create a target for every app instance.
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config
properties:
authorization:
- description: |-
- Authorization header configuration, required when role is hcloud.
- Role robot does not support bearer token authentication.
+ description: Authorization header to use on every scrape request.
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -2657,9 +2614,7 @@ spec:
type: string
type: object
basicAuth:
- description: |-
- BasicAuth information to use on every scrape request, required when role is robot.
- Role hcloud does not support basic auth.
+ description: BasicAuth information to use on every scrape request.
properties:
password:
description: |-
@@ -2732,7 +2687,7 @@ spec:
oauth2:
description: |-
Optional OAuth 2.0 configuration.
- Cannot be used at the same time as `basic_auth` or `authorization`.
+ Cannot be set at the same time as `authorization` or `basic_auth`.
properties:
clientId:
description: |-
@@ -2835,9 +2790,6 @@ spec:
- clientSecret
- tokenUrl
type: object
- port:
- description: The port to scrape metrics from.
- type: integer
proxyConnectHeader:
additionalProperties:
items:
@@ -2890,19 +2842,15 @@ spec:
pattern: ^http(s)?://.+$
type: string
refreshInterval:
- description: The time after which the servers are refreshed.
+ description: Refresh interval to re-read the instance list.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- role:
- description: The Hetzner role of entities that should be discovered.
- enum:
- - hcloud
- - Hcloud
- - robot
- - Robot
+ server:
+ description: The URL to connect to the Eureka server.
+ minLength: 1
type: string
tlsConfig:
- description: TLS configuration to use on every scrape request.
+ description: TLS configuration applying to the target HTTP endpoint.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -3040,24 +2988,99 @@ spec:
type: string
type: object
required:
- - role
+ - server
type: object
type: array
- honorLabels:
- description: HonorLabels chooses the metric's labels on collisions with target labels.
- type: boolean
- honorTimestamps:
- description: HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
- type: boolean
- httpSDConfigs:
- description: HTTPSDConfigs defines a list of HTTP service discovery configurations.
+ fileSDConfigs:
+ description: FileSDConfigs defines a list of file service discovery configurations.
items:
description: |-
- HTTPSDConfig defines a prometheus HTTP service discovery configuration
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config
+ FileSDConfig defines a Prometheus file service discovery configuration
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#file_sd_config
+ properties:
+ files:
+ description: |-
+ List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the
+ prometheus-operator project makes no guarantees about the working directory where the configuration file is
+ stored.
+ Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets.
+ items:
+ description: SDFile represents a file used for service discovery
+ pattern: ^[^*]*(\*[^/]*)?\.(json|yml|yaml|JSON|YML|YAML)$
+ type: string
+ minItems: 1
+ type: array
+ refreshInterval:
+ description: RefreshInterval configures the refresh interval at which Prometheus will reload the content of the files.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ required:
+ - files
+ type: object
+ type: array
+ gceSDConfigs:
+ description: GCESDConfigs defines a list of GCE service discovery configurations.
+ items:
+ description: |-
+ GCESDConfig configures scrape targets from GCP GCE instances.
+ The private IP address is used by default, but may be changed to
+ the public IP address with relabeling.
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config
+
+
+ The GCE service discovery will load the Google Cloud credentials
+ from the file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable.
+ See https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform
+
+
+ A pre-requisite for using GCESDConfig is that a Secret containing valid
+ Google Cloud credentials is mounted into the Prometheus or PrometheusAgent
+ pod via the `.spec.secrets` field and that the GOOGLE_APPLICATION_CREDENTIALS
+ environment variable is set to /etc/prometheus/secrets/<secret-name>/<credentials-filename.json>.
+ properties:
+ filter:
+ description: |-
+ Filter can be used optionally to filter the instance list by other criteria
+ Syntax of this filter is described in the filter query parameter section:
+ https://cloud.google.com/compute/docs/reference/latest/instances/list
+ type: string
+ port:
+ description: |-
+ The port to scrape metrics from. If using the public IP address, this must
+ instead be specified in the relabeling rule.
+ type: integer
+ project:
+ description: The Google Cloud Project ID
+ minLength: 1
+ type: string
+ refreshInterval:
+ description: RefreshInterval configures the refresh interval at which Prometheus will re-read the instance list.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ tagSeparator:
+ description: The tag separator is used to separate the tags on concatenation
+ type: string
+ zone:
+ description: The zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs.
+ minLength: 1
+ type: string
+ required:
+ - project
+ - zone
+ type: object
+ type: array
+ hetznerSDConfigs:
+ description: HetznerSDConfigs defines a list of Hetzner service discovery configurations.
+ items:
+ description: |-
+ HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API.
+ This service discovery uses the public IPv4 address by default, but that can be changed with relabeling
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config
properties:
authorization:
- description: Authorization header configuration to authenticate against the target HTTP endpoint.
+ description: |-
+ Authorization header configuration, required when role is hcloud.
+ Role robot does not support bearer token authentication.
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -3096,8 +3119,8 @@ spec:
type: object
basicAuth:
description: |-
- BasicAuth information to authenticate against the target HTTP endpoint.
- More info: https://prometheus.io/docs/operating/configuration/#endpoints
+ BasicAuth information to use on every scrape request, required when role is robot.
+ Role hcloud does not support basic auth.
properties:
password:
description: |-
@@ -3152,6 +3175,12 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
+ enableHTTP2:
+ description: Whether to enable HTTP2.
+ type: boolean
+ followRedirects:
+ description: Configure whether HTTP requests follow HTTP 3xx redirects.
+ type: boolean
noProxy:
description: |-
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
@@ -3161,68 +3190,15 @@ spec:
It requires Prometheus >= v2.43.0.
type: string
- proxyConnectHeader:
- additionalProperties:
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- description: |-
- ProxyConnectHeader optionally specifies headers to send to
- proxies during CONNECT requests.
-
-
- It requires Prometheus >= v2.43.0.
- type: object
- x-kubernetes-map-type: atomic
- proxyFromEnvironment:
- description: |-
- Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
- If unset, Prometheus uses its default value.
-
-
- It requires Prometheus >= v2.43.0.
- type: boolean
- proxyUrl:
- description: |-
- `proxyURL` defines the HTTP proxy server to use.
-
-
- It requires Prometheus >= v2.43.0.
- pattern: ^http(s)?://.+$
- type: string
- refreshInterval:
+ oauth2:
description: |-
- RefreshInterval configures the refresh interval at which Prometheus will re-query the
- endpoint to update the target list.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- tlsConfig:
- description: TLS configuration applying to the target HTTP endpoint.
+ Optional OAuth 2.0 configuration.
+ Cannot be used at the same time as `basic_auth` or `authorization`.
properties:
- ca:
- description: Certificate authority used when verifying server certificates.
+ clientId:
+ description: |-
+ `clientId` specifies a key of a Secret or ConfigMap containing the
+ OAuth2 client's ID.
properties:
configMap:
description: ConfigMap containing data to use for the targets.
@@ -3273,12 +3249,180 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
- cert:
- description: Client certificate to present when doing client-authentication.
+ clientSecret:
+ description: |-
+ `clientSecret` specifies a key of a Secret containing the OAuth2
+ client's secret.
properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ description: |-
+ `endpointParams` configures the HTTP parameters to append to the token
+ URL.
+ type: object
+ scopes:
+ description: '`scopes` defines the OAuth2 scopes used for the token request.'
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ description: '`tokenURL` configures the URL to fetch the token from.'
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ port:
+ description: The port to scrape metrics from.
+ type: integer
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ description: |-
+ ProxyConnectHeader optionally specifies headers to send to
+ proxies during CONNECT requests.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: object
+ x-kubernetes-map-type: atomic
+ proxyFromEnvironment:
+ description: |-
+ Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
+ If unset, Prometheus uses its default value.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: boolean
+ proxyUrl:
+ description: |-
+ `proxyURL` defines the HTTP proxy server to use.
+
+
+ It requires Prometheus >= v2.43.0.
+ pattern: ^http(s)?://.+$
+ type: string
+ refreshInterval:
+ description: The time after which the servers are refreshed.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ role:
+ description: The Hetzner role of entities that should be discovered.
+ enum:
+ - hcloud
+ - Hcloud
+ - robot
+ - Robot
+ type: string
+ tlsConfig:
+ description: TLS configuration to use on every scrape request.
+ properties:
+ ca:
+ description: Certificate authority used when verifying server certificates.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ description: Client certificate to present when doing client-authentication.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
key:
description: The key to select.
type: string
@@ -3356,67 +3500,25 @@ spec:
description: Used to verify the hostname for the targets.
type: string
type: object
- url:
- description: URL from which the targets are fetched.
- minLength: 1
- pattern: ^http(s)?://.+$
- type: string
required:
- - url
+ - role
type: object
type: array
- jobName:
- description: |-
- The value of the `job` label assigned to the scraped metrics by default.
-
-
- The `job_name` field in the rendered scrape configuration is always controlled by the
- operator to prevent duplicate job names, which Prometheus does not allow. Instead the
- `job` label is set by means of relabeling configs.
- minLength: 1
- type: string
- keepDroppedTargets:
- description: |-
- Per-scrape limit on the number of targets dropped by relabeling
- that will be kept in memory. 0 means no limit.
-
-
- It requires Prometheus >= v2.47.0.
- format: int64
- type: integer
- kubernetesSDConfigs:
- description: KubernetesSDConfigs defines a list of Kubernetes service discovery configurations.
+ honorLabels:
+ description: HonorLabels chooses the metric's labels on collisions with target labels.
+ type: boolean
+ honorTimestamps:
+ description: HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
+ type: boolean
+ httpSDConfigs:
+ description: HTTPSDConfigs defines a list of HTTP service discovery configurations.
items:
description: |-
- KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API.
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config
+ HTTPSDConfig defines a prometheus HTTP service discovery configuration
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#http_sd_config
properties:
- apiServer:
- description: |-
- The API server address consisting of a hostname or IP address followed
- by an optional port number.
- If left empty, Prometheus is assumed to run inside
- of the cluster. It will discover API servers automatically and use the pod's
- CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
- type: string
- attachMetadata:
- description: |-
- Optional metadata to attach to discovered targets.
- It requires Prometheus >= v2.35.0 for `pod` role and
- Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles.
- properties:
- node:
- description: |-
- Attaches node metadata to discovered targets.
- When set to true, Prometheus must have the `get` permission on the
- `Nodes` objects.
- Only valid for Pod, Endpoint and Endpointslice roles.
- type: boolean
- type: object
authorization:
- description: |-
- Authorization header to use on every scrape request.
- Cannot be set at the same time as `basicAuth`, or `oauth2`.
+ description: Authorization header configuration to authenticate against the target HTTP endpoint.
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -3455,8 +3557,8 @@ spec:
type: object
basicAuth:
description: |-
- BasicAuth information to use on every scrape request.
- Cannot be set at the same time as `authorization`, or `oauth2`.
+ BasicAuth information to authenticate against the target HTTP endpoint.
+ More info: https://prometheus.io/docs/operating/configuration/#endpoints
properties:
password:
description: |-
@@ -3511,26 +3613,6 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
- enableHTTP2:
- description: Whether to enable HTTP2.
- type: boolean
- followRedirects:
- description: Configure whether HTTP requests follow HTTP 3xx redirects.
- type: boolean
- namespaces:
- description: Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces.
- properties:
- names:
- description: |-
- List of namespaces where to watch for resources.
- If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces.
- items:
- type: string
- type: array
- ownNamespace:
- description: Includes the namespace in which the Prometheus pod exists to the list of watched namesapces.
- type: boolean
- type: object
noProxy:
description: |-
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
@@ -3540,112 +3622,6 @@ spec:
It requires Prometheus >= v2.43.0.
type: string
- oauth2:
- description: |-
- Optional OAuth 2.0 configuration.
- Cannot be set at the same time as `authorization`, or `basicAuth`.
- properties:
- clientId:
- description: |-
- `clientId` specifies a key of a Secret or ConfigMap containing the
- OAuth2 client's ID.
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the ConfigMap or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: |-
- `clientSecret` specifies a key of a Secret containing the OAuth2
- client's secret.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: |-
- `endpointParams` configures the HTTP parameters to append to the token
- URL.
- type: object
- scopes:
- description: '`scopes` defines the OAuth2 scopes used for the token request.'
- items:
- type: string
- type: array
- tokenUrl:
- description: '`tokenURL` configures the URL to fetch the token from.'
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
proxyConnectHeader:
additionalProperties:
items:
@@ -3697,56 +3673,14 @@ spec:
It requires Prometheus >= v2.43.0.
pattern: ^http(s)?://.+$
type: string
- role:
- description: Role of the Kubernetes entities that should be discovered.
- enum:
- - Node
- - node
- - Service
- - service
- - Pod
- - pod
- - Endpoints
- - endpoints
- - EndpointSlice
- - endpointslice
- - Ingress
- - ingress
+ refreshInterval:
+ description: |-
+ RefreshInterval configures the refresh interval at which Prometheus will re-query the
+ endpoint to update the target list.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- selectors:
- description: Selector to select objects.
- items:
- description: K8SSelectorConfig is Kubernetes Selector Config
- properties:
- field:
- type: string
- label:
- type: string
- role:
- description: Role is role of the service in Kubernetes.
- enum:
- - Node
- - node
- - Service
- - service
- - Pod
- - pod
- - Endpoints
- - endpoints
- - EndpointSlice
- - endpointslice
- - Ingress
- - ingress
- type: string
- required:
- - role
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - role
- x-kubernetes-list-type: map
tlsConfig:
- description: TLS configuration to use on every scrape request.
+ description: TLS configuration applying to the target HTTP endpoint.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -3883,19 +3817,67 @@ spec:
description: Used to verify the hostname for the targets.
type: string
type: object
+ url:
+ description: URL from which the targets are fetched.
+ minLength: 1
+ pattern: ^http(s)?://.+$
+ type: string
required:
- - role
+ - url
type: object
type: array
- kumaSDConfigs:
- description: KumaSDConfigs defines a list of Kuma service discovery configurations.
+ jobName:
+ description: |-
+ The value of the `job` label assigned to the scraped metrics by default.
+
+
+ The `job_name` field in the rendered scrape configuration is always controlled by the
+ operator to prevent duplicate job names, which Prometheus does not allow. Instead the
+ `job` label is set by means of relabeling configs.
+ minLength: 1
+ type: string
+ keepDroppedTargets:
+ description: |-
+ Per-scrape limit on the number of targets dropped by relabeling
+ that will be kept in memory. 0 means no limit.
+
+
+ It requires Prometheus >= v2.47.0.
+ format: int64
+ type: integer
+ kubernetesSDConfigs:
+ description: KubernetesSDConfigs defines a list of Kubernetes service discovery configurations.
items:
description: |-
- KumaSDConfig allow retrieving scrape targets from Kuma's control plane.
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config
+ KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API.
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config
properties:
+ apiServer:
+ description: |-
+ The API server address consisting of a hostname or IP address followed
+ by an optional port number.
+ If left empty, Prometheus is assumed to run inside
+ of the cluster. It will discover API servers automatically and use the pod's
+ CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
+ type: string
+ attachMetadata:
+ description: |-
+ Optional metadata to attach to discovered targets.
+ It requires Prometheus >= v2.35.0 for `pod` role and
+ Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles.
+ properties:
+ node:
+ description: |-
+ Attaches node metadata to discovered targets.
+ When set to true, Prometheus must have the `get` permission on the
+ `Nodes` objects.
+ Only valid for Pod, Endpoint and Endpointslice roles.
+ type: boolean
+ type: object
authorization:
- description: Authorization header to use on every scrape request.
+ description: |-
+ Authorization header to use on every scrape request.
+ Cannot be set at the same time as `basicAuth`, or `oauth2`.
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
@@ -3933,7 +3915,9 @@ spec:
type: string
type: object
basicAuth:
- description: BasicAuth information to use on every scrape request.
+ description: |-
+ BasicAuth information to use on every scrape request.
+ Cannot be set at the same time as `authorization`, or `oauth2`.
properties:
password:
description: |-
@@ -3988,19 +3972,26 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
- clientID:
- description: Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend.
- type: string
enableHTTP2:
description: Whether to enable HTTP2.
type: boolean
- fetchTimeout:
- description: The time after which the monitoring assignments are refreshed.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
followRedirects:
description: Configure whether HTTP requests follow HTTP 3xx redirects.
type: boolean
+ namespaces:
+ description: Optional namespace discovery. If omitted, Prometheus discovers targets across all namespaces.
+ properties:
+ names:
+ description: |-
+ List of namespaces where to watch for resources.
+ If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces.
+ items:
+ type: string
+ type: array
+ ownNamespace:
+ description: Includes the namespace in which the Prometheus pod exists to the list of watched namesapces.
+ type: boolean
+ type: object
noProxy:
description: |-
`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
@@ -4167,16 +4158,56 @@ spec:
It requires Prometheus >= v2.43.0.
pattern: ^http(s)?://.+$
type: string
- refreshInterval:
- description: The time to wait between polling update requests.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- server:
- description: Address of the Kuma Control Plane's MADS xDS server.
- minLength: 1
- type: string
+ role:
+ description: Role of the Kubernetes entities that should be discovered.
+ enum:
+ - Node
+ - node
+ - Service
+ - service
+ - Pod
+ - pod
+ - Endpoints
+ - endpoints
+ - EndpointSlice
+ - endpointslice
+ - Ingress
+ - ingress
+ type: string
+ selectors:
+ description: Selector to select objects.
+ items:
+ description: K8SSelectorConfig is Kubernetes Selector Config
+ properties:
+ field:
+ type: string
+ label:
+ type: string
+ role:
+ description: Role is role of the service in Kubernetes.
+ enum:
+ - Node
+ - node
+ - Service
+ - service
+ - Pod
+ - pod
+ - Endpoints
+ - endpoints
+ - EndpointSlice
+ - endpointslice
+ - Ingress
+ - ingress
+ type: string
+ required:
+ - role
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - role
+ x-kubernetes-list-type: map
tlsConfig:
- description: TLS configuration to use on every scrape request
+ description: TLS configuration to use on every scrape request.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -4314,261 +4345,1571 @@ spec:
type: string
type: object
required:
- - server
+ - role
type: object
type: array
- labelLimit:
- description: |-
- Per-scrape limit on number of labels that will be accepted for a sample.
- Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- labelNameLengthLimit:
- description: |-
- Per-scrape limit on length of labels name that will be accepted for a sample.
- Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- labelValueLengthLimit:
- description: |-
- Per-scrape limit on length of labels value that will be accepted for a sample.
- Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- metricRelabelings:
- description: MetricRelabelConfigs to apply to samples before ingestion.
+ kumaSDConfigs:
+ description: KumaSDConfigs defines a list of Kuma service discovery configurations.
items:
description: |-
- RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
- scraped samples and remote write samples.
-
-
- More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+ KumaSDConfig allow retrieving scrape targets from Kuma's control plane.
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config
properties:
- action:
- default: replace
- description: |-
- Action to perform based on the regex matching.
+ authorization:
+ description: Authorization header to use on every scrape request.
+ properties:
+ credentials:
+ description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ description: |-
+ Defines the authentication type. The value is case-insensitive.
- `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
- `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
+ "Basic" is not a supported value.
- Default: "Replace"
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- - keepequal
- - KeepEqual
- - dropequal
- - DropEqual
+ Default: "Bearer"
+ type: string
+ type: object
+ basicAuth:
+ description: BasicAuth information to use on every scrape request.
+ properties:
+ password:
+ description: |-
+ `password` specifies a key of a Secret containing the password for
+ authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: |-
+ `username` specifies a key of a Secret containing the username for
+ authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientID:
+ description: Client id is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend.
type: string
- modulus:
- description: |-
- Modulus to take of the hash of the source label values.
-
-
- Only applicable when the action is `HashMod`.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted value is matched.
+ enableHTTP2:
+ description: Whether to enable HTTP2.
+ type: boolean
+ fetchTimeout:
+ description: The time after which the monitoring assignments are refreshed.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- replacement:
+ followRedirects:
+ description: Configure whether HTTP requests follow HTTP 3xx redirects.
+ type: boolean
+ noProxy:
description: |-
- Replacement value against which a Replace action is performed if the
- regular expression matches.
+ `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
+ that should be excluded from proxying. IP and domain names can
+ contain port numbers.
- Regex capture groups are available.
- type: string
- separator:
- description: Separator is the string between concatenated SourceLabels.
+ It requires Prometheus >= v2.43.0.
type: string
- sourceLabels:
- description: |-
- The source labels select values from existing labels. Their content is
- concatenated using the configured Separator and matched against the
- configured regular expression.
- items:
- description: |-
- LabelName is a valid Prometheus label name which may only contain ASCII
- letters, numbers, as well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
+ oauth2:
description: |-
- Label to which the resulting string is written in a replacement.
-
-
- It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
- `KeepEqual` and `DropEqual` actions.
-
-
- Regex capture groups are available.
+ Optional OAuth 2.0 configuration.
+ Cannot be set at the same time as `authorization`, or `basicAuth`.
+ properties:
+ clientId:
+ description: |-
+ `clientId` specifies a key of a Secret or ConfigMap containing the
+ OAuth2 client's ID.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ description: |-
+ `clientSecret` specifies a key of a Secret containing the OAuth2
+ client's secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ description: |-
+ `endpointParams` configures the HTTP parameters to append to the token
+ URL.
+ type: object
+ scopes:
+ description: '`scopes` defines the OAuth2 scopes used for the token request.'
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ description: '`tokenURL` configures the URL to fetch the token from.'
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ description: |-
+ ProxyConnectHeader optionally specifies headers to send to
+ proxies during CONNECT requests.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: object
+ x-kubernetes-map-type: atomic
+ proxyFromEnvironment:
+ description: |-
+ Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
+ If unset, Prometheus uses its default value.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: boolean
+ proxyUrl:
+ description: |-
+ `proxyURL` defines the HTTP proxy server to use.
+
+
+ It requires Prometheus >= v2.43.0.
+ pattern: ^http(s)?://.+$
+ type: string
+ refreshInterval:
+ description: The time to wait between polling update requests.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ server:
+ description: Address of the Kuma Control Plane's MADS xDS server.
+ minLength: 1
+ type: string
+ tlsConfig:
+ description: TLS configuration to use on every scrape request
+ properties:
+ ca:
+ description: Certificate authority used when verifying server certificates.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ description: Client certificate to present when doing client-authentication.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keySecret:
+ description: Secret containing the client key file for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: object
+ required:
+ - server
+ type: object
+ type: array
+ labelLimit:
+ description: |-
+ Per-scrape limit on number of labels that will be accepted for a sample.
+ Only valid in Prometheus versions 2.27.0 and newer.
+ format: int64
+ type: integer
+ labelNameLengthLimit:
+ description: |-
+ Per-scrape limit on length of labels name that will be accepted for a sample.
+ Only valid in Prometheus versions 2.27.0 and newer.
+ format: int64
+ type: integer
+ labelValueLengthLimit:
+ description: |-
+ Per-scrape limit on length of labels value that will be accepted for a sample.
+ Only valid in Prometheus versions 2.27.0 and newer.
+ format: int64
+ type: integer
+ linodeSDConfigs:
+ description: LinodeSDConfigs defines a list of Linode service discovery configurations.
+ items:
+ properties:
+ authorization:
+ description: Authorization header configuration.
+ properties:
+ credentials:
+ description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ description: |-
+ Defines the authentication type. The value is case-insensitive.
+
+
+ "Basic" is not a supported value.
+
+
+ Default: "Bearer"
+ type: string
+ type: object
+ enableHTTP2:
+ description: Whether to enable HTTP2.
+ type: boolean
+ followRedirects:
+ description: Configure whether HTTP requests follow HTTP 3xx redirects.
+ type: boolean
+ noProxy:
+ description: |-
+ `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
+ that should be excluded from proxying. IP and domain names can
+ contain port numbers.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: string
+ oauth2:
+ description: |-
+ Optional OAuth 2.0 configuration.
+ Cannot be used at the same time as `authorization`.
+ properties:
+ clientId:
+ description: |-
+ `clientId` specifies a key of a Secret or ConfigMap containing the
+ OAuth2 client's ID.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ description: |-
+ `clientSecret` specifies a key of a Secret containing the OAuth2
+ client's secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ description: |-
+ `endpointParams` configures the HTTP parameters to append to the token
+ URL.
+ type: object
+ scopes:
+ description: '`scopes` defines the OAuth2 scopes used for the token request.'
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ description: '`tokenURL` configures the URL to fetch the token from.'
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ port:
+ description: Default port to scrape metrics from.
+ format: int32
+ maximum: 65535
+ minimum: 0
+ type: integer
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ description: |-
+ ProxyConnectHeader optionally specifies headers to send to
+ proxies during CONNECT requests.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: object
+ x-kubernetes-map-type: atomic
+ proxyFromEnvironment:
+ description: |-
+ Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
+ If unset, Prometheus uses its default value.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: boolean
+ proxyUrl:
+ description: |-
+ `proxyURL` defines the HTTP proxy server to use.
+
+
+ It requires Prometheus >= v2.43.0.
+ pattern: ^http(s)?://.+$
+ type: string
+ refreshInterval:
+ description: Time after which the linode instances are refreshed.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ region:
+ description: Optional region to filter on.
+ minLength: 1
+ type: string
+ tagSeparator:
+ description: The string by which Linode Instance tags are joined into the tag label.
+ minLength: 1
+ type: string
+ tlsConfig:
+ description: TLS configuration applying to the target HTTP endpoint.
+ properties:
+ ca:
+ description: Certificate authority used when verifying server certificates.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ description: Client certificate to present when doing client-authentication.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keySecret:
+ description: Secret containing the client key file for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: object
+ type: object
+ type: array
+ metricRelabelings:
+ description: MetricRelabelConfigs to apply to samples before ingestion.
+ items:
+ description: |-
+ RelabelConfig allows dynamic rewriting of the label set for targets, alerts,
+ scraped samples and remote write samples.
+
+
+ More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+ properties:
+ action:
+ default: replace
+ description: |-
+ Action to perform based on the regex matching.
+
+
+ `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0.
+ `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0.
+
+
+ Default: "Replace"
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ description: |-
+ Modulus to take of the hash of the source label values.
+
+
+ Only applicable when the action is `HashMod`.
+ format: int64
+ type: integer
+ regex:
+ description: Regular expression against which the extracted value is matched.
+ type: string
+ replacement:
+ description: |-
+ Replacement value against which a Replace action is performed if the
+ regular expression matches.
+
+
+ Regex capture groups are available.
+ type: string
+ separator:
+ description: Separator is the string between concatenated SourceLabels.
+ type: string
+ sourceLabels:
+ description: |-
+ The source labels select values from existing labels. Their content is
+ concatenated using the configured Separator and matched against the
+ configured regular expression.
+ items:
+ description: |-
+ LabelName is a valid Prometheus label name which may only contain ASCII
+ letters, numbers, as well as underscores.
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ description: |-
+ Label to which the resulting string is written in a replacement.
+
+
+ It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`,
+ `KeepEqual` and `DropEqual` actions.
+
+
+ Regex capture groups are available.
+ type: string
+ type: object
+ type: array
+ metricsPath:
+ description: MetricsPath HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics).
+ type: string
+ noProxy:
+ description: |-
+ `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
+ that should be excluded from proxying. IP and domain names can
+ contain port numbers.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: string
+ openstackSDConfigs:
+ description: OpenStackSDConfigs defines a list of OpenStack service discovery configurations.
+ items:
+ description: |-
+ OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances.
+ See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#openstack_sd_config
+ properties:
+ allTenants:
+ description: |-
+ Whether the service discovery should list all instances for all projects.
+ It is only relevant for the 'instance' role and usually requires admin permissions.
+ type: boolean
+ applicationCredentialId:
+ description: ApplicationCredentialID
+ type: string
+ applicationCredentialName:
+ description: |-
+ The ApplicationCredentialID or ApplicationCredentialName fields are
+ required if using an application credential to authenticate. Some providers
+ allow you to create an application credential to authenticate rather than a
+ password.
+ type: string
+ applicationCredentialSecret:
+ description: |-
+ The applicationCredentialSecret field is required if using an application
+ credential to authenticate.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ availability:
+ description: Availability of the endpoint to connect to.
+ enum:
+ - Public
+ - public
+ - Admin
+ - admin
+ - Internal
+ - internal
+ type: string
+ domainID:
+ description: DomainID
+ type: string
+ domainName:
+ description: |-
+ At most one of domainId and domainName must be provided if using username
+ with Identity V3. Otherwise, either are optional.
+ type: string
+ identityEndpoint:
+ description: |-
+ IdentityEndpoint specifies the HTTP endpoint that is required to work with
+ the Identity API of the appropriate version.
+ type: string
+ password:
+ description: |-
+ Password for the Identity V2 and V3 APIs. Consult with your provider's
+ control panel to discover your account's preferred method of authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ port:
+ description: |-
+ The port to scrape metrics from. If using the public IP address, this must
+ instead be specified in the relabeling rule.
+ type: integer
+ projectID:
+ description: ' ProjectID'
+ type: string
+ projectName:
+ description: |-
+ The ProjectId and ProjectName fields are optional for the Identity V2 API.
+ Some providers allow you to specify a ProjectName instead of the ProjectId.
+ Some require both. Your provider's authentication policies will determine
+ how these fields influence authentication.
+ type: string
+ refreshInterval:
+ description: Refresh interval to re-read the instance list.
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ region:
+ description: The OpenStack Region.
+ minLength: 1
+ type: string
+ role:
+ description: The OpenStack role of entities that should be discovered.
+ enum:
+ - Instance
+ - instance
+ - Hypervisor
+ - hypervisor
+ type: string
+ tlsConfig:
+ description: TLS configuration applying to the target HTTP endpoint.
+ properties:
+ ca:
+ description: Certificate authority used when verifying server certificates.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ description: Client certificate to present when doing client-authentication.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keySecret:
+ description: Secret containing the client key file for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: object
+ userid:
+ description: UserID
+ type: string
+ username:
+ description: |-
+ Username is required if using Identity V2 API. Consult with your provider's
+ control panel to discover your account's username.
+ In Identity V3, either userid or a combination of username
+ and domainId or domainName are needed
type: string
+ required:
+ - region
+ - role
type: object
type: array
- metricsPath:
- description: MetricsPath HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics).
- type: string
- noProxy:
+ params:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: Optional HTTP URL parameters
+ type: object
+ x-kubernetes-map-type: atomic
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
description: |-
- `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
- that should be excluded from proxying. IP and domain names can
- contain port numbers.
+ ProxyConnectHeader optionally specifies headers to send to
+ proxies during CONNECT requests.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: object
+ x-kubernetes-map-type: atomic
+ proxyFromEnvironment:
+ description: |-
+ Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
+ If unset, Prometheus uses its default value.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: boolean
+ proxyUrl:
+ description: |-
+ `proxyURL` defines the HTTP proxy server to use.
It requires Prometheus >= v2.43.0.
+ pattern: ^http(s)?://.+$
type: string
- openstackSDConfigs:
- description: OpenStackSDConfigs defines a list of OpenStack service discovery configurations.
+ puppetDBSDConfigs:
+ description: PuppetDBSDConfigs defines a list of PuppetDB service discovery configurations.
items:
- description: |-
- OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances.
- See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#openstack_sd_config
properties:
- allTenants:
+ authorization:
description: |-
- Whether the service discovery should list all instances for all projects.
- It is only relevant for the 'instance' role and usually requires admin permissions.
+ Optional `authorization` HTTP header configuration.
+ Cannot be set at the same time as `basicAuth`, or `oauth2`.
+ properties:
+ credentials:
+ description: Selects a key of a Secret in the namespace that contains the credentials for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ description: |-
+ Defines the authentication type. The value is case-insensitive.
+
+
+ "Basic" is not a supported value.
+
+
+ Default: "Bearer"
+ type: string
+ type: object
+ basicAuth:
+ description: |-
+ Optional HTTP basic authentication information.
+ Cannot be set at the same time as `authorization`, or `oauth2`.
+ properties:
+ password:
+ description: |-
+ `password` specifies a key of a Secret containing the password for
+ authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ description: |-
+ `username` specifies a key of a Secret containing the username for
+ authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ enableHTTP2:
+ description: Configure whether to enable HTTP2.
type: boolean
- applicationCredentialId:
- description: ApplicationCredentialID
- type: string
- applicationCredentialName:
+ followRedirects:
+ description: Configure whether the HTTP requests should follow HTTP 3xx redirects.
+ type: boolean
+ includeParameters:
description: |-
- The ApplicationCredentialID or ApplicationCredentialName fields are
- required if using an application credential to authenticate. Some providers
- allow you to create an application credential to authenticate rather than a
- password.
+ Whether to include the parameters as meta labels.
+ Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure
+ that you don't have secrets exposed as parameters if you enable this.
+ type: boolean
+ noProxy:
+ description: |-
+ `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names
+ that should be excluded from proxying. IP and domain names can
+ contain port numbers.
+
+
+ It requires Prometheus >= v2.43.0.
type: string
- applicationCredentialSecret:
+ oauth2:
description: |-
- The applicationCredentialSecret field is required if using an application
- credential to authenticate.
+ Optional OAuth2.0 configuration.
+ Cannot be set at the same time as `basicAuth`, or `authorization`.
properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
+ clientId:
+ description: |-
+ `clientId` specifies a key of a Secret or ConfigMap containing the
+ OAuth2 client's ID.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ `clientSecret` specifies a key of a Secret containing the OAuth2
+ client's secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ description: |-
+ `endpointParams` configures the HTTP parameters to append to the token
+ URL.
+ type: object
+ scopes:
+ description: '`scopes` defines the OAuth2 scopes used for the token request.'
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ description: '`tokenURL` configures the URL to fetch the token from.'
+ minLength: 1
type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
required:
- - key
+ - clientId
+ - clientSecret
+ - tokenUrl
type: object
- x-kubernetes-map-type: atomic
- availability:
- description: Availability of the endpoint to connect to.
- enum:
- - Public
- - public
- - Admin
- - admin
- - Internal
- - internal
- type: string
- domainID:
- description: DomainID
- type: string
- domainName:
- description: |-
- At most one of domainId and domainName must be provided if using username
- with Identity V3. Otherwise, either are optional.
- type: string
- identityEndpoint:
- description: |-
- IdentityEndpoint specifies the HTTP endpoint that is required to work with
- the Identity API of the appropriate version.
- type: string
- password:
+ port:
+ description: Port to scrape the metrics from.
+ format: int32
+ maximum: 65535
+ minimum: 0
+ type: integer
+ proxyConnectHeader:
+ additionalProperties:
+ items:
+ description: SecretKeySelector selects a key of a Secret.
+ properties:
+ key:
+ description: The key of the secret to select from. Must be a valid secret key.
+ type: string
+ name:
+ default: ""
+ description: |-
+ Name of the referent.
+ This field is effectively required, but due to backwards compatibility is
+ allowed to be empty. Instances of this type with an empty value here are
+ almost certainly wrong.
+ TODO: Add other useful fields. apiVersion, kind, uid?
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
description: |-
- Password for the Identity V2 and V3 APIs. Consult with your provider's
- control panel to discover your account's preferred method of authentication.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
+ ProxyConnectHeader optionally specifies headers to send to
+ proxies during CONNECT requests.
+
+
+ It requires Prometheus >= v2.43.0.
type: object
x-kubernetes-map-type: atomic
- port:
+ proxyFromEnvironment:
description: |-
- The port to scrape metrics from. If using the public IP address, this must
- instead be specified in the relabeling rule.
- type: integer
- projectID:
- description: ' ProjectID'
+ Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
+ If unset, Prometheus uses its default value.
+
+
+ It requires Prometheus >= v2.43.0.
+ type: boolean
+ proxyUrl:
+ description: |-
+ `proxyURL` defines the HTTP proxy server to use.
+
+
+ It requires Prometheus >= v2.43.0.
+ pattern: ^http(s)?://.+$
type: string
- projectName:
+ query:
description: |-
- The ProjectId and ProjectName fields are optional for the Identity V2 API.
- Some providers allow you to specify a ProjectName instead of the ProjectId.
- Some require both. Your provider's authentication policies will determine
- how these fields influence authentication.
+ Puppet Query Language (PQL) query. Only resources are supported.
+ https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html
+ minLength: 1
type: string
refreshInterval:
- description: Refresh interval to re-read the instance list.
+ description: Refresh interval to re-read the list of resources.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
- region:
- description: The OpenStack Region.
- minLength: 1
- type: string
- role:
- description: The OpenStack role of entities that should be discovered.
- enum:
- - Instance
- - instance
- - Hypervisor
- - hypervisor
- type: string
tlsConfig:
- description: TLS configuration applying to the target HTTP endpoint.
+ description: TLS configuration to connect to the Puppet DB.
properties:
ca:
description: Certificate authority used when verifying server certificates.
@@ -4705,80 +6046,16 @@ spec:
description: Used to verify the hostname for the targets.
type: string
type: object
- userid:
- description: UserID
- type: string
- username:
- description: |-
- Username is required if using Identity V2 API. Consult with your provider's
- control panel to discover your account's username.
- In Identity V3, either userid or a combination of username
- and domainId or domainName are needed
+ url:
+ description: The URL of the PuppetDB root query endpoint.
+ minLength: 1
+ pattern: ^http(s)?://.+$
type: string
required:
- - region
- - role
+ - query
+ - url
type: object
type: array
- params:
- additionalProperties:
- items:
- type: string
- type: array
- description: Optional HTTP URL parameters
- type: object
- x-kubernetes-map-type: atomic
- proxyConnectHeader:
- additionalProperties:
- items:
- description: SecretKeySelector selects a key of a Secret.
- properties:
- key:
- description: The key of the secret to select from. Must be a valid secret key.
- type: string
- name:
- default: ""
- description: |-
- Name of the referent.
- This field is effectively required, but due to backwards compatibility is
- allowed to be empty. Instances of this type with an empty value here are
- almost certainly wrong.
- TODO: Add other useful fields. apiVersion, kind, uid?
- More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: array
- description: |-
- ProxyConnectHeader optionally specifies headers to send to
- proxies during CONNECT requests.
-
-
- It requires Prometheus >= v2.43.0.
- type: object
- x-kubernetes-map-type: atomic
- proxyFromEnvironment:
- description: |-
- Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).
- If unset, Prometheus uses its default value.
-
-
- It requires Prometheus >= v2.43.0.
- type: boolean
- proxyUrl:
- description: |-
- `proxyURL` defines the HTTP proxy server to use.
-
-
- It requires Prometheus >= v2.43.0.
- pattern: ^http(s)?://.+$
- type: string
relabelings:
description: |-
RelabelConfigs defines how to rewrite the target's labels before scraping.
diff --git a/manifests/setup/0servicemonitorCustomResourceDefinition.yaml b/manifests/setup/0servicemonitorCustomResourceDefinition.yaml
index 7d38e5248d5e754ecdd83573e079cb3e2efc11d9..ef86a88796fa027c6d3a0493668753415aa85889 100644
--- a/manifests/setup/0servicemonitorCustomResourceDefinition.yaml
+++ b/manifests/setup/0servicemonitorCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: servicemonitors.monitoring.coreos.com
spec:
diff --git a/manifests/setup/0thanosrulerCustomResourceDefinition.yaml b/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
index 3e41256681b346e5090d8b2167a9b4a9b020cfb5..fe8cb53d1aca4dcd5c01560e8430fffdf13120bd 100644
--- a/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
+++ b/manifests/setup/0thanosrulerCustomResourceDefinition.yaml
@@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
+ controller-gen.kubebuilder.io/version: v0.15.0
operator.prometheus.io/version: 0.74.0
name: thanosrulers.monitoring.coreos.com
spec: