diff --git a/README.md b/README.md index a3416df..06b2b0a 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ Dev dependencies: - `kubefwd` 1.22.5 - `helm` v3.15.0 - `jq` jq-1.7.1 +- `golangci-lint` 1.63.4 # Installation diff --git a/deploy/prometheus/operator/bundle.yaml b/deploy/prometheus/operator/bundle.yaml index 04d445c..5a2a73e 100644 --- a/deploy/prometheus/operator/bundle.yaml +++ b/deploy/prometheus/operator/bundle.yaml @@ -3,8 +3,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -775,6 +775,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -1766,6 +1772,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -2570,6 +2582,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -3356,6 +3374,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -4176,6 +4200,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -5090,6 +5120,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -5829,6 +5865,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -6671,6 +6713,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -6848,6 +6896,12 @@ spec: message: description: Message template type: string + messageThreadID: + description: |- + The Telegram Group Topic ID. + It requires Alertmanager >= 0.26.0. + format: int64 + type: integer parseMode: description: Parse mode for telegram message enum: @@ -7436,6 +7490,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -8162,6 +8222,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -8875,6 +8941,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -9653,6 +9725,12 @@ spec: It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. type: boolean + proxyURL: + description: |- + Optional proxy URL. + + If defined, this field takes precedence over `proxyUrl`. + type: string proxyUrl: description: '`proxyURL` defines the HTTP proxy server to use.' @@ -9963,8 +10041,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -12316,7 +12394,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -12331,7 +12410,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -12380,8 +12460,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -12394,8 +12474,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -12427,7 +12507,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -12442,7 +12523,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -12491,8 +12573,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -12505,8 +12587,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -12534,7 +12616,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -12555,7 +12638,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -12574,7 +12657,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -12641,8 +12724,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -12746,7 +12828,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -12767,7 +12850,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -12786,7 +12869,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -12853,8 +12936,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -13202,7 +13284,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -13223,7 +13306,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -13242,7 +13325,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -13309,8 +13392,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -13882,7 +13964,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -13897,7 +13980,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -13946,8 +14030,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -13960,8 +14044,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -13993,7 +14077,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -14008,7 +14093,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -14057,8 +14143,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -14071,8 +14157,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -14100,7 +14186,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -14121,7 +14208,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -14140,7 +14227,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -14207,8 +14294,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -14312,7 +14398,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -14333,7 +14420,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -14352,7 +14439,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -14419,8 +14506,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -14768,7 +14854,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -14789,7 +14876,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -14808,7 +14895,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -14875,8 +14962,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -15100,6 +15186,29 @@ spec: If set to true all actions on the underlying managed objects are not goint to be performed, except for delete actions. type: boolean + persistentVolumeClaimRetentionPolicy: + description: |- + The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + The default behavior is all PVCs are retained. + This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. + It requires enabling the StatefulSetAutoDeletePVC feature gate. + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object podMetadata: description: |- PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. @@ -15319,6 +15428,32 @@ spec: Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer + seLinuxChangePolicy: + description: |- + seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + Valid values are "MountOption" and "Recursive". + + "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + + "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + This requires all Pods that share the same volume to use the same SELinux label. + It is not possible to share the same volume among privileged and unprivileged Pods. + Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + CSIDriver instance. Other volumes are always re-labelled recursively. + "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + + If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + and "Recursive" for all other volumes. + + This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + + All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + Note that this field cannot be set when spec.os.name is windows. + type: string seLinuxOptions: description: |- The SELinux context to be applied to all containers. @@ -16121,18 +16256,15 @@ spec: persistent volume is being resized. type: string status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required type: string type: description: |- - PersistentVolumeClaimConditionType defines the condition of PV claim. - Valid values are: - - "Resizing", "FileSystemResizePending" - - If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected: - - "ControllerResizeError", "NodeResizeError" - - If VolumeAttributesClass feature gate is enabled, then following additional values can be expected: - - "ModifyVolumeError", "ModifyingVolume" + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about type: string required: - status @@ -16486,6 +16618,8 @@ spec: description: |- awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: @@ -16517,8 +16651,10 @@ spec: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. + description: |- + azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + are redirected to the disk.csi.azure.com CSI driver. properties: cachingMode: description: 'cachingMode is the Host Caching mode: None, @@ -16556,8 +16692,10 @@ spec: - diskURI type: object azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. + description: |- + azureFile represents an Azure File Service mount on the host and bind mount to the pod. + Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + are redirected to the file.csi.azure.com CSI driver. properties: readOnly: description: |- @@ -16576,8 +16714,9 @@ spec: - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime + description: |- + cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. properties: monitors: description: |- @@ -16629,6 +16768,8 @@ spec: cinder: description: |- cinder represents a cinder volume attached and mounted on kubelets host machine. + Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: @@ -16738,8 +16879,7 @@ spec: x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). + storage that is handled by certain external CSI drivers. properties: driver: description: |- @@ -17205,6 +17345,7 @@ spec: description: |- flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. properties: driver: description: driver is the name of the driver to use for @@ -17250,9 +17391,9 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running + description: |- + flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. properties: datasetName: description: |- @@ -17268,6 +17409,8 @@ spec: description: |- gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: @@ -17303,7 +17446,7 @@ spec: gitRepo: description: |- gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. properties: @@ -17327,6 +17470,7 @@ spec: glusterfs: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: @@ -17536,8 +17680,9 @@ spec: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine + description: |- + photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. properties: fsType: description: |- @@ -17553,8 +17698,11 @@ spec: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine + description: |- + portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + is on. properties: fsType: description: |- @@ -17919,8 +18067,9 @@ spec: x-kubernetes-list-type: atomic type: object quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime + description: |- + quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. properties: group: description: |- @@ -17959,6 +18108,7 @@ spec: rbd: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: @@ -18031,8 +18181,9 @@ spec: - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. + description: |- + scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. properties: fsType: default: xfs @@ -18164,8 +18315,9 @@ spec: type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + description: |- + storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. properties: fsType: description: |- @@ -18210,8 +18362,10 @@ spec: type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + description: |- + vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + are redirected to the csi.vsphere.vmware.com CSI driver. properties: fsType: description: |- @@ -18310,7 +18464,12 @@ spec: description: Defines the TLS parameters for HTTPS. properties: cert: - description: Contains the TLS certificate for the server. + description: |- + Secret or ConfigMap containing the TLS certificate for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `certFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -18363,20 +18522,28 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the Prometheus container for the server. - Mutually exclusive with `cert`. + Path to the TLS certificate file in the container for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `cert`. type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - Go default cipher suites are used. Available cipher suites are documented - in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + List of supported cipher suites for TLS versions up to TLS 1.2. + + If not defined, the Go default cipher suites are used. + Available cipher suites are documented in the Go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants items: type: string type: array client_ca: - description: Contains the CA certificate for client certificate + description: |- + Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. + + It is mutually exclusive with `clientCAFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -18429,30 +18596,43 @@ spec: type: object clientAuthType: description: |- - Server policy for client authentication. Maps to ClientAuth Policies. + The server policy for client TLS authentication. + For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to the server. - Mutually exclusive with `client_ca`. + Path to the CA certificate file for client certificate authentication to + the server. + + It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- Elliptic curves that will be used in an ECDHE handshake, in preference - order. Available curves are documented in the go documentation: + order. + + Available curves are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#CurveID items: type: string type: array keyFile: description: |- - Path to the TLS key file in the Prometheus container for the server. - Mutually exclusive with `keySecret`. + Path to the TLS private key file in the container for the web server. + + If defined, either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keySecret`. type: string keySecret: - description: Secret containing the TLS key for the server. + description: |- + Secret containing the TLS private key for the web server. + + Either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keyFile`. properties: key: description: The key of the secret to select from. Must @@ -18476,18 +18656,17 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. Defaults - to TLS13. + description: Maximum TLS version that is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. Defaults - to TLS12. + description: Minimum TLS version that is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the - client's most preferred cipher suite, or the server's most preferred - cipher suite. If true then the server's preference, as expressed in + Controls whether the server selects the client's most preferred cipher + suite, or the server's most preferred cipher suite. + + If true then the server's preference, as expressed in the order of elements in cipherSuites, is used. type: boolean type: object @@ -18535,9 +18714,11 @@ spec: type: string status: description: Status of the condition. + minLength: 1 type: string type: description: Type of the condition being reported. + minLength: 1 type: string required: - lastTransitionTime @@ -18598,8 +18779,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -18672,6 +18853,18 @@ spec: It requires Prometheus >= v2.28.0. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string + fallbackScrapeProtocol: + description: |- + The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + + It requires Prometheus >= v3.0.0. + enum: + - PrometheusProto + - OpenMetricsText0.0.1 + - OpenMetricsText1.0.0 + - PrometheusText0.0.4 + - PrometheusText1.0.0 + type: string jobLabel: description: |- The label to use to retrieve the job name from. @@ -19354,10 +19547,16 @@ spec: type: string port: description: |- - Name of the Pod port which this endpoint refers to. + The `Pod` port name which exposes the endpoint. - It takes precedence over `targetPort`. + It takes precedence over the `portNumber` and `targetPort` fields. type: string + portNumber: + description: The `Pod` port number which exposes the endpoint. + format: int32 + maximum: 65535 + minimum: 1 + type: integer proxyUrl: description: |- `proxyURL` configures the HTTP Proxy URL (e.g. @@ -19476,6 +19675,7 @@ spec: If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetPort: @@ -19486,7 +19686,7 @@ spec: Name or number of the target port of the `Pod` object behind the Service, the port must be specified with container port property. - Deprecated: use 'port' instead. + Deprecated: use 'port' or 'portNumber' instead. x-kubernetes-int-or-string: true tlsConfig: description: TLS configuration to use when scraping the target. @@ -19698,11 +19898,13 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string type: array x-kubernetes-list-type: set @@ -19753,6 +19955,18 @@ spec: type: object type: object x-kubernetes-map-type: atomic + selectorMechanism: + description: |- + Mechanism used to select the endpoints to scrape. + By default, the selection process relies on relabel configurations to filter the discovered targets. + Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + Which strategy is best for your use case needs to be carefully evaluated. + + It requires Prometheus >= v2.17.0. + enum: + - RelabelConfig + - RoleSelector + type: string targetLimit: description: |- `targetLimit` defines a limit on the number of scraped targets that will @@ -19773,8 +19987,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -19943,6 +20157,18 @@ spec: - key type: object x-kubernetes-map-type: atomic + fallbackScrapeProtocol: + description: |- + The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + + It requires Prometheus >= v3.0.0. + enum: + - PrometheusProto + - OpenMetricsText0.0.1 + - OpenMetricsText1.0.0 + - PrometheusText0.0.4 + - PrometheusText1.0.0 + type: string interval: description: |- Interval at which targets are probed using the configured prober. @@ -20468,11 +20694,13 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string type: array x-kubernetes-list-type: set @@ -20480,6 +20708,7 @@ spec: description: |- Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape timeout is used. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetLimit: @@ -20933,8 +21162,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -22595,7 +22824,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -22610,7 +22840,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -22659,8 +22890,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -22673,8 +22904,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -22706,7 +22937,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -22721,7 +22953,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -22770,8 +23003,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -22784,8 +23017,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -22813,7 +23046,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -22834,7 +23068,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -22853,7 +23087,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -22920,8 +23154,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -23025,7 +23258,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -23046,7 +23280,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -23065,7 +23299,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -23132,8 +23366,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -23481,7 +23714,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -23502,7 +23736,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -23521,7 +23755,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -23588,8 +23822,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -23841,6 +24074,14 @@ spec: type: string type: array x-kubernetes-list-type: set + enableOTLPReceiver: + description: |- + Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + + Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. + + It requires Prometheus >= v2.47.0. + type: boolean enableRemoteWriteReceiver: description: |- Enable Prometheus to be used as a receiver for the Prometheus remote @@ -24384,7 +24625,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -24399,7 +24641,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -24448,8 +24691,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -24462,8 +24705,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -24495,7 +24738,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -24510,7 +24754,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -24559,8 +24804,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -24573,8 +24818,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -24602,7 +24847,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -24623,7 +24869,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -24642,7 +24888,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -24709,8 +24955,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -24814,7 +25059,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -24835,7 +25081,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -24854,7 +25100,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -24921,8 +25167,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -25270,7 +25515,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -25291,7 +25537,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -25310,7 +25556,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -25377,8 +25623,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -25642,13 +25887,19 @@ spec: mode: description: |- Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). - For now this field has no effect. (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled. enum: - StatefulSet - DaemonSet type: string + nameValidationScheme: + description: Specifies the validation scheme for metric and label + names. + enum: + - UTF8 + - Legacy + type: string nodeSelector: additionalProperties: type: string @@ -25668,6 +25919,16 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + translationStrategy: + description: |- + Configures how the OTLP receiver endpoint translates the incoming metrics. + If unset, Prometheus uses its default value. + + It requires Prometheus >= v3.0.0. + enum: + - NoUTF8EscapingWithSuffixes + - UnderscoreEscapingWithSuffixes + type: string type: object overrideHonorLabels: description: |- @@ -27168,6 +27429,18 @@ spec: the server serves requests under a different route prefix. For example for use with `kubectl proxy`. type: string + runtime: + description: RuntimeConfig configures the values for the Prometheus + process behavior + properties: + goGC: + description: |- + The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + See: https://tip.golang.org/doc/gc-guide#GOGC + format: int32 + minimum: -1 + type: integer + type: object sampleLimit: description: |- SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. @@ -27201,6 +27474,49 @@ spec: permissions on the `Nodes` objects. type: boolean type: object + authorization: + description: |- + Authorization section for the ScrapeClass. + It will only apply if the scrape resource doesn't specify any Authorization. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File to read a secret from, mutually exclusive + with `credentials`. + type: string + type: + description: |- + Defines the authentication type. The value is case-insensitive. + + "Basic" is not a supported value. + + Default: "Bearer" + type: string + type: object default: description: |- Default indicates that the scrape applies to all scrape objects that @@ -27713,6 +28029,8 @@ spec: If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. + + `PrometheusText1.0.0` requires Prometheus >= v3.0.0. items: description: |- ScrapeProtocol represents a protocol used by Prometheus for scraping metrics. @@ -27721,17 +28039,20 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string type: array x-kubernetes-list-type: set scrapeTimeout: - description: Number of seconds to wait until a scrape request times - out. + description: |- + Number of seconds to wait until a scrape request times out. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: @@ -27825,6 +28146,32 @@ spec: Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer + seLinuxChangePolicy: + description: |- + seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + Valid values are "MountOption" and "Recursive". + + "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + + "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + This requires all Pods that share the same volume to use the same SELinux label. + It is not possible to share the same volume among privileged and unprivileged Pods. + Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + CSIDriver instance. Other volumes are always re-labelled recursively. + "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + + If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + and "Recursive" for all other volumes. + + This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + + All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + Note that this field cannot be set when spec.os.name is windows. + type: string seLinuxOptions: description: |- The SELinux context to be applied to all containers. @@ -28076,19 +28423,28 @@ spec: x-kubernetes-map-type: atomic shards: description: |- - Number of shards to distribute targets onto. `spec.replicas` - multiplied by `spec.shards` is the total number of Pods created. + Number of shards to distribute scraped targets onto. + + `spec.replicas` multiplied by `spec.shards` is the total number of Pods + being created. - Note that scaling down shards will not reshard data onto remaining + When not defined, the operator assumes only one shard. + + Note that scaling down shards will not reshard data onto the remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use Thanos sidecar and Thanos querier or remote write data to a central location. + Alerting and recording rules - Sharding is performed on the content of the `__address__` target meta-label - for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + By default, the sharding is performed on: + * The `__address__` target's metadata label for PodMonitor, + ServiceMonitor and ScrapeConfig resources. + * The `__param_target__` label for Probe resources. - Default: 1 + Users can define their own sharding implementation by setting the + `__tmp_hash` label during the target discovery with relabeling + configuration (either in the monitoring resources or via scrape class). format: int32 type: integer storage: @@ -28752,18 +29108,15 @@ spec: persistent volume is being resized. type: string status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required type: string type: description: |- - PersistentVolumeClaimConditionType defines the condition of PV claim. - Valid values are: - - "Resizing", "FileSystemResizePending" - - If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected: - - "ControllerResizeError", "NodeResizeError" - - If VolumeAttributesClass feature gate is enabled, then following additional values can be expected: - - "ModifyVolumeError", "ModifyingVolume" + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about type: string required: - status @@ -29376,6 +29729,8 @@ spec: description: |- awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: @@ -29407,8 +29762,10 @@ spec: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. + description: |- + azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + are redirected to the disk.csi.azure.com CSI driver. properties: cachingMode: description: 'cachingMode is the Host Caching mode: None, @@ -29446,8 +29803,10 @@ spec: - diskURI type: object azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. + description: |- + azureFile represents an Azure File Service mount on the host and bind mount to the pod. + Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + are redirected to the file.csi.azure.com CSI driver. properties: readOnly: description: |- @@ -29466,8 +29825,9 @@ spec: - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime + description: |- + cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. properties: monitors: description: |- @@ -29519,6 +29879,8 @@ spec: cinder: description: |- cinder represents a cinder volume attached and mounted on kubelets host machine. + Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: @@ -29628,8 +29990,7 @@ spec: x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). + storage that is handled by certain external CSI drivers. properties: driver: description: |- @@ -30095,6 +30456,7 @@ spec: description: |- flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. properties: driver: description: driver is the name of the driver to use for @@ -30140,9 +30502,9 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running + description: |- + flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. properties: datasetName: description: |- @@ -30158,6 +30520,8 @@ spec: description: |- gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: @@ -30193,7 +30557,7 @@ spec: gitRepo: description: |- gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. properties: @@ -30217,6 +30581,7 @@ spec: glusterfs: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: @@ -30426,8 +30791,9 @@ spec: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine + description: |- + photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. properties: fsType: description: |- @@ -30443,8 +30809,11 @@ spec: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine + description: |- + portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + is on. properties: fsType: description: |- @@ -30809,8 +31178,9 @@ spec: x-kubernetes-list-type: atomic type: object quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime + description: |- + quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. properties: group: description: |- @@ -30849,6 +31219,7 @@ spec: rbd: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: @@ -30921,8 +31292,9 @@ spec: - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. + description: |- + scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. properties: fsType: default: xfs @@ -31054,8 +31426,9 @@ spec: type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + description: |- + storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. properties: fsType: description: |- @@ -31100,8 +31473,10 @@ spec: type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + description: |- + vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + are redirected to the csi.vsphere.vmware.com CSI driver. properties: fsType: description: |- @@ -31206,7 +31581,12 @@ spec: description: Defines the TLS parameters for HTTPS. properties: cert: - description: Contains the TLS certificate for the server. + description: |- + Secret or ConfigMap containing the TLS certificate for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `certFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -31259,20 +31639,28 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the Prometheus container for the server. - Mutually exclusive with `cert`. + Path to the TLS certificate file in the container for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `cert`. type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - Go default cipher suites are used. Available cipher suites are documented - in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + List of supported cipher suites for TLS versions up to TLS 1.2. + + If not defined, the Go default cipher suites are used. + Available cipher suites are documented in the Go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants items: type: string type: array client_ca: - description: Contains the CA certificate for client certificate + description: |- + Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. + + It is mutually exclusive with `clientCAFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -31325,30 +31713,43 @@ spec: type: object clientAuthType: description: |- - Server policy for client authentication. Maps to ClientAuth Policies. + The server policy for client TLS authentication. + For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to the server. - Mutually exclusive with `client_ca`. + Path to the CA certificate file for client certificate authentication to + the server. + + It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- Elliptic curves that will be used in an ECDHE handshake, in preference - order. Available curves are documented in the go documentation: + order. + + Available curves are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#CurveID items: type: string type: array keyFile: description: |- - Path to the TLS key file in the Prometheus container for the server. - Mutually exclusive with `keySecret`. + Path to the TLS private key file in the container for the web server. + + If defined, either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keySecret`. type: string keySecret: - description: Secret containing the TLS key for the server. + description: |- + Secret containing the TLS private key for the web server. + + Either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keyFile`. properties: key: description: The key of the secret to select from. Must @@ -31372,18 +31773,17 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. Defaults - to TLS13. + description: Maximum TLS version that is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. Defaults - to TLS12. + description: Minimum TLS version that is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the - client's most preferred cipher suite, or the server's most preferred - cipher suite. If true then the server's preference, as expressed in + Controls whether the server selects the client's most preferred cipher + suite, or the server's most preferred cipher suite. + + If true then the server's preference, as expressed in the order of elements in cipherSuites, is used. type: boolean type: object @@ -31431,9 +31831,11 @@ spec: type: string status: description: Status of the condition. + minLength: 1 type: string type: description: Type of the condition being reported. + minLength: 1 type: string required: - lastTransitionTime @@ -31538,8 +31940,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -32773,7 +33175,13 @@ spec: apiVersion: description: |- Version of the Alertmanager API that Prometheus uses to send alerts. - It can be "v1" or "v2". + It can be "V1" or "V2". + The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. + enum: + - v1 + - V1 + - v2 + - V2 type: string authorization: description: |- @@ -32897,6 +33305,14 @@ spec: Prometheus object. minLength: 1 type: string + noProxy: + description: |- + `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + that should be excluded from proxying. IP and domain names can + contain port numbers. + + It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + type: string pathPrefix: description: Prefix for the HTTP path alerts are pushed to. @@ -32907,6 +33323,51 @@ spec: - type: string description: Port on which the Alertmanager API is exposed. x-kubernetes-int-or-string: true + proxyConnectHeader: + additionalProperties: + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + description: |- + ProxyConnectHeader optionally specifies headers to send to + proxies during CONNECT requests. + + It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + type: object + x-kubernetes-map-type: atomic + proxyFromEnvironment: + description: |- + Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + + It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. + type: boolean + proxyUrl: + description: '`proxyURL` defines the HTTP proxy server to + use.' + pattern: ^http(s)?://.+$ + type: string relabelings: description: Relabel configuration applied to the discovered Alertmanagers. @@ -33879,7 +34340,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -33894,7 +34356,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -33943,8 +34406,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -33957,8 +34420,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -33990,7 +34453,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -34005,7 +34469,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -34054,8 +34519,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -34068,8 +34533,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -34097,7 +34562,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -34118,7 +34584,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -34137,7 +34603,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -34204,8 +34670,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -34309,7 +34774,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -34330,7 +34796,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -34349,7 +34815,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -34416,8 +34882,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -34765,7 +35230,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -34786,7 +35252,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -34805,7 +35271,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -34872,8 +35338,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -35058,7 +35523,10 @@ spec: type: object type: array disableCompaction: - description: When true, the Prometheus compaction is disabled. + description: |- + When true, the Prometheus compaction is disabled. + When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically + disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). type: boolean dnsConfig: description: Defines the DNS configuration for the pods. @@ -35140,6 +35608,14 @@ spec: type: string type: array x-kubernetes-list-type: set + enableOTLPReceiver: + description: |- + Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + + Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. + + It requires Prometheus >= v2.47.0. + type: boolean enableRemoteWriteReceiver: description: |- Enable Prometheus to be used as a receiver for the Prometheus remote @@ -35707,7 +36183,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -35722,7 +36199,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -35771,8 +36249,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -35785,8 +36263,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -35818,7 +36296,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -35833,7 +36312,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -35882,8 +36362,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -35896,8 +36376,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -35925,7 +36405,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -35946,7 +36427,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -35965,7 +36446,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -36032,8 +36513,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -36137,7 +36617,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -36158,7 +36639,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -36177,7 +36658,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -36244,8 +36725,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -36593,7 +37073,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -36614,7 +37095,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -36633,7 +37114,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -36700,8 +37181,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -36962,6 +37442,13 @@ spec: enabling the StatefulSetMinReadySeconds feature gate. format: int32 type: integer + nameValidationScheme: + description: Specifies the validation scheme for metric and label + names. + enum: + - UTF8 + - Legacy + type: string nodeSelector: additionalProperties: type: string @@ -36981,6 +37468,16 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + translationStrategy: + description: |- + Configures how the OTLP receiver endpoint translates the incoming metrics. + If unset, Prometheus uses its default value. + + It requires Prometheus >= v3.0.0. + enum: + - NoUTF8EscapingWithSuffixes + - UnderscoreEscapingWithSuffixes + type: string type: object overrideHonorLabels: description: |- @@ -39464,6 +39961,49 @@ spec: permissions on the `Nodes` objects. type: boolean type: object + authorization: + description: |- + Authorization section for the ScrapeClass. + It will only apply if the scrape resource doesn't specify any Authorization. + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File to read a secret from, mutually exclusive + with `credentials`. + type: string + type: + description: |- + Defines the authentication type. The value is case-insensitive. + + "Basic" is not a supported value. + + Default: "Bearer" + type: string + type: object default: description: |- Default indicates that the scrape applies to all scrape objects that @@ -39976,6 +40516,8 @@ spec: If unset, Prometheus uses its default value. It requires Prometheus >= v2.49.0. + + `PrometheusText1.0.0` requires Prometheus >= v3.0.0. items: description: |- ScrapeProtocol represents a protocol used by Prometheus for scraping metrics. @@ -39984,17 +40526,20 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string type: array x-kubernetes-list-type: set scrapeTimeout: - description: Number of seconds to wait until a scrape request times - out. + description: |- + Number of seconds to wait until a scrape request times out. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: @@ -40088,6 +40633,32 @@ spec: Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer + seLinuxChangePolicy: + description: |- + seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + Valid values are "MountOption" and "Recursive". + + "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + + "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + This requires all Pods that share the same volume to use the same SELinux label. + It is not possible to share the same volume among privileged and unprivileged Pods. + Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + CSIDriver instance. Other volumes are always re-labelled recursively. + "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + + If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + and "Recursive" for all other volumes. + + This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + + All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + Note that this field cannot be set when spec.os.name is windows. + type: string seLinuxOptions: description: |- The SELinux context to be applied to all containers. @@ -40343,19 +40914,28 @@ spec: type: string shards: description: |- - Number of shards to distribute targets onto. `spec.replicas` - multiplied by `spec.shards` is the total number of Pods created. + Number of shards to distribute scraped targets onto. + + `spec.replicas` multiplied by `spec.shards` is the total number of Pods + being created. - Note that scaling down shards will not reshard data onto remaining + When not defined, the operator assumes only one shard. + + Note that scaling down shards will not reshard data onto the remaining instances, it must be manually moved. Increasing shards will not reshard data either but it will continue to be available from the same instances. To query globally, use Thanos sidecar and Thanos querier or remote write data to a central location. + Alerting and recording rules - Sharding is performed on the content of the `__address__` target meta-label - for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + By default, the sharding is performed on: + * The `__address__` target's metadata label for PodMonitor, + ServiceMonitor and ScrapeConfig resources. + * The `__param_target__` label for Probe resources. - Default: 1 + Users can define their own sharding implementation by setting the + `__tmp_hash` label during the target discovery with relabeling + configuration (either in the monitoring resources or via scrape class). format: int32 type: integer storage: @@ -41019,18 +41599,15 @@ spec: persistent volume is being resized. type: string status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required type: string type: description: |- - PersistentVolumeClaimConditionType defines the condition of PV claim. - Valid values are: - - "Resizing", "FileSystemResizePending" - - If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected: - - "ControllerResizeError", "NodeResizeError" - - If VolumeAttributesClass feature gate is enabled, then following additional values can be expected: - - "ModifyVolumeError", "ModifyingVolume" + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about type: string required: - status @@ -42160,6 +42737,8 @@ spec: description: |- awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: @@ -42191,8 +42770,10 @@ spec: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. + description: |- + azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + are redirected to the disk.csi.azure.com CSI driver. properties: cachingMode: description: 'cachingMode is the Host Caching mode: None, @@ -42230,8 +42811,10 @@ spec: - diskURI type: object azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. + description: |- + azureFile represents an Azure File Service mount on the host and bind mount to the pod. + Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + are redirected to the file.csi.azure.com CSI driver. properties: readOnly: description: |- @@ -42250,8 +42833,9 @@ spec: - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime + description: |- + cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. properties: monitors: description: |- @@ -42303,6 +42887,8 @@ spec: cinder: description: |- cinder represents a cinder volume attached and mounted on kubelets host machine. + Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: @@ -42412,8 +42998,7 @@ spec: x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). + storage that is handled by certain external CSI drivers. properties: driver: description: |- @@ -42879,6 +43464,7 @@ spec: description: |- flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. properties: driver: description: driver is the name of the driver to use for @@ -42924,9 +43510,9 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running + description: |- + flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. properties: datasetName: description: |- @@ -42942,6 +43528,8 @@ spec: description: |- gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: @@ -42977,7 +43565,7 @@ spec: gitRepo: description: |- gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. properties: @@ -43001,6 +43589,7 @@ spec: glusterfs: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: @@ -43210,8 +43799,9 @@ spec: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine + description: |- + photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. properties: fsType: description: |- @@ -43227,8 +43817,11 @@ spec: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine + description: |- + portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + is on. properties: fsType: description: |- @@ -43593,8 +44186,9 @@ spec: x-kubernetes-list-type: atomic type: object quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime + description: |- + quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. properties: group: description: |- @@ -43633,6 +44227,7 @@ spec: rbd: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: @@ -43705,8 +44300,9 @@ spec: - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. + description: |- + scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. properties: fsType: default: xfs @@ -43838,8 +44434,9 @@ spec: type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + description: |- + storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. properties: fsType: description: |- @@ -43884,8 +44481,10 @@ spec: type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + description: |- + vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + are redirected to the csi.vsphere.vmware.com CSI driver. properties: fsType: description: |- @@ -43990,7 +44589,12 @@ spec: description: Defines the TLS parameters for HTTPS. properties: cert: - description: Contains the TLS certificate for the server. + description: |- + Secret or ConfigMap containing the TLS certificate for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `certFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -44043,20 +44647,28 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the Prometheus container for the server. - Mutually exclusive with `cert`. + Path to the TLS certificate file in the container for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `cert`. type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - Go default cipher suites are used. Available cipher suites are documented - in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + List of supported cipher suites for TLS versions up to TLS 1.2. + + If not defined, the Go default cipher suites are used. + Available cipher suites are documented in the Go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants items: type: string type: array client_ca: - description: Contains the CA certificate for client certificate + description: |- + Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. + + It is mutually exclusive with `clientCAFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -44109,30 +44721,43 @@ spec: type: object clientAuthType: description: |- - Server policy for client authentication. Maps to ClientAuth Policies. + The server policy for client TLS authentication. + For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to the server. - Mutually exclusive with `client_ca`. + Path to the CA certificate file for client certificate authentication to + the server. + + It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- Elliptic curves that will be used in an ECDHE handshake, in preference - order. Available curves are documented in the go documentation: + order. + + Available curves are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#CurveID items: type: string type: array keyFile: description: |- - Path to the TLS key file in the Prometheus container for the server. - Mutually exclusive with `keySecret`. + Path to the TLS private key file in the container for the web server. + + If defined, either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keySecret`. type: string keySecret: - description: Secret containing the TLS key for the server. + description: |- + Secret containing the TLS private key for the web server. + + Either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keyFile`. properties: key: description: The key of the secret to select from. Must @@ -44156,18 +44781,17 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. Defaults - to TLS13. + description: Maximum TLS version that is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. Defaults - to TLS12. + description: Minimum TLS version that is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the - client's most preferred cipher suite, or the server's most preferred - cipher suite. If true then the server's preference, as expressed in + Controls whether the server selects the client's most preferred cipher + suite, or the server's most preferred cipher suite. + + If true then the server's preference, as expressed in the order of elements in cipherSuites, is used. type: boolean type: object @@ -44215,9 +44839,11 @@ spec: type: string status: description: Status of the condition. + minLength: 1 type: string type: description: Type of the condition being reported. + minLength: 1 type: string required: - lastTransitionTime @@ -44322,8 +44948,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: prometheusrules.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -44377,6 +45003,16 @@ spec: are evaluated. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + labels: + additionalProperties: + type: string + description: |- + Labels to add or overwrite before storing the result for its rules. + The labels defined at the rule level take precedence. + + It requires Prometheus >= 3.0.0. + The field is ignored for Thanos Ruler. + type: object limit: description: |- Limit the number of alerts an alerting rule and series a recording @@ -44472,8 +45108,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: scrapeconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -44700,8 +45336,9 @@ spec: If unset, Prometheus uses its default value. type: boolean authorization: - description: Authorization header configuration to authenticate - against the Consul Server. + description: |- + Optional Authorization header configuration to authenticate against the Consul Server. + Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: description: Selects a key of a Secret in the namespace @@ -44739,8 +45376,9 @@ spec: type: object basicAuth: description: |- - BasicAuth information to authenticate against the Consul Server. + Optional BasicAuth information to authenticate against the Consul Server. More info: https://prometheus.io/docs/operating/configuration/#endpoints + Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- @@ -44798,19 +45436,31 @@ spec: datacenter: description: Consul Datacenter name, if not provided it will use the local Consul Agent Datacenter. + minLength: 1 type: string enableHTTP2: description: |- Whether to enable HTTP2. If unset, Prometheus uses its default value. type: boolean + filter: + description: |- + Filter expression used to filter the catalog results. + See https://www.consul.io/api-docs/catalog#list-services + It requires Prometheus >= 3.0.0. + minLength: 1 + type: string followRedirects: description: |- Configure whether HTTP requests follow HTTP 3xx redirects. If unset, Prometheus uses its default value. type: boolean namespace: - description: Namespaces are only supported in Consul Enterprise. + description: |- + Namespaces are only supported in Consul Enterprise. + + It requires Prometheus >= 2.28.0. + minLength: 1 type: string noProxy: description: |- @@ -44823,12 +45473,15 @@ spec: nodeMeta: additionalProperties: type: string - description: Node metadata key/value pairs to filter nodes for - a given service. + description: |- + Node metadata key/value pairs to filter nodes for a given service. + Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead. type: object x-kubernetes-map-type: atomic oauth2: - description: Optional OAuth 2.0 configuration. + description: |- + Optional OAuth2.0 configuration. + Cannot be set at the same time as `basicAuth`, or `authorization`. properties: clientId: description: |- @@ -45155,6 +45808,14 @@ spec: type: object partition: description: Admin Partitions are only supported in Consul Enterprise. + minLength: 1 + type: string + pathPrefix: + description: |- + Prefix for URIs for when consul is behind an API gateway (reverse proxy). + + It requires Prometheus >= 2.45.0. + minLength: 1 type: string proxyConnectHeader: additionalProperties: @@ -45214,8 +45875,8 @@ spec: - HTTPS type: string server: - description: A valid string consisting of a hostname or IP followed - by an optional port number. + description: Consul server address. A valid string consisting + of a hostname or IP followed by an optional port number. minLength: 1 type: string services: @@ -45224,21 +45885,23 @@ spec: items: type: string type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: set tagSeparator: description: |- The string by which Consul tags are joined into the tag label. If unset, Prometheus uses its default value. + minLength: 1 type: string tags: - description: An optional list of tags used to filter nodes for - a given service. Services must contain all tags in the list. + description: |- + An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. + Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead. items: type: string type: array - x-kubernetes-list-type: atomic + x-kubernetes-list-type: set tlsConfig: - description: TLS Config + description: TLS configuration to connect to the Consul API. properties: ca: description: Certificate authority used when verifying server @@ -45821,6 +46484,9 @@ spec: type: object port: description: The port to scrape metrics from. + format: int32 + maximum: 65535 + minimum: 0 type: integer proxyConnectHeader: additionalProperties: @@ -47847,6 +48513,9 @@ spec: If unset, Prometheus uses true by default. type: boolean + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean eurekaSDConfigs: description: EurekaSDConfigs defines a list of Eureka service discovery configurations. @@ -48510,6 +49179,18 @@ spec: - server type: object type: array + fallbackScrapeProtocol: + description: |- + The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + + It requires Prometheus >= v3.0.0. + enum: + - PrometheusProto + - OpenMetricsText0.0.1 + - OpenMetricsText1.0.0 + - PrometheusText0.0.4 + - PrometheusText1.0.0 + type: string fileSDConfigs: description: FileSDConfigs defines a list of file service discovery configurations. @@ -55714,18 +56395,21 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string minItems: 1 type: array x-kubernetes-list-type: set scrapeTimeout: - description: ScrapeTimeout is the number of seconds to wait until - a scrape request times out. + description: |- + ScrapeTimeout is the number of seconds to wait until a scrape request times out. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string staticConfigs: @@ -55940,8 +56624,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: servicemonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -56753,6 +57437,7 @@ spec: If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetPort: @@ -56947,6 +57632,18 @@ spec: type: boolean type: object type: array + fallbackScrapeProtocol: + description: |- + The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + + It requires Prometheus >= v3.0.0. + enum: + - PrometheusProto + - OpenMetricsText0.0.1 + - OpenMetricsText1.0.0 + - PrometheusText0.0.4 + - PrometheusText1.0.0 + type: string jobLabel: description: |- `jobLabel` selects the label from the associated Kubernetes `Service` @@ -57060,11 +57757,13 @@ spec: * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4` + * `PrometheusText1.0.0` enum: - PrometheusProto - OpenMetricsText0.0.1 - OpenMetricsText1.0.0 - PrometheusText0.0.4 + - PrometheusText1.0.0 type: string type: array x-kubernetes-list-type: set @@ -57115,6 +57814,18 @@ spec: type: object type: object x-kubernetes-map-type: atomic + selectorMechanism: + description: |- + Mechanism used to select the endpoints to scrape. + By default, the selection process relies on relabel configurations to filter the discovered targets. + Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + Which strategy is best for your use case needs to be carefully evaluated. + + It requires Prometheus >= v2.17.0. + enum: + - RelabelConfig + - RoleSelector + type: string targetLabels: description: |- `targetLabels` defines the labels which are transferred from the @@ -57143,8 +57854,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.16.4 - operator.prometheus.io/version: 0.78.0 + controller-gen.kubebuilder.io/version: v0.16.5 + operator.prometheus.io/version: 0.79.2 name: thanosrulers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -58165,8 +58876,10 @@ spec: type: object alertDropLabels: description: |- - AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. - The replica label `thanos_ruler_replica` will always be dropped in alerts. + Configures the label names which should be dropped in Thanos Ruler + alerts. + + The replica label `thanos_ruler_replica` will always be dropped from the alerts. items: type: string type: array @@ -58178,15 +58891,27 @@ spec: type: string alertRelabelConfigFile: description: |- - AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. - When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence. + Configures the path to the alert relabeling configuration file. + + Alert relabel configuration must have the form as specified in the + official Prometheus documentation: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs + + The operator performs no validation of the configuration file. + + This field takes precedence over `alertRelabelConfig`. type: string alertRelabelConfigs: description: |- - AlertRelabelConfigs configures alert relabeling in ThanosRuler. - Alert relabel configurations must have the form as specified in the official Prometheus documentation: + Configures alert relabeling in Thanos Ruler. + + Alert relabel configuration must have the form as specified in the + official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs - Alternative to AlertRelabelConfigFile, and lower order priority. + + The operator performs no validation of the configuration. + + `alertRelabelConfigFile` takes precedence over this field. properties: key: description: The key of the secret to select from. Must be a @@ -58210,8 +58935,15 @@ spec: x-kubernetes-map-type: atomic alertmanagersConfig: description: |- - Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 - and higher. Maps to the `alertmanagers.config` arg. + Configures the list of Alertmanager endpoints to send alerts to. + + The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. + + It requires Thanos >= v0.10.0. + + The operator performs no validation of the configuration. + + This field takes precedence over `alertmanagersUrl`. properties: key: description: The key of the secret to select from. Must be a @@ -58235,10 +58967,11 @@ spec: x-kubernetes-map-type: atomic alertmanagersUrl: description: |- - Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, - AlertManagersConfig should be used instead. Note: this field will be ignored - if AlertManagersConfig is specified. - Maps to the `alertmanagers.url` arg. + Configures the list of Alertmanager endpoints to send alerts to. + + For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. + + `alertmanagersConfig` takes precedence over this field. items: type: string type: array @@ -58490,7 +59223,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -58505,7 +59239,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -58554,8 +59289,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -58568,8 +59303,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -58601,7 +59336,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -58616,7 +59352,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -58665,8 +59402,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -58679,8 +59416,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -58708,7 +59445,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -58729,7 +59467,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -58748,7 +59486,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -58815,8 +59553,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -58920,7 +59657,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -58941,7 +59679,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -58960,7 +59698,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -59027,8 +59765,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -59376,7 +60113,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -59397,7 +60135,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -59416,7 +60154,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -59483,8 +60221,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -60260,7 +60997,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -60275,7 +61013,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -60324,8 +61063,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -60338,8 +61077,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -60371,7 +61110,8 @@ spec: More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in + the container. properties: command: description: |- @@ -60386,7 +61126,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to + perform. properties: host: description: |- @@ -60435,8 +61176,8 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the - container should sleep before being terminated. + description: Sleep represents a duration that the container + should sleep. properties: seconds: description: Seconds is the number of seconds to @@ -60449,8 +61190,8 @@ spec: tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + for backward compatibility. There is no validation of this field and + lifecycle hooks will fail at runtime when it is specified. properties: host: description: 'Optional: Host name to connect to, @@ -60478,7 +61219,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -60499,7 +61241,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -60518,7 +61260,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -60585,8 +61327,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -60690,7 +61431,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -60711,7 +61453,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -60730,7 +61472,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -60797,8 +61539,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -61146,7 +61887,8 @@ spec: More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes properties: exec: - description: Exec specifies the action to take. + description: Exec specifies a command to execute in the + container. properties: command: description: |- @@ -61167,7 +61909,7 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies a GRPC HealthCheckRequest. properties: port: description: Port number of the gRPC service. Number @@ -61186,7 +61928,7 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies an HTTP GET request to perform. properties: host: description: |- @@ -61253,8 +61995,7 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. + description: TCPSocket specifies a connection to a TCP port. properties: host: description: 'Optional: Host name to connect to, defaults @@ -61442,8 +62183,10 @@ spec: additionalProperties: type: string description: |- - Labels configure the external label pairs to ThanosRuler. A default replica label - `thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts. + Configures the external label pairs of the ThanosRuler resource. + + A default replica label `thanos_ruler_replica` will be always added as a + label with the value of the pod's name. type: object listenLocal: description: |- @@ -61481,8 +62224,13 @@ spec: type: object objectStorageConfig: description: |- - ObjectStorageConfig configures object storage in Thanos. - Alternative to ObjectStorageConfigFile, and lower order priority. + Configures object storage. + + The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + + The operator performs no validation of the configuration. + + `objectStorageConfigFile` takes precedence over this field. properties: key: description: The key of the secret to select from. Must be a @@ -61506,8 +62254,13 @@ spec: x-kubernetes-map-type: atomic objectStorageConfigFile: description: |- - ObjectStorageConfigFile specifies the path of the object storage configuration file. - When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence. + Configures the path of the object storage configuration file. + + The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + + The operator performs no validation of the configuration file. + + This field takes precedence over `objectStorageConfig`. type: string paused: description: |- @@ -61587,10 +62340,15 @@ spec: type: array queryConfig: description: |- - Define configuration for connecting to thanos query instances. - If this is defined, the QueryEndpoints field will be ignored. - Maps to the `query.config` CLI argument. - Only available with thanos v0.11.0 and higher. + Configures the list of Thanos Query endpoints from which to query metrics. + + The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api + + It requires Thanos >= v0.11.0. + + The operator performs no validation of the configuration. + + This field takes precedence over `queryEndpoints`. properties: key: description: The key of the secret to select from. Must be a @@ -61614,8 +62372,11 @@ spec: x-kubernetes-map-type: atomic queryEndpoints: description: |- - QueryEndpoints defines Thanos querier endpoints from which to query metrics. - Maps to the --query flag of thanos ruler. + Configures the list of Thanos Query endpoints from which to query metrics. + + For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. + + `queryConfig` takes precedence over this field. items: type: string type: array @@ -61745,8 +62506,9 @@ spec: x-kubernetes-map-type: atomic ruleSelector: description: |- - A label selector to select which PrometheusRules to mount for alerting and - recording. + PrometheusRule objects to be selected for rule evaluation. An empty + label selector matches all objects. A null label selector matches no + objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -61872,6 +62634,32 @@ spec: Note that this field cannot be set when spec.os.name is windows. format: int64 type: integer + seLinuxChangePolicy: + description: |- + seLinuxChangePolicy defines how the container's SELinux label is applied to all volumes used by the Pod. + It has no effect on nodes that do not support SELinux or to volumes does not support SELinux. + Valid values are "MountOption" and "Recursive". + + "Recursive" means relabeling of all files on all Pod volumes by the container runtime. + This may be slow for large volumes, but allows mixing privileged and unprivileged Pods sharing the same volume on the same node. + + "MountOption" mounts all eligible Pod volumes with `-o context` mount option. + This requires all Pods that share the same volume to use the same SELinux label. + It is not possible to share the same volume among privileged and unprivileged Pods. + Eligible volumes are in-tree FibreChannel and iSCSI volumes, and all CSI volumes + whose CSI driver announces SELinux support by setting spec.seLinuxMount: true in their + CSIDriver instance. Other volumes are always re-labelled recursively. + "MountOption" value is allowed only when SELinuxMount feature gate is enabled. + + If not specified and SELinuxMount feature gate is enabled, "MountOption" is used. + If not specified and SELinuxMount feature gate is disabled, "MountOption" is used for ReadWriteOncePod volumes + and "Recursive" for all other volumes. + + This field affects only Pods that have SELinux label set, either in PodSecurityContext or in SecurityContext of all containers. + + All Pods that use the same volume should use the same seLinuxChangePolicy, otherwise some pods can get stuck in ContainerCreating state. + Note that this field cannot be set when spec.os.name is windows. + type: string seLinuxOptions: description: |- The SELinux context to be applied to all containers. @@ -62665,18 +63453,15 @@ spec: persistent volume is being resized. type: string status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=state%20of%20pvc-,conditions.status,-(string)%2C%20required type: string type: description: |- - PersistentVolumeClaimConditionType defines the condition of PV claim. - Valid values are: - - "Resizing", "FileSystemResizePending" - - If RecoverVolumeExpansionFailure feature gate is enabled, then following additional values can be expected: - - "ControllerResizeError", "NodeResizeError" - - If VolumeAttributesClass feature gate is enabled, then following additional values can be expected: - - "ModifyVolumeError", "ModifyingVolume" + Type is the type of the condition. + More info: https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/#:~:text=set%20to%20%27ResizeStarted%27.-,PersistentVolumeClaimCondition,-contains%20details%20about type: string required: - status @@ -62943,12 +63728,16 @@ spec: type: array tracingConfig: description: |- - TracingConfig configures tracing in Thanos. + Configures tracing. - `tracingConfigFile` takes precedence over this field. + The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration This is an *experimental feature*, it may change in any upcoming release in a breaking way. + + The operator performs no validation of the configuration. + + `tracingConfigFile` takes precedence over this field. properties: key: description: The key of the secret to select from. Must be a @@ -62972,12 +63761,16 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: |- - TracingConfig specifies the path of the tracing configuration file. + Configures the path of the tracing configuration file. - This field takes precedence over `tracingConfig`. + The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration This is an *experimental feature*, it may change in any upcoming release in a breaking way. + + The operator performs no validation of the configuration file. + + This field takes precedence over `tracingConfig`. type: string version: description: Version of Thanos to be deployed. @@ -63061,6 +63854,8 @@ spec: description: |- awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: AWSElasticBlockStore is deprecated. All operations for the in-tree + awsElasticBlockStore type are redirected to the ebs.csi.aws.com CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: @@ -63092,8 +63887,10 @@ spec: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. + description: |- + azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + Deprecated: AzureDisk is deprecated. All operations for the in-tree azureDisk type + are redirected to the disk.csi.azure.com CSI driver. properties: cachingMode: description: 'cachingMode is the Host Caching mode: None, @@ -63131,8 +63928,10 @@ spec: - diskURI type: object azureFile: - description: azureFile represents an Azure File Service mount - on the host and bind mount to the pod. + description: |- + azureFile represents an Azure File Service mount on the host and bind mount to the pod. + Deprecated: AzureFile is deprecated. All operations for the in-tree azureFile type + are redirected to the file.csi.azure.com CSI driver. properties: readOnly: description: |- @@ -63151,8 +63950,9 @@ spec: - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the host that - shares a pod's lifetime + description: |- + cephFS represents a Ceph FS mount on the host that shares a pod's lifetime. + Deprecated: CephFS is deprecated and the in-tree cephfs type is no longer supported. properties: monitors: description: |- @@ -63204,6 +64004,8 @@ spec: cinder: description: |- cinder represents a cinder volume attached and mounted on kubelets host machine. + Deprecated: Cinder is deprecated. All operations for the in-tree cinder type + are redirected to the cinder.csi.openstack.org CSI driver. More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: @@ -63313,8 +64115,7 @@ spec: x-kubernetes-map-type: atomic csi: description: csi (Container Storage Interface) represents ephemeral - storage that is handled by certain external CSI drivers (Beta - feature). + storage that is handled by certain external CSI drivers. properties: driver: description: |- @@ -63780,6 +64581,7 @@ spec: description: |- flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. + Deprecated: FlexVolume is deprecated. Consider using a CSIDriver instead. properties: driver: description: driver is the name of the driver to use for @@ -63825,9 +64627,9 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached to - a kubelet's host machine. This depends on the Flocker control - service being running + description: |- + flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running. + Deprecated: Flocker is deprecated and the in-tree flocker type is no longer supported. properties: datasetName: description: |- @@ -63843,6 +64645,8 @@ spec: description: |- gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. + Deprecated: GCEPersistentDisk is deprecated. All operations for the in-tree + gcePersistentDisk type are redirected to the pd.csi.storage.gke.io CSI driver. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: @@ -63878,7 +64682,7 @@ spec: gitRepo: description: |- gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + Deprecated: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. properties: @@ -63902,6 +64706,7 @@ spec: glusterfs: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: @@ -64111,8 +64916,9 @@ spec: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine + description: |- + photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine. + Deprecated: PhotonPersistentDisk is deprecated and the in-tree photonPersistentDisk type is no longer supported. properties: fsType: description: |- @@ -64128,8 +64934,11 @@ spec: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume attached - and mounted on kubelets host machine + description: |- + portworxVolume represents a portworx volume attached and mounted on kubelets host machine. + Deprecated: PortworxVolume is deprecated. All operations for the in-tree portworxVolume type + are redirected to the pxd.portworx.com CSI driver when the CSIMigrationPortworx feature-gate + is on. properties: fsType: description: |- @@ -64494,8 +65303,9 @@ spec: x-kubernetes-list-type: atomic type: object quobyte: - description: quobyte represents a Quobyte mount on the host - that shares a pod's lifetime + description: |- + quobyte represents a Quobyte mount on the host that shares a pod's lifetime. + Deprecated: Quobyte is deprecated and the in-tree quobyte type is no longer supported. properties: group: description: |- @@ -64534,6 +65344,7 @@ spec: rbd: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: @@ -64606,8 +65417,9 @@ spec: - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. + description: |- + scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + Deprecated: ScaleIO is deprecated and the in-tree scaleIO type is no longer supported. properties: fsType: default: xfs @@ -64739,8 +65551,9 @@ spec: type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + description: |- + storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported. properties: fsType: description: |- @@ -64785,8 +65598,10 @@ spec: type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + description: |- + vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine. + Deprecated: VsphereVolume is deprecated. All operations for the in-tree vsphereVolume type + are redirected to the csi.vsphere.vmware.com CSI driver. properties: fsType: description: |- @@ -64873,7 +65688,12 @@ spec: description: Defines the TLS parameters for HTTPS. properties: cert: - description: Contains the TLS certificate for the server. + description: |- + Secret or ConfigMap containing the TLS certificate for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `certFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -64926,20 +65746,28 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the Prometheus container for the server. - Mutually exclusive with `cert`. + Path to the TLS certificate file in the container for the web server. + + Either `keySecret` or `keyFile` must be defined. + + It is mutually exclusive with `cert`. type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. If empty, - Go default cipher suites are used. Available cipher suites are documented - in the go documentation: https://golang.org/pkg/crypto/tls/#pkg-constants + List of supported cipher suites for TLS versions up to TLS 1.2. + + If not defined, the Go default cipher suites are used. + Available cipher suites are documented in the Go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants items: type: string type: array client_ca: - description: Contains the CA certificate for client certificate + description: |- + Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. + + It is mutually exclusive with `clientCAFile`. properties: configMap: description: ConfigMap containing data to use for the @@ -64992,30 +65820,43 @@ spec: type: object clientAuthType: description: |- - Server policy for client authentication. Maps to ClientAuth Policies. + The server policy for client TLS authentication. + For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to the server. - Mutually exclusive with `client_ca`. + Path to the CA certificate file for client certificate authentication to + the server. + + It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- Elliptic curves that will be used in an ECDHE handshake, in preference - order. Available curves are documented in the go documentation: + order. + + Available curves are documented in the Go documentation: https://golang.org/pkg/crypto/tls/#CurveID items: type: string type: array keyFile: description: |- - Path to the TLS key file in the Prometheus container for the server. - Mutually exclusive with `keySecret`. + Path to the TLS private key file in the container for the web server. + + If defined, either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keySecret`. type: string keySecret: - description: Secret containing the TLS key for the server. + description: |- + Secret containing the TLS private key for the web server. + + Either `cert` or `certFile` must be defined. + + It is mutually exclusive with `keyFile`. properties: key: description: The key of the secret to select from. Must @@ -65039,18 +65880,17 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. Defaults - to TLS13. + description: Maximum TLS version that is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. Defaults - to TLS12. + description: Minimum TLS version that is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the - client's most preferred cipher suite, or the server's most preferred - cipher suite. If true then the server's preference, as expressed in + Controls whether the server selects the client's most preferred cipher + suite, or the server's most preferred cipher suite. + + If true then the server's preference, as expressed in the order of elements in cipherSuites, is used. type: boolean type: object @@ -65098,9 +65938,11 @@ spec: type: string status: description: Status of the condition. + minLength: 1 type: string type: description: Type of the condition being reported. + minLength: 1 type: string required: - lastTransitionTime @@ -65154,7 +65996,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 name: prometheus-operator roleRef: apiGroup: rbac.authorization.k8s.io @@ -65171,7 +66013,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 name: prometheus-operator rules: - apiGroups: @@ -65279,7 +66121,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 name: prometheus-operator namespace: default spec: @@ -65295,19 +66137,19 @@ spec: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 spec: automountServiceAccountToken: true containers: - args: - --kubelet-service=kube-system/kubelet - - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.78.0 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.79.2 - --kubelet-endpoints=true - --kubelet-endpointslice=false env: - name: GOGC value: "30" - image: quay.io/prometheus-operator/prometheus-operator:v0.78.0 + image: quay.io/prometheus-operator/prometheus-operator:v0.79.2 name: prometheus-operator ports: - containerPort: 8080 @@ -65341,7 +66183,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 name: prometheus-operator namespace: default --- @@ -65351,7 +66193,7 @@ metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: prometheus-operator - app.kubernetes.io/version: 0.78.0 + app.kubernetes.io/version: 0.79.2 name: prometheus-operator namespace: default spec: @@ -65362,4 +66204,4 @@ spec: targetPort: http selector: app.kubernetes.io/component: controller - app.kubernetes.io/name: prometheus-operator + app.kubernetes.io/name: prometheus-operator \ No newline at end of file diff --git a/magefile.go b/magefile.go index 0dbef4f..be9cc6a 100644 --- a/magefile.go +++ b/magefile.go @@ -18,7 +18,7 @@ type LGTM mg.Namespace type Apps mg.Namespace func Setup() error { - if err := sh.RunV("brew", "install", "mage", "kubectl", "kubectx", "kind", "kustomize", "txn2/tap/kubefwd", "helm", "jq"); err != nil { + if err := sh.RunV("brew", "install", "mage", "kubectl", "kubectx", "kind", "kustomize", "txn2/tap/kubefwd", "helm", "jq", "golangci-lint"); err != nil { return err }