From e93a112dfbb569760a5c24c6c207db6a1a50c5c3 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 27 Oct 2023 17:36:42 +0200
Subject: [PATCH] feat(mastodon): Add sidekiq exporter

---
 apps/base/mastodon/kustomization.yaml   |  1 +
 apps/base/mastodon/networkpolicy.yaml   |  8 +++--
 apps/base/mastodon/sidekiq-monitor.yaml | 45 +++++++++++++++++++++++++
 3 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100644 apps/base/mastodon/sidekiq-monitor.yaml

diff --git a/apps/base/mastodon/kustomization.yaml b/apps/base/mastodon/kustomization.yaml
index f699144dc..dfc9a0133 100644
--- a/apps/base/mastodon/kustomization.yaml
+++ b/apps/base/mastodon/kustomization.yaml
@@ -7,6 +7,7 @@ resources:
   - release.yaml
   - database.yaml
   - redis.yaml
+  - sidekiq-monitor.yaml
   - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
   - ../../../shared/networkpolicies/allow-from-ingress.yaml
   - ../../../shared/networkpolicies/allow-from-database.yaml
diff --git a/apps/base/mastodon/networkpolicy.yaml b/apps/base/mastodon/networkpolicy.yaml
index ce0d1df1a..15fcc28f8 100644
--- a/apps/base/mastodon/networkpolicy.yaml
+++ b/apps/base/mastodon/networkpolicy.yaml
@@ -14,5 +14,9 @@ metadata:
   name: allow-from-monitoring
 spec:
   podSelector:
-    matchLabels:
-      app.kubernetes.io/name: mastodon
+    matchExpressions:
+      - key:  app.kubernetes.io/name
+        operator: In
+        values:
+          - mastodon
+          - sidekiq-prometheus-exporter
diff --git a/apps/base/mastodon/sidekiq-monitor.yaml b/apps/base/mastodon/sidekiq-monitor.yaml
new file mode 100644
index 000000000..ea251d4b0
--- /dev/null
+++ b/apps/base/mastodon/sidekiq-monitor.yaml
@@ -0,0 +1,45 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: sidekiq-prometheus
+  namespace: mastodon
+spec:
+  interval: 30m
+  url: https://strech.github.io/sidekiq-prometheus-exporter
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: sidekiq-prometheus
+  namespace: mastodon
+spec:
+  serviceAccountName: flux-reconciler
+  timeout: 15m
+  releaseName: sidekiq-prometheus
+  chart:
+    spec:
+      chart: sidekiq-prometheus-exporter
+      sourceRef:
+        kind: HelmRepository
+        name: sidekiq-prometheus
+        namespace: mastodon
+  install:
+    remediation:
+      retries: -1
+  upgrade:
+    remediation:
+      retries: -1
+  interval: 15m
+  values:
+    env:
+      REDIS_HOST: mastodon-redis-master
+    serviceMonitor:
+      enabled: true
+    # Used to match the Upstream UID/GID
+    securityContext:
+      runAsNonRoot: true
+      runAsUser: 991
+      runAsGroup: 991
+      fsGroup: 991
+      seccompProfile:
+        type: "RuntimeDefault"
\ No newline at end of file
-- 
GitLab