- Feb 04, 2022
-
-
Paweł Krupa (paulfantom) authored
-
Paweł Krupa authored
-
ArthurSens authored
Signed-off-by:ArthurSens <arthursens2005@gmail.com>
-
- Feb 03, 2022
-
-
Paweł Krupa authored
-
Arunprasad Rajkumar authored
This is a follow up fix of https://github.com/prometheus-operator/kube-prometheus/pull/1613 . @simonpasquier recommended to sanitize all denylist metrics. Signed-off-by:
Arunprasad Rajkumar <arajkuma@redhat.com>
-
Paweł Krupa authored
-
Arunprasad Rajkumar authored
The following metrics are missing from kube-state-metrics: - kube_pod_container_status_terminated_reason - kube_pod_init_container_status_terminated_reason - kube_pod_status_scheduled_time Previously, some metrics were removed from kube-state-metrics by adding the following --metric-denylist argument to the kube-state-metrics container ``` --metric-denylist= kube_.+_created, kube_.+_metadata_resource_version, kube_replicaset_metadata_generation, kube_replicaset_status_observed_generation, kube_pod_restart_policy, kube_pod_init_container_status_terminated, kube_pod_init_container_status_running, kube_pod_container_status_terminated, kube_pod_container_status_running, kube_pod_completion_time, kube_pod_status_scheduled ``` --metric-denylist: Comma-separated list of metrics not to be enabled. This list comprises of exact metric names and/or regex patterns. The allowlist and denylist are mutually exclusive. However, all the list of metrics is managed as RegEx, thus "kube_pod_container_status_terminated" denies .*kube_pod_container_status_terminated.*, that's why kube_pod_init_container_status_terminated_reason is missing Co-authored-by:
Florian Gleizes <fgleizes@redhat.com> Signed-off-by:
-
- Feb 02, 2022
-
-
Arthur Silva Sens authored
Drop Linux capabilities
-
- Feb 01, 2022
-
-
Arthur Silva Sens authored
jsonnet: filter out kube-proxy alerts when kube-proxy is disabled
-
Paweł Krupa (paulfantom) authored
-
Paweł Krupa (paulfantom) authored
Signed-off-by:Paweł Krupa (paulfantom) <pawel@krupa.net.pl>
-
Arthur Silva Sens authored
Signed-off-by:GitHub <noreply@github.com>
-
- Jan 31, 2022
-
-
Paweł Krupa authored
-
ArthurSens authored
Signed-off-by: -
Arthur Silva Sens authored
[bot] [main] Automated version update
-
Prometheus Operator Bot authored
-
Paweł Krupa authored
-
Paweł Krupa (paulfantom) authored
This reverts commit f0d9be27.
-
- Jan 28, 2022
-
-
Arthur Silva Sens authored
-
- Jan 27, 2022
-
-
ArthurSens authored
Signed-off-by: -
Arthur Silva Sens authored
Signed-off-by: -
Simon Pasquier authored
docs: Update broken link
-
Paweł Krupa authored
-
Philip Gough authored
-
Philip Gough authored
Document security audit exceptions for node-exporter
-
- Jan 25, 2022
-
-
Paweł Krupa authored
-
ArthurSens authored
Signed-off-by:
-
- Jan 24, 2022
-
-
Philip Gough authored
-
Philip Gough authored
-
Philip Gough authored
-
Arthur Silva Sens authored
Explicitly declare allowPrivilegeEscalation to false in all components
-
Arthur Silva Sens authored
Signed-off-by: -
Arthur Silva Sens authored
Although containers that do not run as privileged already have this set to false by kubernetes Kubespace [asks us](https://hub.armo.cloud/docs/c-0016 ) to explicitly declare it to false where not needed. Signed-off-by:
-
Arthur Silva Sens authored
[bot] [main] Automated version update
-
Prometheus Operator Bot authored
-
- Jan 18, 2022
-
-
Arthur Silva Sens authored
Scan generated manifests with kubescape in CI
-
- Jan 17, 2022
-
-
Philip Gough authored
-
Philip Gough authored
-
Philip Gough authored
https://github.com/armosec/kubescape allows us to run a scan of the generated manifests and assess the security risk.
-
Philip Gough authored
build: Bump to build with Go 1.17
-
