fix
This commit is contained in:
@@ -10,7 +10,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -22,7 +22,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -38,7 +38,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -61,7 +61,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
@@ -10,7 +10,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -22,7 +22,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -38,7 +38,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -51,7 +51,7 @@ module "application" {
|
||||
}
|
||||
|
||||
module "oauth2" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
@@ -16,7 +16,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -32,7 +32,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -45,7 +45,7 @@ module "application" {
|
||||
}
|
||||
|
||||
module "oauth2" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
17
apps/gramo/check.rhai
Normal file
17
apps/gramo/check.rhai
Normal file
@@ -0,0 +1,17 @@
|
||||
const DOMAIN = config.domain;
|
||||
fn check_domain() {
|
||||
assert(have_namespace(`${global::DOMAIN}`), `There is no ${global::DOMAIN} namespace`);
|
||||
}
|
||||
fn check_authentik() {
|
||||
assert(have_namespace(`${global::DOMAIN}-auth`), `There is no ${global::DOMAIN}-auth namespace`);
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik"), `No authentik installation in ${global::DOMAIN}-auth`);
|
||||
assert(have_secret(`${global::DOMAIN}-auth`, "authentik"), `No authentik secret in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn check_authentik_forward() {
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn pre_check() {
|
||||
check_domain();
|
||||
check_authentik();
|
||||
check_authentik_forward();
|
||||
}
|
||||
@@ -10,7 +10,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -22,7 +22,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -38,7 +38,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -61,7 +61,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
17
apps/infisical/check.rhai
Normal file
17
apps/infisical/check.rhai
Normal file
@@ -0,0 +1,17 @@
|
||||
const DOMAIN = config.domain;
|
||||
fn check_domain() {
|
||||
assert(have_namespace(`${global::DOMAIN}`), `There is no ${global::DOMAIN} namespace`);
|
||||
}
|
||||
fn check_authentik() {
|
||||
assert(have_namespace(`${global::DOMAIN}-auth`), `There is no ${global::DOMAIN}-auth namespace`);
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik"), `No authentik installation in ${global::DOMAIN}-auth`);
|
||||
assert(have_secret(`${global::DOMAIN}-auth`, "authentik"), `No authentik secret in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn check_authentik_forward() {
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn pre_check() {
|
||||
check_domain();
|
||||
check_authentik();
|
||||
check_authentik_forward();
|
||||
}
|
||||
@@ -9,7 +9,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -21,7 +21,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -37,7 +37,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -60,7 +60,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
module "redis" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//redis"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//redis?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -11,7 +11,7 @@ module "redis" {
|
||||
}
|
||||
}
|
||||
module "mongo" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//mongo"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//mongo?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
17
apps/okd/check.rhai
Normal file
17
apps/okd/check.rhai
Normal file
@@ -0,0 +1,17 @@
|
||||
const DOMAIN = config.domain;
|
||||
fn check_domain() {
|
||||
assert(have_namespace(`${global::DOMAIN}`), `There is no ${global::DOMAIN} namespace`);
|
||||
}
|
||||
fn check_authentik() {
|
||||
assert(have_namespace(`${global::DOMAIN}-auth`), `There is no ${global::DOMAIN}-auth namespace`);
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik"), `No authentik installation in ${global::DOMAIN}-auth`);
|
||||
assert(have_secret(`${global::DOMAIN}-auth`, "authentik"), `No authentik secret in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn check_authentik_forward() {
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn pre_check() {
|
||||
check_domain();
|
||||
check_authentik();
|
||||
check_authentik_forward();
|
||||
}
|
||||
@@ -10,7 +10,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -22,7 +22,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -38,7 +38,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -61,7 +61,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
17
apps/traefik-ui/check.rhai
Normal file
17
apps/traefik-ui/check.rhai
Normal file
@@ -0,0 +1,17 @@
|
||||
const DOMAIN = config.domain;
|
||||
fn check_domain() {
|
||||
assert(have_namespace(`${global::DOMAIN}`), `There is no ${global::DOMAIN} namespace`);
|
||||
}
|
||||
fn check_authentik() {
|
||||
assert(have_namespace(`${global::DOMAIN}-auth`), `There is no ${global::DOMAIN}-auth namespace`);
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik"), `No authentik installation in ${global::DOMAIN}-auth`);
|
||||
assert(have_secret(`${global::DOMAIN}-auth`, "authentik"), `No authentik secret in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn check_authentik_forward() {
|
||||
assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
|
||||
}
|
||||
fn pre_check() {
|
||||
check_domain();
|
||||
check_authentik();
|
||||
check_authentik_forward();
|
||||
}
|
||||
@@ -16,7 +16,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -32,7 +32,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -55,7 +55,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
16
apps/woodpecker/check.rhai
Normal file
16
apps/woodpecker/check.rhai
Normal file
@@ -0,0 +1,16 @@
|
||||
const DOMAIN = config.domain;
|
||||
fn check_domain() {
|
||||
assert(have_namespace(`${global::DOMAIN}`), `There is no ${global::DOMAIN} namespace`);
|
||||
}
|
||||
fn check_gitea() {
|
||||
assert(have_namespace(`${global::DOMAIN}-ci`), `There is no ${global::DOMAIN}-ci namespace`);
|
||||
assert(have_install(`${global::DOMAIN}-ci`, "gitea"), `No gitea installation in ${global::DOMAIN}-ci`);
|
||||
assert(have_ingress(`${global::DOMAIN}-ci`, "gitea"), `No gitea ingress in ${global::DOMAIN}-ci`);
|
||||
assert(have_service(`${global::DOMAIN}-ci`, "gitea-ssh"), `No gitea-ssh service in ${global::DOMAIN}-ci`);
|
||||
assert(have_secret(`${global::DOMAIN}-ci`, "gitea"), `No gitea secret in ${global::DOMAIN}-ci`);
|
||||
assert(have_secret(`${global::DOMAIN}-ci`, "gitea-admin-user"), `No gitea-admin-user secret in ${global::DOMAIN}-ci`);
|
||||
}
|
||||
fn pre_check() {
|
||||
check_domain();
|
||||
check_gitea();
|
||||
}
|
||||
@@ -11,7 +11,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -27,7 +27,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
|
||||
@@ -19,7 +19,7 @@ locals {
|
||||
}
|
||||
|
||||
module "service" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -31,7 +31,7 @@ module "service" {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -47,7 +47,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -60,7 +60,7 @@ module "application" {
|
||||
}
|
||||
|
||||
module "oauth2" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
@@ -40,7 +40,7 @@ data "kustomization_overlay" "data" {
|
||||
spec:
|
||||
image: "${var.images.alertmanager.registry}/${var.images.alertmanager.repository}:${var.images.alertmanager.tag}"
|
||||
version: ${var.images.alertmanager.tag}
|
||||
externalUrl: http://${var.component}-${var.instance}.${var.namespace}:9093
|
||||
externalUrl: http://${var.instance}-${var.component}.${var.namespace}:9093
|
||||
replicas: ${var.replicas}
|
||||
listenLocal: ${var.listenLocal}
|
||||
logLevel: "${var.logLevel}"
|
||||
@@ -64,7 +64,7 @@ data "kustomization_overlay" "data" {
|
||||
- name: Alertmanager
|
||||
type: alertmanager
|
||||
uid: alertmanager
|
||||
url: http://${var.component}-${var.instance}.${var.namespace}:9093/
|
||||
url: http://${var.instance}-${var.component}.${var.namespace}:9093/
|
||||
access: proxy
|
||||
jsonData:
|
||||
handleGrafanaManagedAlerts: false
|
||||
|
||||
29
monitor/alertmanager/index.rhai
Normal file
29
monitor/alertmanager/index.rhai
Normal file
@@ -0,0 +1,29 @@
|
||||
const NS=config.namespace;
|
||||
const SRC=src;
|
||||
const DEST=dest;
|
||||
fn pre_pack() {
|
||||
shell("helm repo add prometheus-community https://prometheus-community.github.io/helm-charts");
|
||||
shell(`helm template alertmanager prometheus-community/kube-prometheus-stack --namespace=vynil-monitor -a "monitoring.coreos.com/v1/ServiceMonitor" -a "monitoring.coreos.com/v1/PrometheusRule" --values values.yml >${global::SRC}/chart.yaml`);
|
||||
}
|
||||
fn post_pack() {
|
||||
for file in [ // v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-cluster
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-cluster-total.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-grafana-overview.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-cluster.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-multicluster.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-namespace.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-node.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-pod.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-workloads-namespace.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-workload.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-namespace-by-pod.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-namespace-by-workload.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-persistentvolumesusage.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-pod-total.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-prometheus.yaml",
|
||||
"v1_ConfigMap_alertmanager-kube-promethe-workload-total.yaml",
|
||||
"v1_Service_alertmanager-kube-promethe-alertmanager.yaml",
|
||||
] {
|
||||
shell(`rm -f ${global::DEST}/${file}`);
|
||||
}
|
||||
}
|
||||
@@ -8,26 +8,21 @@ metadata:
|
||||
An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach.
|
||||
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integration such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts.
|
||||
options:
|
||||
listenLocal:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
app_group:
|
||||
default: monitor
|
||||
examples:
|
||||
- monitor
|
||||
type: string
|
||||
ingress_class:
|
||||
default: traefik
|
||||
domain:
|
||||
default: your-company
|
||||
examples:
|
||||
- traefik
|
||||
- your-company
|
||||
type: string
|
||||
replicas:
|
||||
default: 1
|
||||
domain_name:
|
||||
default: your_company.com
|
||||
examples:
|
||||
- 1
|
||||
type: integer
|
||||
- your_company.com
|
||||
type: string
|
||||
images:
|
||||
default:
|
||||
alertmanager:
|
||||
@@ -67,16 +62,31 @@ options:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
ingress_class:
|
||||
default: traefik
|
||||
examples:
|
||||
- traefik
|
||||
type: string
|
||||
issuer:
|
||||
default: letsencrypt-prod
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
listenLocal:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
logLevel:
|
||||
default: info
|
||||
examples:
|
||||
- info
|
||||
type: string
|
||||
replicas:
|
||||
default: 1
|
||||
examples:
|
||||
- 1
|
||||
type: integer
|
||||
retention:
|
||||
default: 120h
|
||||
examples:
|
||||
@@ -87,16 +97,6 @@ options:
|
||||
examples:
|
||||
- alertmanager
|
||||
type: string
|
||||
domain:
|
||||
default: your-company
|
||||
examples:
|
||||
- your-company
|
||||
type: string
|
||||
domain_name:
|
||||
default: your_company.com
|
||||
examples:
|
||||
- your_company.com
|
||||
type: string
|
||||
dependencies:
|
||||
- dist: null
|
||||
category: share
|
||||
|
||||
@@ -9,17 +9,18 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
image: "quay.io/prometheus/alertmanager:v0.26.0"
|
||||
version: v0.26.0
|
||||
image: "quay.io/prometheus/alertmanager:v0.27.0"
|
||||
version: v0.27.0
|
||||
replicas: 1
|
||||
listenLocal: false
|
||||
serviceAccountName: alertmanager-kube-promethe-alertmanager
|
||||
automountServiceAccountToken: true
|
||||
externalUrl: http://alertmanager-kube-promethe-alertmanager.vynil-monitor:9093
|
||||
paused: false
|
||||
logFormat: "logfmt"
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
@@ -29,5 +29,4 @@ spec:
|
||||
enableHttp2: true
|
||||
path: "/metrics"
|
||||
- port: reloader-web
|
||||
scheme: http
|
||||
path: "/metrics"
|
||||
@@ -16,7 +16,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -32,7 +32,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -55,7 +55,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
@@ -11,7 +11,7 @@ resource "kubectl_manifest" "svc" {
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "${var.component}-${var.instance}"
|
||||
name: "${var.instance}-${var.component}"
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(local.svc-label)}
|
||||
spec:
|
||||
|
||||
@@ -12,9 +12,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
data:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
data:
|
||||
|
||||
@@ -12,9 +12,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: alertmanager
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "alertmanager"
|
||||
heritage: "Helm"
|
||||
automountServiceAccountToken: true
|
||||
@@ -16,7 +16,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -32,7 +32,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -46,7 +46,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "oauth2" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
@@ -44,7 +44,7 @@ data "kustomization_overlay" "data" {
|
||||
- name: Prometheus
|
||||
type: prometheus
|
||||
uid: prometheus
|
||||
url: http://${var.component}-${var.instance}.${var.namespace}:9090/
|
||||
url: http://${var.instance}-${var.component}.${var.namespace}:9090/
|
||||
access: proxy
|
||||
isDefault: false
|
||||
jsonData:
|
||||
|
||||
30
monitor/prometheus/index.rhai
Normal file
30
monitor/prometheus/index.rhai
Normal file
@@ -0,0 +1,30 @@
|
||||
const NS=config.namespace;
|
||||
const SRC=src;
|
||||
const DEST=dest;
|
||||
fn pre_pack() {
|
||||
shell("helm repo add prometheus-community https://prometheus-community.github.io/helm-charts");
|
||||
shell(`helm template prometheus prometheus-community/kube-prometheus-stack --namespace=vynil-monitor -a "monitoring.coreos.com/v1/ServiceMonitor" -a "monitoring.coreos.com/v1/PrometheusRule" --values values.yml >${global::SRC}/chart.yaml`);
|
||||
}
|
||||
fn post_pack() {
|
||||
for file in [
|
||||
"monitoring.coreos.com_v1_Prometheus_prometheus-kube-prometheus-prometheus.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-alertmanager-overview.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-cluster-total.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-grafana-overview.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-cluster.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-multicluster.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-namespace.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-node.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-pod.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-workloads-namespace.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-workload.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-namespace-by-pod.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-namespace-by-workload.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-persistentvolumesusage.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-pod-total.yaml",
|
||||
"v1_ConfigMap_prometheus-kube-prometheus-workload-total.yaml",
|
||||
"v1_Service_prometheus-kube-prometheus-prometheus.yaml",
|
||||
] {
|
||||
shell(`rm -f ${global::DEST}/${file}`);
|
||||
}
|
||||
}
|
||||
@@ -6,51 +6,31 @@ metadata:
|
||||
name: prometheus
|
||||
description: An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach.
|
||||
options:
|
||||
domain:
|
||||
default: your-company
|
||||
examples:
|
||||
- your-company
|
||||
type: string
|
||||
ingress_class:
|
||||
default: traefik
|
||||
examples:
|
||||
- traefik
|
||||
type: string
|
||||
shards:
|
||||
default: 1
|
||||
examples:
|
||||
- 1
|
||||
type: integer
|
||||
logLevel:
|
||||
default: info
|
||||
examples:
|
||||
- info
|
||||
type: string
|
||||
listenLocal:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
enableAdminAPI:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
issuer:
|
||||
default: letsencrypt-prod
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
alertmanager:
|
||||
default: alertmanager-alertmanager
|
||||
examples:
|
||||
- alertmanager-alertmanager
|
||||
type: string
|
||||
app_group:
|
||||
default: monitor
|
||||
examples:
|
||||
- monitor
|
||||
type: string
|
||||
domain:
|
||||
default: your-company
|
||||
examples:
|
||||
- your-company
|
||||
type: string
|
||||
domain_name:
|
||||
default: your_company.com
|
||||
examples:
|
||||
- your_company.com
|
||||
type: string
|
||||
enableAdminAPI:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
images:
|
||||
default:
|
||||
prometheus:
|
||||
@@ -90,6 +70,26 @@ options:
|
||||
type: string
|
||||
type: object
|
||||
type: object
|
||||
ingress_class:
|
||||
default: traefik
|
||||
examples:
|
||||
- traefik
|
||||
type: string
|
||||
issuer:
|
||||
default: letsencrypt-prod
|
||||
examples:
|
||||
- letsencrypt-prod
|
||||
type: string
|
||||
listenLocal:
|
||||
default: false
|
||||
examples:
|
||||
- false
|
||||
type: boolean
|
||||
logLevel:
|
||||
default: info
|
||||
examples:
|
||||
- info
|
||||
type: string
|
||||
replicas:
|
||||
default: 1
|
||||
examples:
|
||||
@@ -100,11 +100,11 @@ options:
|
||||
examples:
|
||||
- 10d
|
||||
type: string
|
||||
app_group:
|
||||
default: monitor
|
||||
shards:
|
||||
default: 1
|
||||
examples:
|
||||
- monitor
|
||||
type: string
|
||||
- 1
|
||||
type: integer
|
||||
sub_domain:
|
||||
default: prometheus
|
||||
examples:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -8,9 +8,9 @@ metadata:
|
||||
app: kube-prometheus-stack-kubelet
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
spec:
|
||||
@@ -28,5 +28,4 @@ spec:
|
||||
- port: http-web
|
||||
path: "/metrics"
|
||||
- port: reloader-web
|
||||
scheme: http
|
||||
path: "/metrics"
|
||||
@@ -16,7 +16,7 @@ locals {
|
||||
}
|
||||
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
@@ -32,7 +32,7 @@ module "ingress" {
|
||||
}
|
||||
|
||||
module "application" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
app_group = var.app_group
|
||||
@@ -55,7 +55,7 @@ provider "restapi" {
|
||||
}
|
||||
|
||||
module "forward" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
|
||||
component = var.component
|
||||
instance = var.instance
|
||||
domain = var.domain
|
||||
|
||||
@@ -9,7 +9,7 @@ resource "kubectl_manifest" "prometheus" {
|
||||
spec:
|
||||
image: "${var.images.prometheus.registry}/${var.images.prometheus.repository}:${var.images.prometheus.tag}"
|
||||
version: ${var.images.prometheus.tag}
|
||||
externalUrl: http://${var.component}-${var.instance}.${var.namespace}:9090
|
||||
externalUrl: http://${var.instance}-${var.component}.${var.namespace}:9090
|
||||
replicas: ${var.replicas}
|
||||
shards: ${var.shards}
|
||||
logLevel: ${var.logLevel}
|
||||
|
||||
@@ -8,9 +8,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
roleRef:
|
||||
|
||||
@@ -8,9 +8,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
rules:
|
||||
|
||||
@@ -11,7 +11,7 @@ resource "kubectl_manifest" "svc" {
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "${var.component}-${var.instance}"
|
||||
name: "${var.instance}-${var.component}"
|
||||
namespace: "${var.namespace}"
|
||||
labels: ${jsonencode(local.svc-label)}
|
||||
spec:
|
||||
|
||||
@@ -10,9 +10,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
data:
|
||||
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@@ -1,18 +0,0 @@
|
||||
# Source: kube-prometheus-stack/templates/prometheus/secret.yaml
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: prometheus-kube-prometheus-prometheus
|
||||
namespace: vynil-monitor
|
||||
labels:
|
||||
app: kube-prometheus-stack-prometheus
|
||||
app.kubernetes.io/component: prometheus
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
data:
|
||||
@@ -12,8 +12,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
automountServiceAccountToken: true
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
namespace: kube-system
|
||||
|
||||
@@ -9,9 +9,9 @@ metadata:
|
||||
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/instance: prometheus
|
||||
app.kubernetes.io/version: "56.9.0"
|
||||
app.kubernetes.io/version: "58.7.2"
|
||||
app.kubernetes.io/part-of: kube-prometheus-stack
|
||||
chart: kube-prometheus-stack-56.9.0
|
||||
chart: kube-prometheus-stack-58.7.2
|
||||
release: "prometheus"
|
||||
heritage: "Helm"
|
||||
namespace: kube-system
|
||||
|
||||
@@ -36,119 +36,3 @@ locals {
|
||||
}:{}
|
||||
}
|
||||
|
||||
|
||||
data "kustomization_overlay" "data" {
|
||||
namespace = var.namespace
|
||||
common_labels = local.common_labels
|
||||
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
|
||||
images {
|
||||
name = "ghcr.io/goauthentik/server"
|
||||
new_name = "${var.images.app.registry}/${var.images.app.repository}"
|
||||
new_tag = "${var.images.app.tag}"
|
||||
}
|
||||
config_map_generator {
|
||||
name = var.component
|
||||
behavior = "create"
|
||||
literals = [
|
||||
"AUTHENTIK_EMAIL__PORT=${var.email.port}",
|
||||
"AUTHENTIK_EMAIL__TIMEOUT=${var.email.timeout}",
|
||||
"AUTHENTIK_EMAIL__USE_TLS=${var.email.use_tls}",
|
||||
"AUTHENTIK_EMAIL__USE_SSL=${var.email.use_ssl}",
|
||||
"AUTHENTIK_ERROR_REPORTING__ENABLED=${var.error_reporting.enabled}",
|
||||
"AUTHENTIK_ERROR_REPORTING__ENVIRONMENT=${var.error_reporting.environment}",
|
||||
"AUTHENTIK_ERROR_REPORTING__SEND_PII=${var.error_reporting.send_pii}",
|
||||
"AUTHENTIK_GEOIP=${var.geoip}",
|
||||
"AUTHENTIK_LOG_LEVEL=${var.loglevel}",
|
||||
"AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=${var.images.app.registry}/${var.images.app.project}/%(type)s:%(version)s",
|
||||
"AUTHENTIK_POSTGRESQL__NAME=${var.component}",
|
||||
"AUTHENTIK_POSTGRESQL__PORT=5432",
|
||||
"AUTHENTIK_POSTGRESQL__USER=${var.component}",
|
||||
"AUTHENTIK_REDIS__HOST=${var.name}-${var.component}-redis",
|
||||
"AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain_name}",
|
||||
"GUNICORN_CMD_ARGS=--timeout=90",
|
||||
]
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "Deployment"
|
||||
name = "authentik-server"
|
||||
}
|
||||
patch = join("", concat([<<EOF
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: authentik-server
|
||||
annotations: ${jsonencode(local.server_annotations)}
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: authentik
|
||||
image: "${var.images.app.registry}/${var.images.app.repository}:${var.images.app.tag}"
|
||||
imagePullPolicy: "${var.images.app.pull_policy}"
|
||||
env:
|
||||
- name: AUTHENTIK_POSTGRESQL__PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "${var.instance}-${var.component}-pg-app"
|
||||
key: password
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: ${var.component}
|
||||
- configMapRef:
|
||||
name: ${var.component}
|
||||
EOF
|
||||
], var.customisation.configmap_name!="" && var.customisation.use_icon_left && var.customisation.use_custom_css?[<<EOF
|
||||
volumeMounts:
|
||||
- name: custom-css
|
||||
mountPath: /web/dist/custom.css
|
||||
subPath: custom.css
|
||||
- name: custom-left
|
||||
mountPath: /web/dist/assets/icons/icon_left_brand.svg
|
||||
subPath: icon_left_brand.svg
|
||||
volumes:
|
||||
- name: custom-css
|
||||
configMap:
|
||||
name: "${var.customisation.configmap_name}"
|
||||
items:
|
||||
- key: custom.css
|
||||
path: custom.css
|
||||
- name: custom-left
|
||||
configMap:
|
||||
name: "${var.customisation.configmap_name}"
|
||||
items:
|
||||
- key: icon_left_brand.svg
|
||||
path: icon_left_brand.svg
|
||||
EOF
|
||||
]
|
||||
:var.customisation.configmap_name!="" && var.customisation.use_icon_left && !var.customisation.use_custom_css?[<<EOF
|
||||
volumeMounts:
|
||||
- name: custom-left
|
||||
mountPath: /web/dist/assets/icons/icon_left_brand.svg
|
||||
subPath: icon_left_brand.svg
|
||||
volumes:
|
||||
- name: custom-left
|
||||
configMap:
|
||||
name: "${var.customisation.configmap_name}"
|
||||
items:
|
||||
- key: icon_left_brand.svg
|
||||
path: icon_left_brand.svg
|
||||
EOF
|
||||
]
|
||||
:var.customisation.configmap_name!="" && !var.customisation.use_icon_left && var.customisation.use_custom_css?[<<EOF
|
||||
volumeMounts:
|
||||
- name: custom-css
|
||||
mountPath: /web/dist/custom.css
|
||||
subPath: custom.css
|
||||
volumes:
|
||||
- name: custom-css
|
||||
configMap:
|
||||
name: "${var.customisation.configmap_name}"
|
||||
items:
|
||||
- key: custom.css
|
||||
path: custom.css
|
||||
EOF
|
||||
]
|
||||
:[""] ))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -452,9 +452,6 @@ dependencies:
|
||||
- dist: null
|
||||
category: core
|
||||
component: secret-generator
|
||||
- dist: null
|
||||
category: crd
|
||||
component: prometheus
|
||||
- dist: null
|
||||
category: crd
|
||||
component: traefik
|
||||
|
||||
@@ -50,7 +50,7 @@ resource "kubectl_manifest" "gitlab_token" {
|
||||
EOF
|
||||
}
|
||||
module "ingress" {
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
|
||||
source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
|
||||
component = ""
|
||||
instance = var.instance
|
||||
namespace = var.namespace
|
||||
|
||||
Reference in New Issue
Block a user