From 29695d9ba5a28191c284b3ba701244f51d4e72f7 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Wed, 22 May 2024 17:39:28 +0200 Subject: [PATCH] update prometheus operator crd (#1449) Signed-off-by: Coleen Iona Quadros --- .../prometheus/crd/kustomization.yaml | 2 +- ...0_68_0.yaml => prometheus_crd_0_73_2.yaml} | 1217 ++++++++++++++--- .../prometheus-operator-deployment.yaml | 2 +- 3 files changed, 1008 insertions(+), 213 deletions(-) rename operators/endpointmetrics/manifests/prometheus/crd/{prometheus_crd_0_68_0.yaml => prometheus_crd_0_73_2.yaml} (89%) diff --git a/operators/endpointmetrics/manifests/prometheus/crd/kustomization.yaml b/operators/endpointmetrics/manifests/prometheus/crd/kustomization.yaml index 9c9ff7280e..1e3e5806f0 100644 --- a/operators/endpointmetrics/manifests/prometheus/crd/kustomization.yaml +++ b/operators/endpointmetrics/manifests/prometheus/crd/kustomization.yaml @@ -3,7 +3,7 @@ resources: - alertmanagerconfig_crd_0_53_1.yaml - podmonitor_crd_0_53_1.yaml - probe_crd_0_53_1.yaml -- prometheus_crd_0_68_0.yaml +- prometheus_crd_0_73_2.yaml - prometheusrule_crd_0_53_1.yaml - servicemonitor_crd_0_53_1.yaml - thanosruler_crd_0_53_1.yaml diff --git a/operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_68_0.yaml b/operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_73_2.yaml similarity index 89% rename from operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_68_0.yaml rename to operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_73_2.yaml index b912437a1c..a41c08e09f 100644 --- a/operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_68_0.yaml +++ b/operators/endpointmetrics/manifests/prometheus/crd/prometheus_crd_0_73_2.yaml @@ -3,8 +3,8 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.13.0 + operator.prometheus.io/version: 0.73.2 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -410,7 +410,8 @@ spec: properties: labelSelector: description: A label query over a set of resources, - in this case pods. + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -460,6 +461,44 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied @@ -570,7 +609,8 @@ spec: properties: labelSelector: description: A label query over a set of resources, - in this case pods. + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -616,6 +656,43 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the @@ -719,7 +796,8 @@ spec: properties: labelSelector: description: A label query over a set of resources, - in this case pods. + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -769,6 +847,44 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key in (value)` to select + the group of existing pods which pods will be + taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MatchLabelKeys and LabelSelector. Also, + MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged + with `LabelSelector` as `key notin (value)` to + select the group of existing pods which pods will + be taken into consideration for the incoming pod's + pod (anti) affinity. Keys that don't exist in + the incoming pod labels will be ignored. The default + value is empty. The same key is forbidden to exist + in both MismatchLabelKeys and LabelSelector. Also, + MismatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied @@ -879,7 +995,8 @@ spec: properties: labelSelector: description: A label query over a set of resources, - in this case pods. + in this case pods. If it's null, this PodAffinityTerm + matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -925,6 +1042,43 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys + to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key in (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + Also, MatchLabelKeys cannot be set when LabelSelector + isn't set. This is an alpha field and requires enabling + MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label + keys to select which pods will be taken into consideration. + The keys are used to lookup values from the incoming + pod labels, those key-value labels are merged with + `LabelSelector` as `key notin (value)` to select the + group of existing pods which pods will be taken into + consideration for the incoming pod's pod (anti) affinity. + Keys that don't exist in the incoming pod labels will + be ignored. The default value is empty. The same key + is forbidden to exist in both MismatchLabelKeys and + LabelSelector. Also, MismatchLabelKeys cannot be set + when LabelSelector isn't set. This is an alpha field + and requires enabling MatchLabelKeysInPodAffinity + feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the @@ -1019,7 +1173,8 @@ spec: type: string authorization: description: "Authorization section for Alertmanager. \n - Cannot be set at the same time as `basicAuth`, or `bearerTokenFile`." + Cannot be set at the same time as `basicAuth`, `bearerTokenFile` + or `sigv4`." properties: credentials: description: Selects a key of a Secret in the namespace @@ -1051,11 +1206,11 @@ spec: basicAuth: description: "BasicAuth configuration for Alertmanager. \n Cannot be set at the same time as `bearerTokenFile`, - or `authorization`." + `authorization` or `sigv4`." properties: password: - description: The secret in the service monitor namespace - that contains the password for authentication. + description: '`password` specifies a key of a Secret + containing the password for authentication.' properties: key: description: The key of the secret to select from. Must @@ -1075,8 +1230,8 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: The secret in the service monitor namespace - that contains the username for authentication. + description: '`username` specifies a key of a Secret + containing the username for authentication.' properties: key: description: The key of the secret to select from. Must @@ -1098,9 +1253,9 @@ spec: type: object bearerTokenFile: description: "File to read bearer token for Alertmanager. - \n Cannot be set at the same time as `basicAuth`, or `authorization`. - \n *Deprecated: this will be removed in a future release. - Prefer using `authorization`.*" + \n Cannot be set at the same time as `basicAuth`, `authorization`, + or `sigv4`. \n Deprecated: this will be removed in a future + release. Prefer using `authorization`." type: string enableHttp2: description: Whether to enable HTTP2. @@ -1124,6 +1279,68 @@ spec: scheme: description: Scheme to use when firing alerts. type: string + sigv4: + description: "Sigv4 allows to configures AWS's Signature + Verification 4 for the URL. \n It requires Prometheus + >= v2.48.0. \n Cannot be set at the same time as `basicAuth`, + `bearerTokenFile` or `authorization`." + properties: + accessKey: + description: AccessKey is the AWS API key. If not specified, + the environment variable `AWS_ACCESS_KEY_ID` is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Profile is the named AWS profile used to + authenticate. + type: string + region: + description: Region is the AWS region. If blank, the + region from the default credentials chain used. + type: string + roleArn: + description: RoleArn is the named AWS profile used to + authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. If not + specified, the environment variable `AWS_SECRET_ACCESS_KEY` + is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object timeout: description: Timeout is a per-target Alertmanager timeout when pushing alerts. @@ -1279,9 +1496,9 @@ spec: type: object allowOverlappingBlocks: description: "AllowOverlappingBlocks enables vertical compaction and - vertical query merge in Prometheus. \n *Deprecated: this flag has + vertical query merge in Prometheus. \n Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are - enabled by default.*" + enabled by default." type: boolean apiserverConfig: description: 'APIServerConfig allows specifying a host and auth methods @@ -1329,8 +1546,8 @@ spec: `bearerTokenFile`." properties: password: - description: The secret in the service monitor namespace that - contains the password for authentication. + description: '`password` specifies a key of a Secret containing + the password for authentication.' properties: key: description: The key of the secret to select from. Must @@ -1349,8 +1566,8 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: The secret in the service monitor namespace that - contains the username for authentication. + description: '`username` specifies a key of a Secret containing + the username for authentication.' properties: key: description: The key of the secret to select from. Must @@ -1372,13 +1589,13 @@ spec: bearerToken: description: "*Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - \n *Deprecated: this will be removed in a future release.*" + \n Deprecated: this will be removed in a future release." type: string bearerTokenFile: description: "File to read bearer token for accessing apiserver. \n Cannot be set at the same time as `basicAuth`, `authorization`, - or `bearerToken`. \n *Deprecated: this will be removed in a - future release. Prefer using `authorization`.*" + or `bearerToken`. \n Deprecated: this will be removed in a future + release. Prefer using `authorization`." type: string host: description: Kubernetes API address consisting of a hostname or @@ -1532,7 +1749,7 @@ spec: type: boolean type: object baseImage: - description: '*Deprecated: use ''spec.image'' instead.*' + description: 'Deprecated: use ''spec.image'' instead.' type: string bodySizeLimit: description: BodySizeLimit defines per-scrape on response body size. @@ -1840,6 +2057,18 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the + container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to + sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. @@ -1938,6 +2167,18 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the + container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to + sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. @@ -2931,9 +3172,9 @@ spec: limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and - less than than `spec.enforcedSampleLimit`. \n It is meant to be - used by admins to keep the overall number of samples/series under - a desired limit." + less than `spec.enforcedSampleLimit`. \n It is meant to be used + by admins to keep the overall number of samples/series under a desired + limit." format: int64 type: integer enforcedTargetLimit: @@ -3049,7 +3290,7 @@ spec: description: When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor - and Probe objec. + and Probe object. type: boolean image: description: "Container image name for Prometheus. If specified, it @@ -3377,6 +3618,18 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the + container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to + sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. @@ -3475,6 +3728,18 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the + container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to + sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. @@ -4423,6 +4688,15 @@ spec: - warn - error type: string + maximumStartupDurationSeconds: + description: Defines the maximum time that the `prometheus` container's + startup probe will wait before being considered failed. The startup + probe will return success after the WAL replay is complete. If set, + the value should be greater than 60 (seconds). Otherwise it will + be equal to 600 seconds (15 minutes). + format: int32 + minimum: 60 + type: integer minReadySeconds: description: "Minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it @@ -4452,9 +4726,40 @@ spec: description: When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean + persistentVolumeClaimRetentionPolicy: + description: The field controls if and how PVCs are deleted during + the lifecycle of a StatefulSet. The default behavior is all PVCs + are retained. This is an alpha field from kubernetes 1.23 until + 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC + feature gate. + properties: + whenDeleted: + description: WhenDeleted specifies what happens to PVCs created + from StatefulSet VolumeClaimTemplates when the StatefulSet is + deleted. The default policy of `Retain` causes PVCs to not be + affected by StatefulSet deletion. The `Delete` policy causes + those PVCs to be deleted. + type: string + whenScaled: + description: WhenScaled specifies what happens to PVCs created + from StatefulSet VolumeClaimTemplates when the StatefulSet is + scaled down. The default policy of `Retain` causes PVCs to not + be affected by a scaledown. The `Delete` policy causes the associated + PVCs for any excess pods above the replica count to be deleted. + type: string + type: object podMetadata: - description: PodMetadata configures labels and annotations which are - propagated to the Prometheus pods. + description: "PodMetadata configures labels and annotations which + are propagated to the Prometheus pods. \n The following items are + reserved and cannot be overridden: * \"prometheus\" label, set to + the name of the Prometheus object. * \"app.kubernetes.io/instance\" + label, set to the name of the Prometheus object. * \"app.kubernetes.io/managed-by\" + label, set to \"prometheus-operator\". * \"app.kubernetes.io/name\" + label, set to \"prometheus\". * \"app.kubernetes.io/version\" label, + set to the Prometheus version. * \"operator.prometheus.io/name\" + label, set to the name of the Prometheus object. * \"operator.prometheus.io/shard\" + label, set to the shard number of the Prometheus object. * \"kubectl.kubernetes.io/default-container\" + annotation, set to \"prometheus\"." properties: annotations: additionalProperties: @@ -4528,17 +4833,17 @@ spec: type: object x-kubernetes-map-type: atomic podMonitorSelector: - description: "*Experimental* PodMonitors to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "PodMonitors to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4597,9 +4902,9 @@ spec: description: Priority class assigned to the Pods. type: string probeNamespaceSelector: - description: '*Experimental* Namespaces to match for Probe discovery. - An empty label selector matches all namespaces. A null label selector - matches the current namespace only.' + description: Namespaces to match for Probe discovery. An empty label + selector matches all namespaces. A null label selector matches the + current namespace only. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -4644,9 +4949,9 @@ spec: type: object x-kubernetes-map-type: atomic probeSelector: - description: "*Experimental* Probes to be selected for target discovery. - An empty label selector matches all objects. A null label selector - matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + description: "Probes to be selected for target discovery. An empty + label selector matches all objects. A null label selector matches + no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the Prometheus configuration is unmanaged. The Prometheus operator will ensure that the Prometheus configuration's Secret exists, but it @@ -4707,8 +5012,8 @@ spec: prometheusRulesExcludedFromEnforce: description: 'Defines the list of PrometheusRule objects to which the namespace label enforcement doesn''t apply. This is only relevant - when `spec.enforcedNamespaceLabel` is set to true. *Deprecated: - use `spec.excludedFromEnforcement` instead.*' + when `spec.enforcedNamespaceLabel` is set to true. Deprecated: use + `spec.excludedFromEnforcement` instead.' items: description: PrometheusRuleExcludeConfig enables users to configure excluded PrometheusRule names and their namespaces to be ignored @@ -4761,6 +5066,14 @@ spec: can be set to a standard I/O stream, e.g. `/dev/stdout`, to log query information to the default Prometheus log stream." type: string + reloadStrategy: + description: Defines the strategy used to reload the Prometheus configuration. + If not specified, the configuration is reloaded using the /-/reload + HTTP endpoint. + enum: + - HTTP + - ProcessSignal + type: string remoteRead: description: Defines the list of remote read configurations. items: @@ -4807,8 +5120,8 @@ spec: be set at the same time as `authorization`, or `oauth2`." properties: password: - description: The secret in the service monitor namespace - that contains the password for authentication. + description: '`password` specifies a key of a Secret containing + the password for authentication.' properties: key: description: The key of the secret to select from. Must @@ -4827,8 +5140,8 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: The secret in the service monitor namespace - that contains the username for authentication. + description: '`username` specifies a key of a Secret containing + the username for authentication.' properties: key: description: The key of the secret to select from. Must @@ -4850,12 +5163,12 @@ spec: bearerToken: description: "*Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - \n *Deprecated: this will be removed in a future release.*" + \n Deprecated: this will be removed in a future release." type: string bearerTokenFile: description: "File from which to read the bearer token for the - URL. \n *Deprecated: this will be removed in a future release. - Prefer using `authorization`.*" + URL. \n Deprecated: this will be removed in a future release. + Prefer using `authorization`." type: string filterExternalLabels: description: "Whether to use the external labels as selectors @@ -4886,8 +5199,8 @@ spec: `authorization`, or `basicAuth`." properties: clientId: - description: The secret or configmap containing the OAuth2 - client id + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' properties: configMap: description: ConfigMap containing data to use for the @@ -4931,7 +5244,8 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: The secret containing the OAuth2 client secret + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' properties: key: description: The key of the secret to select from. Must @@ -4952,15 +5266,18 @@ spec: endpointParams: additionalProperties: type: string - description: Parameters to append to the token URL + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' type: object scopes: - description: OAuth2 scopes used for the token request + description: '`scopes` defines the OAuth2 scopes used for + the token request.' items: type: string type: array tokenUrl: - description: The URL to fetch the token from + description: '`tokenURL` configures the URL to fetch the + token from.' minLength: 1 type: string required: @@ -5132,7 +5449,7 @@ spec: authorization: description: "Authorization section for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot be set at the same time as - `sigv4`, `basicAuth`, or `oauth2`." + `sigv4`, `basicAuth`, `oauth2`, or `azureAd`." properties: credentials: description: Selects a key of a Secret in the namespace @@ -5164,13 +5481,83 @@ spec: \n Default: \"Bearer\"" type: string type: object + azureAd: + description: "AzureAD for the URL. \n It requires Prometheus + >= v2.45.0. \n Cannot be set at the same time as `authorization`, + `basicAuth`, `oauth2`, or `sigv4`." + properties: + cloud: + description: The Azure Cloud. Options are 'AzurePublic', + 'AzureChina', or 'AzureGovernment'. + enum: + - AzureChina + - AzureGovernment + - AzurePublic + type: string + managedIdentity: + description: ManagedIdentity defines the Azure User-assigned + Managed identity. Cannot be set at the same time as `oauth`. + properties: + clientId: + description: The client id + type: string + required: + - clientId + type: object + oauth: + description: "OAuth defines the oauth config that is being + used to authenticate. Cannot be set at the same time as + `managedIdentity`. \n It requires Prometheus >= v2.48.0." + properties: + clientId: + description: '`clientID` is the clientId of the Azure + Active Directory application that is being used to + authenticate.' + minLength: 1 + type: string + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the client secret of the Azure Active Directory + application that is being used to authenticate.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + tenantId: + description: '`tenantID` is the tenant ID of the Azure + Active Directory application that is being used to + authenticate.' + minLength: 1 + pattern: ^[0-9a-zA-Z-.]+$ + type: string + required: + - clientId + - clientSecret + - tenantId + type: object + type: object basicAuth: description: "BasicAuth configuration for the URL. \n Cannot - be set at the same time as `sigv4`, `authorization`, or `oauth2`." + be set at the same time as `sigv4`, `authorization`, `oauth2`, + or `azureAd`." properties: password: - description: The secret in the service monitor namespace - that contains the password for authentication. + description: '`password` specifies a key of a Secret containing + the password for authentication.' properties: key: description: The key of the secret to select from. Must @@ -5189,8 +5576,8 @@ spec: type: object x-kubernetes-map-type: atomic username: - description: The secret in the service monitor namespace - that contains the username for authentication. + description: '`username` specifies a key of a Secret containing + the username for authentication.' properties: key: description: The key of the secret to select from. Must @@ -5212,13 +5599,16 @@ spec: bearerToken: description: "*Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - \n *Deprecated: this will be removed in a future release.*" + \n Deprecated: this will be removed in a future release." type: string bearerTokenFile: description: "File from which to read bearer token for the URL. - \n *Deprecated: this will be removed in a future release. - Prefer using `authorization`.*" + \n Deprecated: this will be removed in a future release. Prefer + using `authorization`." type: string + enableHTTP2: + description: Whether to enable HTTP2. + type: boolean headers: additionalProperties: type: string @@ -5250,11 +5640,11 @@ spec: oauth2: description: "OAuth2 configuration for the URL. \n It requires Prometheus >= v2.27.0. \n Cannot be set at the same time as - `sigv4`, `authorization`, or `basicAuth`." + `sigv4`, `authorization`, `basicAuth`, or `azureAd`." properties: clientId: - description: The secret or configmap containing the OAuth2 - client id + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' properties: configMap: description: ConfigMap containing data to use for the @@ -5298,7 +5688,8 @@ spec: x-kubernetes-map-type: atomic type: object clientSecret: - description: The secret containing the OAuth2 client secret + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' properties: key: description: The key of the secret to select from. Must @@ -5319,15 +5710,18 @@ spec: endpointParams: additionalProperties: type: string - description: Parameters to append to the token URL + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' type: object scopes: - description: OAuth2 scopes used for the token request + description: '`scopes` defines the OAuth2 scopes used for + the token request.' items: type: string type: array tokenUrl: - description: The URL to fetch the token from + description: '`tokenURL` configures the URL to fetch the + token from.' minLength: 1 type: string required: @@ -5345,6 +5739,7 @@ spec: batchSendDeadline: description: BatchSendDeadline is the maximum time a sample will wait in buffer. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: Capacity is the number of samples to buffer @@ -5352,6 +5747,7 @@ spec: type: integer maxBackoff: description: MaxBackoff is the maximum retry delay. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: description: MaxRetries is the maximum number of times to @@ -5368,16 +5764,23 @@ spec: minBackoff: description: MinBackoff is the initial retry delay. Gets doubled for every retry. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: description: MinShards is the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: - description: Retry upon receiving a 429 status code from - the remote-write storage. This is experimental feature - and might change in the future. + description: "Retry upon receiving a 429 status code from + the remote-write storage. \n This is an *experimental + feature*, it may change in any upcoming release in a breaking + way." type: boolean + sampleAgeLimit: + description: SampleAgeLimit drops samples older than the + limit. It requires Prometheus >= v2.50.0. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string type: object remoteTimeout: description: Timeout for requests to the remote write endpoint. @@ -5397,8 +5800,8 @@ spec: sigv4: description: "Sigv4 allows to configures AWS's Signature Verification 4 for the URL. \n It requires Prometheus >= v2.26.0. \n Cannot - be set at the same time as `authorization`, `basicAuth`, or - `oauth2`." + be set at the same time as `authorization`, `basicAuth`, `oauth2`, + or `azureAd`." properties: accessKey: description: AccessKey is the AWS API key. If not specified, @@ -5864,10 +6267,247 @@ spec: 2.45.0 and newer. format: int64 type: integer + scrapeClasses: + description: "List of scrape classes to expose to scraping objects + such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. + \n This is an *experimental feature*, it may change in any upcoming + release in a breaking way." + items: + properties: + default: + description: "Default indicates that the scrape applies to all + scrape objects that don't configure an explicit scrape class + name. \n Only one scrape class can be set as default." + type: boolean + name: + description: Name of the scrape class. + minLength: 1 + type: string + relabelings: + description: "Relabelings configures the relabeling rules to + apply to all scrape targets. \n The Operator automatically + adds relabelings for a few standard Kubernetes fields like + `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. + Then the Operator adds the scrape class relabelings defined + here. Then the Operator adds the target-specific relabelings + defined in the scrape object. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular + expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." + type: string + type: object + type: array + tlsConfig: + description: TLSConfig section for scrapes. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map scrapeConfigNamespaceSelector: - description: Namespaces to match for ScrapeConfig discovery. An empty - label selector matches all namespaces. A null label selector matches - the current current namespace only. + description: "Namespaces to match for ScrapeConfig discovery. An empty + label selector matches all namespaces. A null label selector matches + the current namespace only. \n Note that the ScrapeConfig custom + resource definition is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -5912,17 +6552,18 @@ spec: type: object x-kubernetes-map-type: atomic scrapeConfigSelector: - description: "*Experimental* ScrapeConfigs to be selected for target - discovery. An empty label selector matches all objects. A null label - selector matches no objects. \n If `spec.serviceMonitorSelector`, - `spec.podMonitorSelector`, `spec.probeSelector` and `spec.scrapeConfigSelector` - are null, the Prometheus configuration is unmanaged. The Prometheus - operator will ensure that the Prometheus configuration's Secret - exists, but it is the responsibility of the user to provide the - raw gzipped Prometheus configuration under the `prometheus.yaml.gz` - key. This behavior is *deprecated* and will be removed in the next - major version of the custom resource definition. It is recommended - to use `spec.additionalScrapeConfigs` instead." + description: "ScrapeConfigs to be selected for target discovery. An + empty label selector matches all objects. A null label selector + matches no objects. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, + `spec.probeSelector` and `spec.scrapeConfigSelector` are null, the + Prometheus configuration is unmanaged. The Prometheus operator will + ensure that the Prometheus configuration's Secret exists, but it + is the responsibility of the user to provide the raw gzipped Prometheus + configuration under the `prometheus.yaml.gz` key. This behavior + is *deprecated* and will be removed in the next major version of + the custom resource definition. It is recommended to use `spec.additionalScrapeConfigs` + instead. \n Note that the ScrapeConfig custom resource definition + is currently at Alpha level." properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -5971,6 +6612,23 @@ spec: description: "Interval between consecutive scrapes. \n Default: \"30s\"" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string + scrapeProtocols: + description: "The protocols to negotiate during a scrape. It tells + clients the protocols supported by Prometheus in order of preference + (from most to least preferred). \n If unset, Prometheus uses its + default value. \n It requires Prometheus >= v2.49.0." + items: + description: 'ScrapeProtocol represents a protocol used by Prometheus + for scraping metrics. Supported values are: * `OpenMetricsText0.0.1` + * `OpenMetricsText1.0.0` * `PrometheusProto` * `PrometheusText0.0.4`' + enum: + - PrometheusProto + - OpenMetricsText0.0.1 + - OpenMetricsText1.0.0 + - PrometheusText0.0.4 + type: string + type: array + x-kubernetes-list-type: set scrapeTimeout: description: Number of seconds to wait until a scrape request times out. @@ -6259,17 +6917,17 @@ spec: type: object x-kubernetes-map-type: atomic sha: - description: '*Deprecated: use ''spec.image'' instead. The image''s - digest can be specified as part of the image name.*' + description: 'Deprecated: use ''spec.image'' instead. The image''s + digest can be specified as part of the image name.' type: string shards: - description: "EXPERIMENTAL: Number of shards to distribute targets - onto. `spec.replicas` multiplied by `spec.shards` is the total number - of Pods created. \n Note that scaling down shards will not reshard - data onto remaining instances, it must be manually moved. Increasing - shards will not reshard data either but it will continue to be available - from the same instances. To query globally, use Thanos sidecar and - Thanos querier or remote write data to a central location. \n Sharding + description: "Number of shards to distribute targets onto. `spec.replicas` + multiplied by `spec.shards` is the total number of Pods created. + \n Note that scaling down shards will not reshard data onto remaining + instances, it must be manually moved. Increasing shards will not + reshard data either but it will continue to be available from the + same instances. To query globally, use Thanos sidecar and Thanos + querier or remote write data to a central location. \n Sharding is performed on the content of the `__address__` target meta-label for PodMonitors and ServiceMonitors and `__param_target__` for Probes. \n Default: 1" @@ -6279,8 +6937,8 @@ spec: description: Storage defines the storage used by Prometheus. properties: disableMountSubPath: - description: '*Deprecated: subPath usage will be removed in a - future release.*' + description: 'Deprecated: subPath usage will be removed in a future + release.' type: boolean emptyDir: description: 'EmptyDirVolumeSource to be used by the StatefulSet. @@ -6453,30 +7111,6 @@ spec: value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It - can only be set for containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -6555,6 +7189,27 @@ spec: description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName may be used + to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update + the volume with the attributes defined in the corresponding + VolumeAttributesClass. This has a different purpose + than storageClassName, it can be changed after the + claim is created. An empty string value means that + no VolumeAttributesClass will be applied to the + claim but it''s not allowed to reset this field + to empty string once it is set. If unspecified and + the PersistentVolumeClaim is unbound, the default + VolumeAttributesClass will be set by the persistentvolume + controller if it exists. If the resource referred + to by volumeAttributesClass does not exist, this + PersistentVolumeClaim will be set to a Pending state, + as reflected by the modifyVolumeStatus field, until + such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' + type: string volumeMode: description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is @@ -6721,30 +7376,6 @@ spec: must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable. It can only be set for - containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -6821,6 +7452,26 @@ spec: description: 'storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName may be used to + set the VolumeAttributesClass used by this claim. If + specified, the CSI driver will create or update the + volume with the attributes defined in the corresponding + VolumeAttributesClass. This has a different purpose + than storageClassName, it can be changed after the claim + is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed to + reset this field to empty string once it is set. If + unspecified and the PersistentVolumeClaim is unbound, + the default VolumeAttributesClass will be set by the + persistentvolume controller if it exists. If the resource + referred to by volumeAttributesClass does not exist, + this PersistentVolumeClaim will be set to a Pending + state, as reflected by the modifyVolumeStatus field, + until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' + type: string volumeMode: description: volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied @@ -6832,7 +7483,7 @@ spec: type: string type: object status: - description: '*Deprecated: this field is never set.*' + description: 'Deprecated: this field is never set.' properties: accessModes: description: 'accessModes contains the actual access modes @@ -6968,6 +7619,42 @@ spec: - type type: object type: array + currentVolumeAttributesClassName: + description: currentVolumeAttributesClassName is the current + name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied + to this PersistentVolumeClaim This is an alpha field + and requires enabling VolumeAttributesClass feature. + type: string + modifyVolumeStatus: + description: ModifyVolumeStatus represents the status + object of ControllerModifyVolume operation. When this + is unset, there is no ModifyVolume operation being attempted. + This is an alpha field and requires enabling VolumeAttributesClass + feature. + properties: + status: + description: 'status is the status of the ControllerModifyVolume + operation. It can be in any of following states: + - Pending Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, such + as the specified VolumeAttributesClass not existing. + - InProgress InProgress indicates that the volume + is being modified. - Infeasible Infeasible indicates + that the request has been rejected as invalid by + the CSI driver. To resolve the error, a valid VolumeAttributesClass + needs to be specified. Note: New statuses can be + added in the future. Consumers should check for + unknown statuses and fail appropriately.' + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is the + name of the VolumeAttributesClass the PVC currently + being reconciled + type: string + required: + - status + type: object phase: description: phase represents the current phase of PersistentVolumeClaim. type: string @@ -6975,8 +7662,8 @@ spec: type: object type: object tag: - description: '*Deprecated: use ''spec.image'' instead. The image''s - tag can be specified as part of the image name.*' + description: 'Deprecated: use ''spec.image'' instead. The image''s + tag can be specified as part of the image name.' type: string targetLimit: description: TargetLimit defines a limit on the number of scraped @@ -6985,9 +7672,7 @@ spec: format: int64 type: integer thanos: - description: "Defines the configuration of the optional Thanos sidecar. - \n This section is experimental, it may change significantly without - deprecation notice in any release." + description: Defines the configuration of the optional Thanos sidecar. properties: additionalArgs: description: AdditionalArgs allows setting additional arguments @@ -7013,7 +7698,7 @@ spec: type: object type: array baseImage: - description: '*Deprecated: use ''image'' instead.*' + description: 'Deprecated: use ''image'' instead.' type: string blockSize: default: 2h @@ -7190,8 +7875,8 @@ spec: when the operator was released." type: string listenLocal: - description: '*Deprecated: use `grpcListenLocal` and `httpListenLocal` - instead.*' + description: 'Deprecated: use `grpcListenLocal` and `httpListenLocal` + instead.' type: boolean logFormat: description: Log format for the Thanos sidecar. @@ -7298,19 +7983,19 @@ spec: type: object type: object sha: - description: '*Deprecated: use ''image'' instead. The image digest - can be specified as part of the image name.*' + description: 'Deprecated: use ''image'' instead. The image digest + can be specified as part of the image name.' type: string tag: - description: '*Deprecated: use ''image'' instead. The image''s - tag can be specified as part of the image name.*' + description: 'Deprecated: use ''image'' instead. The image''s + tag can be specified as as part of the image name.' type: string tracingConfig: description: "Defines the tracing configuration for the Thanos - sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ - \n This is an experimental feature, it may change in any upcoming - release in a breaking way. \n tracingConfigFile takes precedence - over this field." + sidecar. \n `tracingConfigFile` takes precedence over this field. + \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way." properties: key: description: The key of the secret to select from. Must be @@ -7330,10 +8015,10 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: "Defines the tracing configuration file for the Thanos - sidecar. \n More info: https://thanos.io/tip/thanos/tracing.md/ - \n This is an experimental feature, it may change in any upcoming - release in a breaking way. \n This field takes precedence over - tracingConfig." + sidecar. \n This field takes precedence over `tracingConfig`. + \n More info: https://thanos.io/tip/thanos/tracing.md/ \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way." type: string version: description: "Version of Thanos being deployed. The operator uses @@ -7428,9 +8113,14 @@ spec: topologySpreadConstraints: description: Defines the pod's topology spread constraints if specified. items: - description: TopologySpreadConstraint specifies how to spread matching - pods among the given topology. properties: + additionalLabelSelectors: + description: Defines what Prometheus Operator managed labels + should be added to labelSelector on the topologySpreadConstraint. + enum: + - OnResource + - OnShard + type: string labelSelector: description: LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the @@ -7598,9 +8288,9 @@ spec: type: object type: array tracingConfig: - description: 'EXPERIMENTAL: TracingConfig configures tracing in Prometheus. - This is an experimental feature, it may change in any upcoming release - in a breaking way.' + description: "TracingConfig configures tracing in Prometheus. \n This + is an *experimental feature*, it may change in any upcoming release + in a breaking way." properties: clientType: description: Client used to export the traces. Supported values @@ -7784,9 +8474,9 @@ spec: description: "Configures how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. \n An out-of-order/out-of-bounds sample is ingested into the TSDB as long as the timestamp of - the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). \n Out - of order ingestion is an experimental feature. \n It requires - Prometheus >= v2.39.0." + the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). \n This + is an *experimental feature*, it may change in any upcoming + release in a breaking way. \n It requires Prometheus >= v2.39.0." pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -8396,31 +9086,6 @@ spec: value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. - It can only be set for containers." - items: - description: ResourceClaim references one - entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -8503,6 +9168,28 @@ spec: StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string + volumeAttributesClassName: + description: 'volumeAttributesClassName may be used + to set the VolumeAttributesClass used by this + claim. If specified, the CSI driver will create + or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This + has a different purpose than storageClassName, + it can be changed after the claim is created. + An empty string value means that no VolumeAttributesClass + will be applied to the claim but it''s not allowed + to reset this field to empty string once it is + set. If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller + if it exists. If the resource referred to by volumeAttributesClass + does not exist, this PersistentVolumeClaim will + be set to a Pending state, as reflected by the + modifyVolumeStatus field, until such as a resource + exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' + type: string volumeMode: description: volumeMode defines what type of volume is required by the claim. Value of Filesystem @@ -8877,6 +9564,102 @@ spec: description: Projection that may be projected along with other supported volume types properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access + the `.spec.trustBundle` field of ClusterTrustBundle + objects in an auto-updating file. \n Alpha, gated + by the ClusterTrustBundleProjection feature gate. + \n ClusterTrustBundle objects can either be selected + by name, or by the combination of signer name and + a label selector. \n Kubelet performs aggressive + normalization of the PEM contents written into the + pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates + are deduplicated. The ordering of certificates within + the file is arbitrary, and Kubelet may change the + order over time." + properties: + labelSelector: + description: Select all ClusterTrustBundles that + match this label selector. Only has effect + if signerName is set. Mutually-exclusive with + name. If unset, interpreted as "match nothing". If + set but empty, interpreted as "match everything". + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: Select a single ClusterTrustBundle + by object name. Mutually-exclusive with signerName + and labelSelector. + type: string + optional: + description: If true, don't block pod startup + if the referenced ClusterTrustBundle(s) aren't + available. If using name, then the named ClusterTrustBundle + is allowed not to exist. If using signerName, + then the combination of signerName and labelSelector + is allowed to match zero ClusterTrustBundles. + type: boolean + path: + description: Relative path from the volume root + to write the bundle. + type: string + signerName: + description: Select all ClusterTrustBundles that + match this signer name. Mutually-exclusive with + name. The contents of all selected ClusterTrustBundles + will be unified and deduplicated. + type: string + required: + - path + type: object configMap: description: configMap information about the configMap data to project @@ -9676,6 +10459,10 @@ spec: Prometheus deployment (their labels match the selector). format: int32 type: integer + selector: + description: The selector used to match the pods targeted by this + Prometheus resource. + type: string shardStatuses: description: The list has one entry per shard. Each entry provides a summary of the shard status. @@ -9714,6 +10501,10 @@ spec: x-kubernetes-list-map-keys: - shardID x-kubernetes-list-type: map + shards: + description: Shards is the most recently observed number of shards. + format: int32 + type: integer unavailableReplicas: description: Total number of unavailable pods targeted by this Prometheus deployment. @@ -9737,4 +10528,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.shards + statusReplicasPath: .status.shards status: {} \ No newline at end of file diff --git a/operators/endpointmetrics/manifests/prometheus/prometheus-operator-deployment.yaml b/operators/endpointmetrics/manifests/prometheus/prometheus-operator-deployment.yaml index 0ce39364b5..0eede809de 100644 --- a/operators/endpointmetrics/manifests/prometheus/prometheus-operator-deployment.yaml +++ b/operators/endpointmetrics/manifests/prometheus/prometheus-operator-deployment.yaml @@ -25,7 +25,7 @@ spec: - '--kubelet-service=kube-system/kubelet' - '--prometheus-config-reloader={{PROM_CONFIGMAP_RELOADER_IMG}}' - '--namespaces={{NAMESPACE}}' - image: quay.io/prometheus-operator/prometheus-operator:v0.68.0 + image: quay.io/prometheus-operator/prometheus-operator:v0.73.2 imagePullPolicy: IfNotPresent name: prometheus-operator ports: