fix(deployment): template affinity

.drone.yml

@@ -17,16 +17,7 @@ steps:
 - name: helm lint
   commands:
   - helm lint
-  image: git.cryptic.systems/volker.raschek/helm:3.16.1
-  resources:
-    limits:
-      cpu: 150
-      memory: 150M
-
-- name: markdown lint
-  commands:
-  - markdownlint *.md
-  image: git.cryptic.systems/volker.raschek/markdownlint:0.42.0
+  image: git.cryptic.systems/volker.raschek/helm:3.16.3
   resources:
     limits:
       cpu: 150
@@ -78,7 +69,7 @@ steps:
 - name: helm unittest
   commands:
   - helm unittest --strict --file 'unittests/**/*.yaml' ./
-  image: git.cryptic.systems/volker.raschek/helm:3.16.1
+  image: git.cryptic.systems/volker.raschek/helm:3.16.3
   resources:
     limits:
       cpu: 150
@@ -114,7 +105,7 @@ trigger:
 ---
 kind: pipeline
 type: kubernetes
-name: Generate README.md
+name: Generate, compare and lint README.md
 
 clone:
   disable: true
@@ -127,11 +118,12 @@ steps:
 - name: clone repository
   image: git.cryptic.systems/volker.raschek/git:1.4.0
 
-- name: generate README
+- name: execute NPM modules
   commands:
   - npm install
-  - npm run readme:parameters
+  - npm run readme:link
   - npm run readme:lint
+  - npm run readme:parameters
   image: docker.io/library/node:23.3.0-alpine
   resources:
     limits:
@@ -195,7 +187,7 @@ steps:
       from_secret: helm_repo_password
     HELM_REPO_USERNAME:
       from_secret: helm_repo_username
-  image: git.cryptic.systems/volker.raschek/helm:3.16.1
+  image: git.cryptic.systems/volker.raschek/helm:3.16.3
   resources:
     limits:
       cpu: 150

.markdownlint.yaml

@@ -128,16 +128,18 @@ MD044:
   # List of proper names
   names:
     - Git
-    - Gitea
     - GitDevOps
+    - Gitea
     - GitHub
     - GitLab
     - GitOps
+    - kube-prometheus-stack
     - Memcached
     - Oracle
     - ORBIS U
     - PostgreSQL
     - Prometheus
+    - prometheus-exporter
     - SSL
     - TLS
   # Include code blocks

Makefile

@@ -11,7 +11,7 @@ HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:
 MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST?=ghcr.io
 MARKDOWNLINKCHECK_IMAGE_REPOSITORY=tcort/markdown-link-check
 MARKDOWNLINKCHECK_IMAGE_VERSION?=3.12.2 # renovate: datasource=docker registryUrl=https://ghcr.io depName=tcort/markdown-link-check
-MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED=${MARKDOWNLINT_IMAGE_REGISTRY_HOST}/${MARKDOWNLINT_IMAGE_REPOSITORY}:${MARKDOWNLINT_IMAGE_VERSION}
+MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED=${MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST}/${MARKDOWNLINKCHECK_IMAGE_REPOSITORY}:${MARKDOWNLINKCHECK_IMAGE_VERSION}
 
 # NODE_IMAGE
 NODE_IMAGE_REGISTRY_HOST?=docker.io
@@ -24,16 +24,34 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:
 missing-dot:
 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
 
-# CONTAINER RUN - PREPARE ENVIRONMENT
+# CONTAINER RUN - README
 # ==============================================================================
 PHONY+=container-run/readme
-container-run/readme:
+container-run/readme: container-run/readme/link container-run/readme/lint container-run/readme/parameters
+
+container-run/readme/link:
 	${CONTAINER_RUNTIME} run \
 		--rm \
 		--volume $(shell pwd):$(shell pwd) \
 		--workdir $(shell pwd) \
 			${NODE_IMAGE_FULLY_QUALIFIED} \
-				npm install && npm run readme:parameters && npm run readme:lint
+				npm install && npm run readme:link
+
+container-run/readme/lint:
+	${CONTAINER_RUNTIME} run \
+		--rm \
+		--volume $(shell pwd):$(shell pwd) \
+		--workdir $(shell pwd) \
+			${NODE_IMAGE_FULLY_QUALIFIED} \
+				npm install && npm run readme:lint
+
+container-run/readme/parameters:
+	${CONTAINER_RUNTIME} run \
+		--rm \
+		--volume $(shell pwd):$(shell pwd) \
+		--workdir $(shell pwd) \
+			${NODE_IMAGE_FULLY_QUALIFIED} \
+				npm install && npm run readme:parameters
 
 # CONTAINER RUN - HELM UNITTESTS
 # ==============================================================================

README.md

@@ -46,7 +46,8 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
 versions can break something!
 
 ```bash
-helm show values prometheus-exporters/prometheus-postgres-exporter --version 0.1.0 > values.yaml
+CHART_VERSION=0.1.0
+helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml
 ```
 
 A complete list of available helm chart versions can be displayed via the following command:
@@ -62,7 +63,7 @@ for customizations. These can be configured in more detail via `values.yaml`.
 
 The following examples serve as individual configurations and as inspiration for how deployment problems can be solved.
 
-### TLS authentication and encryption
+#### TLS authentication and encryption
 
 The first example shows how to deploy the metric exporter with TLS encryption. The verification of the custom TLS
 certification will be skipped by Prometheus.
@@ -116,6 +117,47 @@ replaced:
 +   --set 'prometheus.metrics.serviceMonitor.tlsConfig.keyFile=/etc/prometheus/tls/tls.key'
 ```
 
+#### Grafana dashboard
+
+The helm chart includes Grafana dashboards. These can be deployed as a configMap by activating Grafana integration. It
+is assumed that the dashboard is consumed by Grafana or a sidecar container itself and that the dashboard is stored in
+the Grafana container file system so that it is subsequently available to the user. The
+[kube-prometheus-stack](https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack) deployment
+makes this possible.
+
+```bash
+helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
+  --set 'config.database.secret.databaseUsername=postgres' \
+  --set 'config.database.secret.databasePassword=postgres' \
+  --set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
+  --set 'grafana.enabled=true'
+```
+
+#### Avoid deploying on same node / bare metal host as PostgresDB
+
+As a best practice, avoid running the postgres-exporter on the same node / bare-metal host as the PostgresDB. This is
+because if the postgres-exporter is running on the same node and this node fails, Prometheus can send an alert about the
+failure of the node or that the postgres-exporter cannot be reached. However, it is not possible to react based on the
+metrics that the postgres-exporter explicitly provides. Depending on the configuration of alerts, this may mean that the
+corresponding notifications are not sent to the right person or group of people.
+
+The following example prevent the postgres-exporter from running on nodes with a PostgresDB. The PostgresDB nodes has an
+additional label `database=postgres`. The configuration is carried out in `values.yaml`.
+
+```yaml
+deployment:
+  affinity:
+    nodeAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        preference:
+          matchExpressions:
+          - key: database
+            operator: NotIn
+            values:
+            - postgres
+```
+
 ## Parameters
 
 ### Global
@@ -152,7 +194,7 @@ replaced:
 | Name                                               | Description                                                                                                | Value                                   |
 | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------------------- |
 | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`                                    |
-| `deployment.labels`                                | Additional ingress labels.                                                                                 | `{}`                                    |
+| `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`                                    |
 | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`                                    |
 | `deployment.affinity`                              | Affinity for the postgres-exporter deployment.                                                             | `{}`                                    |
 | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`                                    |
@@ -183,7 +225,7 @@ replaced:
 | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                                    |
 | `deployment.tolerations`                           | Tolerations of the postgres-exporter deployment.                                                           | `[]`                                    |
 | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the postgres-exporter deployment.                                             | `[]`                                    |
-| `deployment.volumes`                               | Additional volumes to mount into the pods of the Prometheus-exporter deployment.                           | `[]`                                    |
+| `deployment.volumes`                               | Additional volumes to mount into the pods of the prometheus-exporter deployment.                           | `[]`                                    |
 
 ### Grafana
 

package.json

@@ -1,6 +1,6 @@
 {
-  "name": "qu-seed-chart",
-  "homepage": "https://github.com/dedalus-cis4u/qu-seed-chart.git",
+  "name": "prometheus-postgres-exporter",
+  "homepage": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter.git",
   "license": "MIT",
   "private": true,
   "engineStrict": true,
@@ -9,11 +9,13 @@
     "npm": ">=8.0.0"
   },
   "scripts": {
+    "readme:link": "markdown-link-check *.md",
     "readme:lint": "markdownlint *.md -f",
     "readme:parameters": "readme-generator -v values.yaml -r README.md"
   },
   "devDependencies": {
     "@bitnami/readme-generator-for-helm": "^2.5.0",
+    "markdown-link-check": "^3.13.6",
     "markdownlint-cli": "^0.43.0"
   }
 }

renovate.json

@@ -11,20 +11,34 @@
         "appVersion: \"(?<currentValue>.*?)\"\\s+"
       ],
       "datasourceTemplate": "docker",
-      "depNameTemplate": "prometheus-postgres-exporter",
-      "lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter"
+      "depNameTemplate": "prometheuscommunity/postgres-exporter",
+      "lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter",
+      "versioningTemplate": "semver"
+    },
+    {
+      "description": "Detect helm chart version in README",
+      "fileMatch": [
+        "^README\\.md$"
+      ],
+      "matchStrings": [
+        "^CHART_VERSION=(?<currentValue>.*)$"
+      ],
+      "datasourceTemplate": "git-tags",
+      "depNameTemplate": "volker.raschek/prometheus-postgres-exporter",
+      "packageNameTemplate": "git.cryptic.systems/volker.raschek/prometheus-postgres-exporter",
+      "versioningTemplate": "semver"
     }
   ],
   "labels": [ "renovate" ],
   "packageRules": [
     {
-      "addLabels": [ "renovate/droneci", "renovate/automerge" ],
+      "addLabels": [ "renovate/automerge", "renovate/droneci" ],
       "automerge": true,
       "matchManagers": "droneci",
       "matchUpdateTypes": [ "minor", "patch"]
     },
     {
-      "addLabels": [ "renovate/markdownlint", "renovate/automerge" ],
+      "addLabels": [ "renovate/automerge", "renovate/npm" ],
       "automerge": true,
       "matchPackageNames": [ "markdownlint-cli", "@bitnami/readme-generator-for-helm" ],
       "matchManagers": [ "npm" ],

templates/prometheus-postgres-exporter/deployment.yaml

@@ -12,6 +12,7 @@ metadata:
   name: {{ include "prometheus-postgres-exporter.fullname" . }}
   namespace: {{ .Release.Namespace }}
 spec:
+  replicas: {{ .Values.deployment.replicas }}
   selector:
     matchLabels:
       {{- include "prometheus-postgres-exporter.pod.selectorLabels" . | nindent 6 }}
@@ -20,6 +21,10 @@ spec:
       labels:
         {{- include "prometheus-postgres-exporter.pod.labels" . | nindent 8 }}
     spec:
+      {{- with .Values.deployment.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       containers:
       - name: postgres-exporter
         args:

unittests/deployment/deployment.yaml

@@ -27,6 +27,11 @@ tests:
         app.kubernetes.io/name: prometheus-postgres-exporter
         app.kubernetes.io/version: 0.1.0
         helm.sh/chart: prometheus-postgres-exporter-0.1.0
+  - equal:
+      path: spec.replicas
+      value: 1
+  - notExists:
+      path: spec.template.spec.affinity
   - contains:
       path: spec.template.spec.containers[0].envFrom
       content:
@@ -91,6 +96,40 @@ tests:
   - notExists:
       path: spec.template.spec.topologySpreadConstraints
 
+- it: Test custom replicas
+  set:
+    deployment.replicas: 3
+  asserts:
+  - equal:
+      path: spec.replicas
+      value: 3
+
+- it: Test custom affinity
+  set:
+    deployment.affinity:
+      nodeAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          nodeSelectorTerms:
+          - matchExpressions:
+            - key: topology.kubernetes.io/zone
+              operator: In
+              values:
+              - antarctica-east1
+              - antarctica-west1
+  asserts:
+  - equal:
+      path: spec.template.spec.affinity
+      value:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: topology.kubernetes.io/zone
+                operator: In
+                values:
+                - antarctica-east1
+                - antarctica-west1
+
 - it: Test additional arguments
   set:
     deployment.postgresExporter.args:

values.schema.json

@@ -259,7 +259,7 @@
         "priorityClassName": {
           "type": "string"
         },
-        "replicaCount": {
+        "replicas": {
           "type": "integer"
         },
         "restartPolicy": {
@@ -326,7 +326,7 @@
         "postgresExporter",
         "nodeSelector",
         "priorityClassName",
-        "replicaCount",
+        "replicas",
         "restartPolicy",
         "securityContext",
         "strategy",

values.yaml

@@ -1,6 +1,3 @@
-# Default values for qu-seed.
-# This is a YAML-formatted file.
-
 # Declare variables to be passed into your templates.
 ## @section Global
 ## @param nameOverride Individual release name suffix.
@@ -84,7 +81,7 @@ config:
 ## @section Deployment
 deployment:
   ## @param deployment.annotations Additional deployment annotations.
-  ## @param deployment.labels Additional ingress labels.
+  ## @param deployment.labels Additional deployment labels.
   annotations: {}
   labels: {}
 
@@ -201,8 +198,8 @@ deployment:
   ## @param deployment.priorityClassName PriorityClassName of the postgres-exporter deployment.
   priorityClassName: ""
 
-  ## @param deployment.replicaCount Number of replicas for the postgres-exporter deployment.
-  replicaCount: 1
+  ## @param deployment.replicas Number of replicas for the postgres-exporter deployment.
+  replicas: 1
 
   ## @param deployment.restartPolicy Restart policy of the postgres-exporter deployment.
   restartPolicy: ""
@@ -248,7 +245,7 @@ deployment:
   #     secretName: my-secret
 
 ## @section Grafana
-## @param grafana.enabled Enable integration into Grafana. Require the prometheus operator deployment.
+## @param grafana.enabled Enable integration into Grafana. Require the Prometheus operator deployment.
 grafana:
   enabled: false
 
@@ -315,7 +312,7 @@ prometheus:
     ## @param prometheus.metrics.podMonitor.honorLabels Honor labels.
     ## @param prometheus.metrics.podMonitor.labels Additional podMonitor labels.
     ## @param prometheus.metrics.podMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
-    ## @param prometheus.metrics.podMonitor.path HTTP path for scraping prometheus metrics.
+    ## @param prometheus.metrics.podMonitor.path HTTP path for scraping Prometheus metrics.
     ## @param prometheus.metrics.podMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
     ## @param prometheus.metrics.podMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
     ## @param prometheus.metrics.podMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@@ -342,7 +339,7 @@ prometheus:
     ## @param prometheus.metrics.serviceMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
     ## @param prometheus.metrics.serviceMonitor.honorLabels Honor labels.
     ## @param prometheus.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
-    ## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping prometheus metrics.
+    ## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping Prometheus metrics.
     ## @param prometheus.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
     ## @param prometheus.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
     ## @param prometheus.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@@ -362,8 +359,8 @@ prometheus:
       scheme: "http"
       tlsConfig: {}
 
-  ## @param prometheus.rules Array of prometheus rules for monitoring the application and triggering alerts.
-  ## @skip prometheus.rules Skip individual prometheus rules.
+  ## @param prometheus.rules Array of Prometheus rules for monitoring the application and triggering alerts.
+  ## @skip prometheus.rules Skip individual Prometheus rules.
   rules: []
   # - alert: ExporterErrors
   #   expr: pg_exporter_last_scrape_error == 1