You've already forked prometheus-postgres-exporter
							
							Compare commits
	
		
			84 Commits
		
	
	
		
			0.3.2
			...
			62f0815a3b
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 62f0815a3b | |||
| c669330a80 | |||
| f05dd2d8bf | |||
| c8ee5ce6be | |||
| fc5f3c03da | |||
| add1ff75a7 | |||
| 63f409ecdb | |||
| 07653e9933 | |||
| 60efba2603 | |||
| e9053be636 | |||
| 0001791071 | |||
| c1529d6833 | |||
| b7c5764e1b | |||
| e0dfced491 | |||
| 9c89db23f3 | |||
| cf5e67b252 | |||
| 70e0e5110f | |||
| 31931cc838 | |||
| a49a432605 | |||
| 5bd349472c | |||
| 21e608389f | |||
| 39c064c8b4 | |||
| 975eaa0d5d | |||
| dff777e6de | |||
| 6c683afcc6 | |||
| 113a4b76c9 | |||
| 2821f844b0 | |||
| c912bc729e | |||
| 448ab03ab2 | |||
| bb2da8f33f | |||
| cb548921a6 | |||
| 46bceb7e4d | |||
| 3c8fb86231 | |||
| 0cf63593e9 | |||
| 81fb535128 | |||
| e5b0965373 | |||
| 40712d3c7f | |||
| 1ebde5500d | |||
| 99ac3e0b6b | |||
| 3cea56ef58 | |||
| 608ded18c7 | |||
| d62cc4beae | |||
| 89ef3c929e | |||
| 9840520b71 | |||
| 3940ea39c5 | |||
| a6ec076ce6 | |||
| 12970b3820 | |||
| dbd6b83218 | |||
| e466c50e35 | |||
| 19d683d712 | |||
| 69f068c406 | |||
| 1edd96e3e1 | |||
| 80819f16ef | |||
| 3dcb8173e3 | |||
| 5c20ed5f31 | |||
| 39534a06dc | |||
| 34b5e27456 | |||
| 74b6ddf46d | |||
| 7323ba09bf | |||
| 3f4c459d43 | |||
| 304139cb6d | |||
| 08ca70c65c | |||
| 6f954dfdf6 | |||
| b88ae944e6 | |||
| 29b908f8da | |||
| 76134921b8 | |||
| 7ebfd12593 | |||
| 74ef3835f4 | |||
| 80c8ff0d3b | |||
| de379ec1ef | |||
| 9275bca045 | |||
| a33f92e63d | |||
| db3fbb9497 | |||
| 4d349c36ff | |||
| a3038a75c8 | |||
| c497a31ecc | |||
| c7a07eb7d1 | |||
| 4b19f57ac5 | |||
| 310cdfaffe | |||
| 8c2665fdc6 | |||
| bb9d71d233 | |||
| ded6c55521 | |||
| b3a9ddd487 | |||
| f87d417e73 | 
							
								
								
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										114
									
								
								.gitea/scripts/add-annotations.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,114 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| set -e | ||||
|  | ||||
| CHART_FILE="Chart.yaml" | ||||
| if [ ! -f "${CHART_FILE}" ]; then | ||||
|   echo "ERROR: ${CHART_FILE} not found!" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||
| DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||
|  | ||||
| if [ -z "${1}" ]; then | ||||
|   read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||
|   if [ -z "${OLD_TAG}" ]; then | ||||
|     OLD_TAG="${DEFAULT_OLD_TAG}" | ||||
|   fi | ||||
|  | ||||
|   while [ -z "$(git tag --list "${OLD_TAG}")" ]; do | ||||
|     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||
|     read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG | ||||
|     if [ -z "${OLD_TAG}" ]; then | ||||
|       OLD_TAG="${DEFAULT_OLD_TAG}" | ||||
|     fi | ||||
|   done | ||||
| else | ||||
|   OLD_TAG=${1} | ||||
|   if [ -z "$(git tag --list "${OLD_TAG}")" ]; then | ||||
|     echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2 | ||||
|     exit 1 | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| if [ -z "${2}" ]; then | ||||
|   read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||
|   if [ -z "${NEW_TAG}" ]; then | ||||
|     NEW_TAG="${DEFAULT_NEW_TAG}" | ||||
|   fi | ||||
|  | ||||
|   while [ -z "$(git tag --list "${NEW_TAG}")" ]; do | ||||
|     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||
|     read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG | ||||
|     if [ -z "${NEW_TAG}" ]; then | ||||
|       NEW_TAG="${DEFAULT_NEW_TAG}" | ||||
|     fi | ||||
|   done | ||||
| else | ||||
|   NEW_TAG=${2} | ||||
|  | ||||
|   if [ -z "$(git tag --list "${NEW_TAG}")" ]; then | ||||
|     echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2 | ||||
|     exit 1 | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| CHANGE_LOG_YAML=$(mktemp) | ||||
| echo "[]" > "${CHANGE_LOG_YAML}" | ||||
|  | ||||
| function map_type_to_kind() { | ||||
|   case "${1}" in | ||||
|     feat) | ||||
|       echo "added" | ||||
|     ;; | ||||
|     fix) | ||||
|       echo "fixed" | ||||
|     ;; | ||||
|     chore|style|test|ci|docs|refac) | ||||
|       echo "changed" | ||||
|     ;; | ||||
|     revert) | ||||
|       echo "removed" | ||||
|     ;; | ||||
|     sec) | ||||
|       echo "security" | ||||
|     ;; | ||||
|     *) | ||||
|       echo "skip" | ||||
|     ;; | ||||
|   esac | ||||
| } | ||||
|  | ||||
| COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")" | ||||
|  | ||||
| echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}" | ||||
|  | ||||
| while IFS= read -r line; do | ||||
|   if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then | ||||
|     TYPE="${BASH_REMATCH[1]}" | ||||
|     KIND=$(map_type_to_kind "${TYPE}") | ||||
|  | ||||
|     if [ "${KIND}" == "skip" ]; then | ||||
|       continue | ||||
|     fi | ||||
|  | ||||
|     DESC="${BASH_REMATCH[3]}" | ||||
|  | ||||
|     echo "- ${KIND}: ${DESC}" | ||||
|  | ||||
|     jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new" | ||||
|     mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}" | ||||
|  | ||||
|   fi | ||||
| done <<< "${COMMIT_TITLES}" | ||||
|  | ||||
| if [ -s "${CHANGE_LOG_YAML}" ]; then | ||||
|   yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}" | ||||
|   yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}" | ||||
| else | ||||
|   echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| rm "${CHANGE_LOG_YAML}" | ||||
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   generate-parameters: | ||||
|     container: | ||||
|       image: docker.io/library/node:23.6.0-alpine | ||||
|       image: docker.io/library/node:24.4.1-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
|   | ||||
| @@ -13,7 +13,7 @@ on: | ||||
| jobs: | ||||
|   helm-lint: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.18.4 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -28,7 +28,7 @@ jobs: | ||||
|  | ||||
|   helm-unittest: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.18.4 | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
|   | ||||
| @@ -15,7 +15,7 @@ on: | ||||
| jobs: | ||||
|   markdown-link-checker: | ||||
|     container: | ||||
|       image: docker.io/library/node:23.6.0-alpine | ||||
|       image: docker.io/library/node:24.4.1-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
| @@ -31,7 +31,7 @@ jobs: | ||||
|  | ||||
|   markdown-lint: | ||||
|     container: | ||||
|       image: docker.io/library/node:23.6.0-alpine | ||||
|       image: docker.io/library/node:24.4.1-alpine | ||||
|     runs-on: | ||||
|     - ubuntu-latest | ||||
|     steps: | ||||
|   | ||||
| @@ -8,39 +8,54 @@ on: | ||||
| jobs: | ||||
|   publish-chart: | ||||
|     container: | ||||
|       image: docker.io/volkerraschek/helm:3.16.4 | ||||
|       image: docker.io/volkerraschek/helm:3.18.4 | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install tooling | ||||
|       - name: Install packages via apk | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add git npm | ||||
|       - uses: actions/checkout@v4 | ||||
|       - name: Package chart | ||||
|         env: | ||||
|           HELM_REPO_NAME: upload | ||||
|           apk add git npm jq yq | ||||
|  | ||||
|       - uses: actions/checkout@v4 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|  | ||||
|       - name: Add Artifacthub.io annotations | ||||
|         run: | | ||||
|           NEW_TAG="$(git tag --sort=-version:refname | head -n 1)" | ||||
|           OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)" | ||||
|           .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}" | ||||
|  | ||||
|       - name: Extract meta information | ||||
|         run: | | ||||
|           echo "PACKAGE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | ||||
|           echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV | ||||
|           echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV | ||||
|  | ||||
|       - name: Update Helm Chart version in README.md | ||||
|         run: sed -i -E "s/^CHART_VERSION=.*/CHART_VERSION=${PACKAGE_VERSION}/g" README.md | ||||
|  | ||||
|       - name: Package chart | ||||
|         run: | | ||||
|           helm dependency build | ||||
|           helm package --version "${PACKAGE_VERSION}" ./ | ||||
|  | ||||
|       - name: Upload Chart to ChartMuseum | ||||
|         env: | ||||
|           CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }} | ||||
|           CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }} | ||||
|           CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }} | ||||
|           CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }} | ||||
|  | ||||
|           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||
|           GITEA_SERVER_URL: ${{ github.server_url }} | ||||
|         run: | | ||||
|           PACKAGE_VERSION=${GITHUB_REF#refs/tags/} | ||||
|           REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2) | ||||
|           REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1) | ||||
|  | ||||
|           helm dependency build | ||||
|           helm package --version "${PACKAGE_VERSION}" ./ | ||||
|  | ||||
|           # chart-museum | ||||
|           helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY} | ||||
|           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum | ||||
|           helm repo remove chartmuseum | ||||
|  | ||||
|           # gitea | ||||
|       - name: Upload Chart to Gitea | ||||
|         env: | ||||
|           GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} | ||||
|           GITEA_SERVER_URL: ${{ github.server_url }} | ||||
|         run: | | ||||
|           helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm | ||||
|           helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea | ||||
|           helm repo remove gitea | ||||
|           helm repo remove gitea | ||||
|   | ||||
| @@ -136,7 +136,6 @@ MD044: | ||||
|     - kube-prometheus-stack | ||||
|     - Memcached | ||||
|     - Oracle | ||||
|     - ORBIS U | ||||
|     - PostgreSQL | ||||
|     - Prometheus | ||||
|     - prometheus-exporter | ||||
|   | ||||
| @@ -1,10 +1,15 @@ | ||||
| annotations: | ||||
|   artifacthub.io/links: | | ||||
|     - name: Prometheus PostgreSQL exporter (binary) | ||||
|       url: https://github.com/prometheus-community/postgres_exporter | ||||
|     - name: support | ||||
|       url: https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter/issues | ||||
| apiVersion: v2 | ||||
| name: prometheus-postgres-exporter | ||||
| description: Prometheus metric exporter for PostgreSQL | ||||
| type: application | ||||
| kubeVersion: ">=1.20.0" | ||||
| version: "0.1.0" | ||||
| appVersion: "0.16.0" | ||||
| appVersion: "0.17.1" | ||||
|  | ||||
| # icon: https://annotations.example.com/icon.png | ||||
|  | ||||
|   | ||||
							
								
								
									
										21
									
								
								LICENSE
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								LICENSE
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| MIT License | ||||
|  | ||||
| Copyright (c) 2025 Markus Pesch | ||||
|  | ||||
| Permission is hereby granted, free of charge, to any person obtaining a copy | ||||
| of this software and associated documentation files (the "Software"), to deal | ||||
| in the Software without restriction, including without limitation the rights | ||||
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||||
| copies of the Software, and to permit persons to whom the Software is | ||||
| furnished to do so, subject to the following conditions: | ||||
|  | ||||
| The above copyright notice and this permission notice shall be included in all | ||||
| copies or substantial portions of the Software. | ||||
|  | ||||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||||
| IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||||
| FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||||
| AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||||
| LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||||
| OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||||
| SOFTWARE. | ||||
							
								
								
									
										4
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								Makefile
									
									
									
									
									
								
							| @@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman) | ||||
| # HELM_IMAGE | ||||
| HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||
| HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.16.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm | ||||
| HELM_IMAGE_VERSION?=3.18.4 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm | ||||
| HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||
|  | ||||
| # NODE_IMAGE | ||||
| NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||
| NODE_IMAGE_REPOSITORY?=library/node | ||||
| NODE_IMAGE_VERSION?=22.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node | ||||
| NODE_IMAGE_VERSION?=24.4.1-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||
| NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||
|  | ||||
| # MISSING DOT | ||||
|   | ||||
							
								
								
									
										143
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										143
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,11 +1,12 @@ | ||||
| # Prometheus PostgreSQL exporter | ||||
|  | ||||
| [](https://drone.cryptic.systems/volker.raschek/prometheus-postgres-exporter) | ||||
| [](https://artifacthub.io/packages/search?repo=prometheus-exporters) | ||||
|  | ||||
| > [!NOTE] | ||||
| > This is not the official *community* helm chart of the Prometheus metric exporter for PostgreSQL databases. You can | ||||
| > find the official community chart [here](https://github.com/prometheus-community/helm-charts). | ||||
| > This is not the official *community* helm chart of the Prometheus metric exporter for PostgreSQL databases. If you are | ||||
| > looking for the official helm chart, checkout the GitHub project | ||||
| > [helm-charts](https://github.com/prometheus-community/helm-charts) of the [Prometheus | ||||
| > community](https://github.com/prometheus-community). | ||||
|  | ||||
| This helm chart enables the deployment of a Prometheus metrics exporter for PostgreSQL databases and allows the | ||||
| individual configuration of additional containers/initContainers, mounting of volumes, defining additional environment | ||||
| @@ -20,7 +21,7 @@ helm chart is tested for deployment scenarios with **ArgoCD**. | ||||
| ## Helm: configuration and installation | ||||
|  | ||||
| 1. A helm chart repository must be configured, to pull the helm charts from. | ||||
| 2. All available parameters are [here](#parameters) in detail document. The parameters can be defined via the helm | ||||
| 2. All available [parameters](#parameters) are documented in detail below. The parameters can be defined via the helm | ||||
|    `--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter` | ||||
|    repository and use the `--set` flag for a basic deployment. | ||||
|  | ||||
| @@ -46,7 +47,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi | ||||
| versions can break something! | ||||
|  | ||||
| ```bash | ||||
| CHART_VERSION=0.3.1 | ||||
| CHART_VERSION=0.5.2 | ||||
| helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml | ||||
| ``` | ||||
|  | ||||
| @@ -71,14 +72,17 @@ cannot use the available CPU time to perform computing operations. | ||||
|  | ||||
| The application must be informed that despite several CPUs only a part (limit) of the available computing time is | ||||
| available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way | ||||
| of defining `GOMAXPROCS` automatically based on the defined CPU limit like `100m`. Please keep in mind, that the CFS | ||||
| of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS | ||||
| rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling. | ||||
|  | ||||
| Further information about this topic can be found [here](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/). | ||||
| Further information about this topic can be found in one of Kanishk's blog | ||||
| [posts](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/). | ||||
|  | ||||
| > [!NOTE] | ||||
| > The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is | ||||
| > not anymore required. | ||||
| > | ||||
| > Please take care the a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully. | ||||
|  | ||||
| ```bash | ||||
| helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \ | ||||
| @@ -89,7 +93,7 @@ helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgr | ||||
|   --set 'prometheus.metrics.serviceMonitor.enabled=true' \ | ||||
|   --set 'deployment.postgresExporter.env.name=GOMAXPROCS' \ | ||||
|   --set 'deployment.postgresExporter.env.valueFrom.resourceFieldRef.resource=limits.cpu' \ | ||||
|   --set 'deployment.postgresExporter.resources.limits.cpu=100m' | ||||
|   --set 'deployment.postgresExporter.resources.limits.cpu=1000m' | ||||
| ``` | ||||
|  | ||||
| #### TLS authentication and encryption | ||||
| @@ -187,6 +191,75 @@ deployment: | ||||
|             - postgres | ||||
| ``` | ||||
|  | ||||
| ### Network policies | ||||
|  | ||||
| Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | ||||
| network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`. | ||||
|  | ||||
| The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example | ||||
| predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example: | ||||
|  | ||||
| > [!NOTE] | ||||
| > The structure of each custom network policy must be equal like that of default. For this reason don't forget to define | ||||
| > `annotations`, `labels` and the other properties as well. | ||||
|  | ||||
| ```yaml | ||||
| networkPolicies: | ||||
|   enabled: false | ||||
|   default: {} | ||||
|   my-custom-network-policy: {} | ||||
| ``` | ||||
|  | ||||
| The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow | ||||
| incoming traffic from Prometheus. Additionally two egress rules are defined, to allow the application outgoing access to | ||||
| the internal running DNS server `core-dns` and the external running postgres database listen on `10.14.243.12`. | ||||
|  | ||||
| > [!IMPORTANT] | ||||
| > Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For | ||||
| > this reason, there is are not default network policy rules defined. | ||||
|  | ||||
| ```yaml | ||||
| networkPolicies: | ||||
|   enabled: true | ||||
|   default: | ||||
|     enabled: true | ||||
|     annotations: {} | ||||
|     labels: {} | ||||
|     policyTypes: | ||||
|     - Egress | ||||
|     - Ingress | ||||
|     egress: | ||||
|     - to: | ||||
|       - ipBlock: | ||||
|           cidr: 10.14.243.12/32 | ||||
|       ports: | ||||
|       - port: 5432 | ||||
|         protocol: TCP | ||||
|     - to: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: kube-system | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|            k8s-app: kube-dns | ||||
|       ports: | ||||
|       - port: 53 | ||||
|         protocol: TCP | ||||
|       - port: 53 | ||||
|         protocol: UDP | ||||
|     ingress: | ||||
|     - from: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: monitoring | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: prometheus | ||||
|       ports: | ||||
|       - port: http | ||||
|         protocol: TCP | ||||
| ``` | ||||
|  | ||||
| ## Parameters | ||||
|  | ||||
| ### Global | ||||
| @@ -198,25 +271,25 @@ deployment: | ||||
|  | ||||
| ### Configuration | ||||
|  | ||||
| | Name                                              | Description                                                                                                                                                                            | Value   | | ||||
| | ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | | ||||
| | `config.database.existingSecret.enabled`          | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables.                                                                            | `false` | | ||||
| | `config.database.existingSecret.secretName`       | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables.                                                                         | `""`    | | ||||
| | `config.database.secret.annotations`              | Additional annotations of the secret containing the database credentials.                                                                                                              | `{}`    | | ||||
| | `config.database.secret.labels`                   | Additional labels of the secret containing the database credentials.                                                                                                                   | `{}`    | | ||||
| | `config.database.secret.databaseUsername`         | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret.                                                                                                      | `""`    | | ||||
| | `config.database.secret.databasePassword`         | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret.                                                                                                      | `""`    | | ||||
| | `config.database.secret.databaseConnectionUrl`    | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret.                                                                                         | `""`    | | ||||
| | `config.exporterConfig.existingSecret.enabled`    | Mount an existing secret containing the key `exporterConfig.yaml`.                                                                                                                     | `false` | | ||||
| | `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`.                                                                                                                  | `""`    | | ||||
| | `config.exporterConfig.secret.annotations`        | Additional annotations of the secret containing the `exporterConfig.yaml`.                                                                                                             | `{}`    | | ||||
| | `config.exporterConfig.secret.labels`             | Additional labels of the secret containing the `exporterConfig.yaml`.                                                                                                                  | `{}`    | | ||||
| | `config.exporterConfig.secret.exporterConfig`     | Content of the `exporterConfig.yaml`. Further information can be found [here](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta). | `{}`    | | ||||
| | `config.webConfig.existingSecret.enabled`         | Mount an existing secret containing the key `webConfig.yaml`.                                                                                                                          | `false` | | ||||
| | `config.webConfig.existingSecret.secretName`      | Name of the existing secret containing the key `webConfig.yaml`.                                                                                                                       | `""`    | | ||||
| | `config.webConfig.secret.annotations`             | Additional annotations of the secret containing the `webConfig.yaml`.                                                                                                                  | `{}`    | | ||||
| | `config.webConfig.secret.labels`                  | Additional labels of the secret containing the `webConfig.yaml`.                                                                                                                       | `{}`    | | ||||
| | `config.webConfig.secret.webConfig`               | Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/).                                           | `{}`    | | ||||
| | Name                                              | Description                                                                                                                                                                                                                          | Value   | | ||||
| | ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- | | ||||
| | `config.database.existingSecret.enabled`          | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables.                                                                                                                          | `false` | | ||||
| | `config.database.existingSecret.secretName`       | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables.                                                                                                                       | `""`    | | ||||
| | `config.database.secret.annotations`              | Additional annotations of the secret containing the database credentials.                                                                                                                                                            | `{}`    | | ||||
| | `config.database.secret.labels`                   | Additional labels of the secret containing the database credentials.                                                                                                                                                                 | `{}`    | | ||||
| | `config.database.secret.databaseUsername`         | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret.                                                                                                                                                    | `""`    | | ||||
| | `config.database.secret.databasePassword`         | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret.                                                                                                                                                    | `""`    | | ||||
| | `config.database.secret.databaseConnectionUrl`    | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret.                                                                                                                                       | `""`    | | ||||
| | `config.exporterConfig.existingSecret.enabled`    | Mount an existing secret containing the key `exporterConfig.yaml`.                                                                                                                                                                   | `false` | | ||||
| | `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`.                                                                                                                                                                | `""`    | | ||||
| | `config.exporterConfig.secret.annotations`        | Additional annotations of the secret containing the `exporterConfig.yaml`.                                                                                                                                                           | `{}`    | | ||||
| | `config.exporterConfig.secret.labels`             | Additional labels of the secret containing the `exporterConfig.yaml`.                                                                                                                                                                | `{}`    | | ||||
| | `config.exporterConfig.secret.exporterConfig`     | Content of the `exporterConfig.yaml`. Further information can be found in the [README](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta) file of the Postgres exporter binary. | `{}`    | | ||||
| | `config.webConfig.existingSecret.enabled`         | Mount an existing secret containing the key `webConfig.yaml`.                                                                                                                                                                        | `false` | | ||||
| | `config.webConfig.existingSecret.secretName`      | Name of the existing secret containing the key `webConfig.yaml`.                                                                                                                                                                     | `""`    | | ||||
| | `config.webConfig.secret.annotations`             | Additional annotations of the secret containing the `webConfig.yaml`.                                                                                                                                                                | `{}`    | | ||||
| | `config.webConfig.secret.labels`                  | Additional labels of the secret containing the `webConfig.yaml`.                                                                                                                                                                     | `{}`    | | ||||
| | `config.webConfig.secret.webConfig`               | Content of the `webConfig.yaml`. Further [documentation](https://prometheus.io/docs/prometheus/latest/configuration/https/) is available on the official Prometheus website.                                                         | `{}`    | | ||||
|  | ||||
| ### Deployment | ||||
|  | ||||
| @@ -248,7 +321,7 @@ deployment: | ||||
| | `deployment.replicas`                              | Number of replicas for the postgres-exporter deployment.                                                   | `1`                                     | | ||||
| | `deployment.restartPolicy`                         | Restart policy of the postgres-exporter deployment.                                                        | `""`                                    | | ||||
| | `deployment.securityContext`                       | Security context of the postgres-exporter deployment.                                                      | `{}`                                    | | ||||
| | `deployment.strategy.type`                         | Strategy type - `Recreate` or `Rollingupdate`.                                                             | `Rollingupdate`                         | | ||||
| | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate`                         | | ||||
| | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`                                     | | ||||
| | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`                                     | | ||||
| | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                                    | | ||||
| @@ -283,11 +356,17 @@ deployment: | ||||
| | --------------------- | ---------------------- | ----- | | ||||
| | `podDisruptionBudget` | Pod disruption budget. | `{}`  | | ||||
|  | ||||
| ### Network | ||||
| ### NetworkPolicies | ||||
|  | ||||
| | Name              | Description                                                                                                        | Value | | ||||
| | ----------------- | ------------------------------------------------------------------------------------------------------------------ | ----- | | ||||
| | `networkPolicies` | Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | `{}`  | | ||||
| | Name                                  | Description                                                                                           | Value   | | ||||
| | ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- | | ||||
| | `networkPolicies.enabled`             | Enable network policies in general.                                                                   | `false` | | ||||
| | `networkPolicies.default.enabled`     | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` | | ||||
| | `networkPolicies.default.annotations` | Additional network policy annotations.                                                                | `{}`    | | ||||
| | `networkPolicies.default.labels`      | Additional network policy labels.                                                                     | `{}`    | | ||||
| | `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress.                             | `[]`    | | ||||
| | `networkPolicies.default.egress`      | Concrete egress network policy implementation.                                                        | `[]`    | | ||||
| | `networkPolicies.default.ingress`     | Concrete ingress network policy implementation.                                                       | `[]`    | | ||||
|  | ||||
| ### Prometheus | ||||
|  | ||||
|   | ||||
							
								
								
									
										1183
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										1183
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -16,6 +16,6 @@ | ||||
|   "devDependencies": { | ||||
|     "@bitnami/readme-generator-for-helm": "^2.5.0", | ||||
|     "markdown-link-check": "^3.13.6", | ||||
|     "markdownlint-cli": "^0.43.0" | ||||
|     "markdownlint-cli": "^0.45.0" | ||||
|   } | ||||
| } | ||||
|   | ||||
| @@ -1,6 +1,12 @@ | ||||
| { | ||||
|   "$schema": "https://docs.renovatebot.com/renovate-schema.json", | ||||
|   "assignees": [ "volker.raschek" ], | ||||
|   "extends": [ | ||||
|     "local>volker.raschek/renovate-config:default#master", | ||||
|     "local>volker.raschek/renovate-config:container#master", | ||||
|     "local>volker.raschek/renovate-config:actions#master", | ||||
|     "local>volker.raschek/renovate-config:npm#master", | ||||
|     "local>volker.raschek/renovate-config:regexp#master" | ||||
|   ], | ||||
|   "customManagers": [ | ||||
|     { | ||||
|       "fileMatch": [ | ||||
| @@ -25,17 +31,12 @@ | ||||
|       "versioningTemplate": "semver" | ||||
|     } | ||||
|   ], | ||||
|   "labels": [ "renovate" ], | ||||
|   "packageRules": [ | ||||
|     { | ||||
|       "addLabels": [ "renovate/automerge", "renovate/npm" ], | ||||
|       "automerge": true, | ||||
|       "matchPackageNames": [ "markdownlint-cli", "@bitnami/readme-generator-for-helm" ], | ||||
|       "matchManagers": [ "npm" ], | ||||
|       "matchUpdateTypes": [ "minor", "patch"] | ||||
|     }, | ||||
|     { | ||||
|       "addLabels": [ "renovate/automerge", "renovate/container" ], | ||||
|       "addLabels": [ | ||||
|         "renovate/automerge", | ||||
|         "renovate/container" | ||||
|       ], | ||||
|       "automerge": true, | ||||
|       "excludePackagePatterns": [ | ||||
|         "prometheuscommunity/postgres-exporter" | ||||
| @@ -49,7 +50,10 @@ | ||||
|       ] | ||||
|     }, | ||||
|     { | ||||
|       "addLabels": [ "renovate/automerge", "renovate/documentation" ], | ||||
|       "addLabels": [ | ||||
|         "renovate/automerge", | ||||
|         "renovate/documentation" | ||||
|       ], | ||||
|       "automerge": true, | ||||
|       "matchDepNames": [ | ||||
|         "volker.raschek/prometheus-postgres-exporter" | ||||
| @@ -60,7 +64,5 @@ | ||||
|         "patch" | ||||
|       ] | ||||
|     } | ||||
|   ], | ||||
|   "rebaseLabel": "renovate/rebase", | ||||
|   "rebaseWhen": "behind-base-branch" | ||||
|   ] | ||||
| } | ||||
|   | ||||
							
								
								
									
										19
									
								
								templates/prometheus-postgres-exporter/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/prometheus-postgres-exporter/_networkPolicies.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "prometheus-postgres-exporter.networkPolicies.annotations" -}} | ||||
| {{ include "prometheus-postgres-exporter.annotations" .context }} | ||||
| {{- if .networkPolicy.annotations }} | ||||
| {{ toYaml .networkPolicy.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "prometheus-postgres-exporter.networkPolicies.labels" -}} | ||||
| {{ include "prometheus-postgres-exporter.labels" .context }} | ||||
| {{- if .networkPolicy.labels }} | ||||
| {{ toYaml .networkPolicy.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| @@ -4,6 +4,37 @@ | ||||
|  | ||||
| {{- define "prometheus-postgres-exporter.pod.annotations" -}} | ||||
| {{ include "prometheus-postgres-exporter.annotations" . }} | ||||
|  | ||||
| # The following annotations are required to trigger a rolling update. Further information can be found in the official | ||||
| # documentation of helm: | ||||
| # | ||||
| #   https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments | ||||
| # | ||||
|  | ||||
| {{/* database */}} | ||||
| {{- if and .Values.config.database.existingSecret.enabled .Values.config.database.existingSecret.secretName }} | ||||
| {{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.database.existingSecret.secretName ) }} | ||||
| checksum/secret-database: {{ print $secret.spec | sha256sum }} | ||||
| {{- else }} | ||||
| checksum/secret-database: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretDatabase.yaml") . | sha256sum }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* exporter config */}} | ||||
| {{- if and .Values.config.exporterConfig.existingSecret.enabled .Values.config.exporterConfig.existingSecret.secretName }} | ||||
| {{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.exporterConfig.existingSecret.secretName ) }} | ||||
| checksum/secret-exporter-config: {{ print $secret.spec | sha256sum }} | ||||
| {{- else }} | ||||
| checksum/secret-exporter-config: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretExporterConfig.yaml") . | sha256sum }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* web config */}} | ||||
| {{- if and .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.existingSecret.secretName }} | ||||
| {{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.webConfig.existingSecret.secretName ) }} | ||||
| checksum/secret-web-config: {{ print $secret.spec | sha256sum }} | ||||
| {{- else }} | ||||
| checksum/secret-web-config: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretWebConfig.yaml") . | sha256sum }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|   | ||||
| @@ -5,7 +5,7 @@ kind: ConfigMap | ||||
| metadata: | ||||
|   {{- with (include "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ kind: Deployment | ||||
| metadata: | ||||
|   {{- with (include "prometheus-postgres-exporter.deployment.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-postgres-exporter.deployment.labels" . | fromYaml) }} | ||||
|   labels: | ||||
| @@ -18,6 +18,8 @@ spec: | ||||
|       {{- include "prometheus-postgres-exporter.pod.selectorLabels" . | nindent 6 }} | ||||
|   template: | ||||
|     metadata: | ||||
|       annotations: | ||||
|         {{- include "prometheus-postgres-exporter.pod.annotations" . | nindent 8 }} | ||||
|       labels: | ||||
|         {{- include "prometheus-postgres-exporter.pod.labels" . | nindent 8 }} | ||||
|     spec: | ||||
|   | ||||
| @@ -5,7 +5,7 @@ kind: Ingress | ||||
| metadata: | ||||
|   {{- with (include "prometheus-postgres-exporter.ingress.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (. | toYaml) $ | nindent 4 }} | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-postgres-exporter.ingress.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|   | ||||
							
								
								
									
										36
									
								
								templates/prometheus-postgres-exporter/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								templates/prometheus-postgres-exporter/networkPolicies.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| {{- if .Values.networkPolicies.enabled }} | ||||
| {{- range $key, $value := .Values.networkPolicies -}} | ||||
| {{- if and (not (eq $key "enabled")) $value.enabled }} | ||||
| --- | ||||
| apiVersion: networking.k8s.io/v1 | ||||
| kind: NetworkPolicy | ||||
| metadata: | ||||
|   {{- with (include "prometheus-postgres-exporter.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "prometheus-postgres-exporter.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ printf "%s-%s" (include "prometheus-postgres-exporter.fullname" $ ) $key }} | ||||
|   namespace: {{ $.Release.Namespace }} | ||||
| spec: | ||||
|   podSelector: | ||||
|     matchLabels: | ||||
|       {{- include "prometheus-postgres-exporter.pod.selectorLabels" $ | nindent 6 }} | ||||
|   {{- with $value.policyTypes }} | ||||
|   policyTypes: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with $value.egress }} | ||||
|   egress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with $value.ingress }} | ||||
|   ingress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| @@ -7,18 +7,29 @@ release: | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-postgres-exporter/deployment.yaml | ||||
| - templates/prometheus-postgres-exporter/secretDatabase.yaml | ||||
| - templates/prometheus-postgres-exporter/secretExporterConfig.yaml | ||||
| - templates/prometheus-postgres-exporter/secretWebConfig.yaml | ||||
| tests: | ||||
| - it: Rendering default | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - containsDocument: | ||||
|       apiVersion: apps/v1 | ||||
|       kind: Deployment | ||||
|       name: prometheus-postgres-exporter-unittest | ||||
|       namespace: testing | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
| @@ -27,27 +38,51 @@ tests: | ||||
|         app.kubernetes.io/name: prometheus-postgres-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-postgres-exporter-0.1.0 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.replicas | ||||
|       value: 1 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-database | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-exporter-config | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - exists: | ||||
|       path: spec.template.metadata.annotations.checksum/secret-web-config | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-postgres-exporter-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: prometheus-postgres-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-postgres-exporter-0.1.0 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.affinity | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - contains: | ||||
|       path: spec.template.spec.containers[0].envFrom | ||||
|       content: | ||||
|         secretRef: | ||||
|           name: prometheus-postgres-exporter-unittest-database-env | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].args | ||||
|       value: | ||||
|       - --config.file=/etc/prometheus-postgres-exporter/config.d/exporterConfig.yaml | ||||
|       - --web.config.file=/etc/prometheus-postgres-exporter/config.d/webConfig.yaml | ||||
|       - --web.listen-address=:9187 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].volumeMounts | ||||
|       value: | ||||
|       - mountPath: /etc/prometheus-postgres-exporter/config.d | ||||
|         name: config-d | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -59,60 +94,91 @@ tests: | ||||
|               name: prometheus-postgres-exporter-unittest-exporter-config | ||||
|           - secret: | ||||
|               name: prometheus-postgres-exporter-unittest-web-config | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: quay.io/prometheuscommunity/postgres-exporter:v0.1.0 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: IfNotPresent | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].resources | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.containers[0].securityContext | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsConfig | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.hostname | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: false | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.imagePullSecrets | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.subdomain | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 60 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.tolerations | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - notExists: | ||||
|       path: spec.template.spec.topologySpreadConstraints | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.strategy | ||||
|       value: | ||||
|         type: "Rollingupdate" | ||||
|         type: "RollingUpdate" | ||||
|         rollingUpdate: | ||||
|           maxSurge: 1 | ||||
|           maxUnavailable: 1 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom replicas | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.replicas: 3 | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.replicas | ||||
|       value: 3 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom affinity | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.affinity: | ||||
|       nodeAffinity: | ||||
|         requiredDuringSchedulingIgnoredDuringExecution: | ||||
| @@ -136,9 +202,16 @@ tests: | ||||
|                 values: | ||||
|                 - antarctica-east1 | ||||
|                 - antarctica-west1 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test additional arguments | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.args: | ||||
|     - "--foo=bar" | ||||
|     - "--bar=foo" | ||||
| @@ -151,26 +224,42 @@ tests: | ||||
|       - --web.listen-address=:9187 | ||||
|       - --foo=bar | ||||
|       - --bar=foo | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom imageRegistry and imageRepository | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.image.registry: registry.example.local | ||||
|     deployment.postgresExporter.image.repository: path/special/prometheus-postgres-exporter | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].image | ||||
|       value: registry.example.local/path/special/prometheus-postgres-exporter:v0.1.0 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom imagePullPolicy | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.image.pullPolicy: Always | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].imagePullPolicy | ||||
|       value: Always | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test config.database.existingSecret | ||||
|   set: | ||||
|     # Normal test values | ||||
|     config.database.existingSecret.enabled: true | ||||
|     config.database.existingSecret.secretName: custom-database-secret | ||||
|   asserts: | ||||
| @@ -179,9 +268,16 @@ tests: | ||||
|       content: | ||||
|         secretRef: | ||||
|           name: custom-database-secret | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test config.exporterConfig.existingSecret | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     config.exporterConfig.existingSecret.enabled: true | ||||
|     config.exporterConfig.existingSecret.secretName: exporter-config-secret | ||||
|   asserts: | ||||
| @@ -190,6 +286,7 @@ tests: | ||||
|       value: | ||||
|       - mountPath: /etc/prometheus-postgres-exporter/config.d | ||||
|         name: config-d | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -201,9 +298,16 @@ tests: | ||||
|               name: exporter-config-secret | ||||
|           - secret: | ||||
|               name: prometheus-postgres-exporter-unittest-web-config | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test config.webConfig.existingSecret | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     config.webConfig.existingSecret.enabled: true | ||||
|     config.webConfig.existingSecret.secretName: web-config-secret | ||||
|   asserts: | ||||
| @@ -212,6 +316,7 @@ tests: | ||||
|       value: | ||||
|       - mountPath: /etc/prometheus-postgres-exporter/config.d | ||||
|         name: config-d | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -223,9 +328,16 @@ tests: | ||||
|               name: prometheus-postgres-exporter-unittest-exporter-config | ||||
|           - secret: | ||||
|               name: web-config-secret | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom resource limits and requests | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.resources: | ||||
|       limits: | ||||
|         cpu: 100m | ||||
| @@ -242,6 +354,7 @@ tests: | ||||
|           resourceFieldRef: | ||||
|             divisor: "1" | ||||
|             resource: limits.cpu | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.containers[0].resources | ||||
|       value: | ||||
| @@ -251,9 +364,16 @@ tests: | ||||
|         requests: | ||||
|           cpu: 25m | ||||
|           memory: 100MB | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test custom securityContext | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.securityContext: | ||||
|       capabilities: | ||||
|         add: | ||||
| @@ -277,9 +397,16 @@ tests: | ||||
|         readOnlyRootFilesystem: true | ||||
|         runAsNonRoot: true | ||||
|         runAsUser: 1000 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test dnsConfig | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.dnsConfig: | ||||
|       nameservers: | ||||
|       - "8.8.8.8" | ||||
| @@ -291,17 +418,31 @@ tests: | ||||
|         nameservers: | ||||
|         - "8.8.8.8" | ||||
|         - "8.8.4.4" | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test dnsPolicy | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.dnsPolicy: ClusterFirst | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.dnsPolicy | ||||
|       value: ClusterFirst | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test hostNetwork, hostname, subdomain | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.hostNetwork: true | ||||
|     deployment.hostname: pg-exporter | ||||
|     deployment.subdomain: exporters.internal | ||||
| @@ -309,15 +450,24 @@ tests: | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostNetwork | ||||
|       value: true | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.hostname | ||||
|       value: pg-exporter | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.subdomain | ||||
|       value: exporters.internal | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test imagePullSecrets | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.imagePullSecrets: | ||||
|     - name: my-pull-secret | ||||
|     - name: my-special-secret | ||||
| @@ -327,9 +477,16 @@ tests: | ||||
|       value: | ||||
|       - name: my-pull-secret | ||||
|       - name: my-special-secret | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test nodeSelector | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.nodeSelector: | ||||
|       foo: bar | ||||
|   asserts: | ||||
| @@ -337,33 +494,61 @@ tests: | ||||
|       path: spec.template.spec.nodeSelector | ||||
|       value: | ||||
|         foo: bar | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test priorityClassName | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.priorityClassName: my-priority | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.priorityClassName | ||||
|       value: my-priority | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test restartPolicy | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.restartPolicy: Always | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.restartPolicy | ||||
|       value: Always | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test terminationGracePeriodSeconds | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.terminationGracePeriodSeconds: 120 | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.template.spec.terminationGracePeriodSeconds | ||||
|       value: 120 | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test tolerations | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.tolerations: | ||||
|     - key: database/type | ||||
|       operator: Equal | ||||
| @@ -377,9 +562,16 @@ tests: | ||||
|         operator: Equal | ||||
|         value: postgres | ||||
|         effect: NoSchedule | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test topologySpreadConstraints | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.topologySpreadConstraints: | ||||
|     - topologyKey: kubernetes.io/hostname | ||||
|       whenUnsatisfiable: DoNotSchedule | ||||
| @@ -395,9 +587,16 @@ tests: | ||||
|         labelSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/instance: prometheus-postgres-exporter | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|  | ||||
| - it: Test additional volumeMounts and volumes | ||||
|   set: | ||||
|     # Ensure that the secrets and config maps are well configured. | ||||
|     config.database.secret.databaseUsername: "postgres" | ||||
|     config.database.secret.databasePassword: "postgres" | ||||
|     config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable" | ||||
|  | ||||
|     # Normal test values | ||||
|     deployment.postgresExporter.volumeMounts: | ||||
|     - name: data | ||||
|       mountPath: /usr/lib/prometheus-postgres-exporter/data | ||||
| @@ -413,6 +612,7 @@ tests: | ||||
|         mountPath: /usr/lib/prometheus-postgres-exporter/data | ||||
|       - name: config-d | ||||
|         mountPath: /etc/prometheus-postgres-exporter/config.d | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
|   - equal: | ||||
|       path: spec.template.spec.volumes | ||||
|       value: | ||||
| @@ -426,4 +626,5 @@ tests: | ||||
|           - secret: | ||||
|               name: prometheus-postgres-exporter-unittest-exporter-config | ||||
|           - secret: | ||||
|               name: prometheus-postgres-exporter-unittest-web-config | ||||
|               name: prometheus-postgres-exporter-unittest-web-config | ||||
|     template: templates/prometheus-postgres-exporter/deployment.yaml | ||||
							
								
								
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										118
									
								
								unittests/networkPolicies/default.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,118 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: NetworkPolicies template (basic) | ||||
| release: | ||||
|   name: prometheus-postgres-exporter-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
| - templates/prometheus-postgres-exporter/networkPolicies.yaml | ||||
| tests: | ||||
| - it: Skip networkPolicies in general disabled. | ||||
|   set: | ||||
|     networkPolicies.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Skip networkPolicy 'default' when disabled. | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: false | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 0 | ||||
|  | ||||
| - it: Loop over networkPolicies | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: false | ||||
|     networkPolicies.nginx.enabled: true | ||||
|     networkPolicies.prometheus.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 2 | ||||
|  | ||||
| - it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: true | ||||
|   asserts: | ||||
|   - hasDocuments: | ||||
|       count: 1 | ||||
|   - containsDocument: | ||||
|       apiVersion: networking.k8s.io/v1 | ||||
|       kind: NetworkPolicy | ||||
|       name: prometheus-postgres-exporter-unittest-default | ||||
|       namespace: testing | ||||
|   - notExists: | ||||
|       path: metadata.annotations | ||||
|   - equal: | ||||
|       path: metadata.labels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-postgres-exporter-unittest | ||||
|         app.kubernetes.io/managed-by: Helm | ||||
|         app.kubernetes.io/name: prometheus-postgres-exporter | ||||
|         app.kubernetes.io/version: 0.1.0 | ||||
|         helm.sh/chart: prometheus-postgres-exporter-0.1.0 | ||||
|   - equal: | ||||
|       path: spec.podSelector.matchLabels | ||||
|       value: | ||||
|         app.kubernetes.io/instance: prometheus-postgres-exporter-unittest | ||||
|         app.kubernetes.io/name: prometheus-postgres-exporter | ||||
|   - notExists: | ||||
|       path: spec.policyTypes | ||||
|   - notExists: | ||||
|       path: spec.egress | ||||
|   - notExists: | ||||
|       path: spec.ingress | ||||
|  | ||||
| - it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration | ||||
|   set: | ||||
|     networkPolicies.enabled: true | ||||
|     networkPolicies.default.enabled: true | ||||
|     networkPolicies.default.policyTypes: | ||||
|     - Egress | ||||
|     - Ingress | ||||
|     networkPolicies.default.ingress: | ||||
|     - from: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: khv-production | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: prometheus | ||||
|     networkPolicies.default.egress: | ||||
|     - to: | ||||
|       - namespaceSelector: | ||||
|           matchLabels: | ||||
|             kubernetes.io/metadata.name: database | ||||
|         podSelector: | ||||
|           matchLabels: | ||||
|             app.kubernetes.io/name: oracle | ||||
|   asserts: | ||||
|   - equal: | ||||
|       path: spec.policyTypes | ||||
|       value: | ||||
|       - Egress | ||||
|       - Ingress | ||||
|   - equal: | ||||
|       path: spec.egress | ||||
|       value: | ||||
|       - to: | ||||
|         - namespaceSelector: | ||||
|             matchLabels: | ||||
|               kubernetes.io/metadata.name: database | ||||
|           podSelector: | ||||
|             matchLabels: | ||||
|               app.kubernetes.io/name: oracle | ||||
|   - equal: | ||||
|       path: spec.ingress | ||||
|       value: | ||||
|       - from: | ||||
|         - namespaceSelector: | ||||
|             matchLabels: | ||||
|               kubernetes.io/metadata.name: khv-production | ||||
|           podSelector: | ||||
|             matchLabels: | ||||
|               app.kubernetes.io/name: prometheus | ||||
							
								
								
									
										82
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										82
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -35,7 +35,7 @@ config: | ||||
|  | ||||
|     ## @param config.exporterConfig.secret.annotations Additional annotations of the secret containing the `exporterConfig.yaml`. | ||||
|     ## @param config.exporterConfig.secret.labels Additional labels of the secret containing the `exporterConfig.yaml`. | ||||
|     ## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found [here](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta). | ||||
|     ## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found in the [README](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta) file of the Postgres exporter binary. | ||||
|     ## @skip config.exporterConfig.secret.exporterConfig Skip individual postgres exporter configuration. | ||||
|     secret: | ||||
|       annotations: {} | ||||
| @@ -59,7 +59,7 @@ config: | ||||
|  | ||||
|     ## @param config.webConfig.secret.annotations Additional annotations of the secret containing the `webConfig.yaml`. | ||||
|     ## @param config.webConfig.secret.labels Additional labels of the secret containing the `webConfig.yaml`. | ||||
|     ## @param config.webConfig.secret.webConfig Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | ||||
|     ## @param config.webConfig.secret.webConfig Content of the `webConfig.yaml`. Further [documentation](https://prometheus.io/docs/prometheus/latest/configuration/https/) is available on the official Prometheus website. | ||||
|     ## @skip config.webConfig.secret.webConfig Skip individual web configuration. | ||||
|     secret: | ||||
|       annotations: {} | ||||
| @@ -224,11 +224,11 @@ deployment: | ||||
|   securityContext: {} | ||||
|     # fsGroup: 2000 | ||||
|  | ||||
|   ## @param deployment.strategy.type Strategy type - `Recreate` or `Rollingupdate`. | ||||
|   ## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`. | ||||
|   ## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | ||||
|   ## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update. | ||||
|   strategy: | ||||
|     type: "Rollingupdate" | ||||
|     type: "RollingUpdate" | ||||
|     rollingUpdate: | ||||
|       maxSurge: 1 | ||||
|       maxUnavailable: 1 | ||||
| @@ -311,9 +311,77 @@ podDisruptionBudget: {} | ||||
| #  maxUnavailable: 1 | ||||
| #  minAvailable: 1 | ||||
|  | ||||
| ## @section Network | ||||
| ## @param networkPolicies Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | ||||
| networkPolicies: {} | ||||
| ## @section NetworkPolicies | ||||
| ## @param networkPolicies.enabled Enable network policies in general. | ||||
| networkPolicies: | ||||
|   enabled: false | ||||
|  | ||||
|   ## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics. | ||||
|   ## @param networkPolicies.default.annotations Additional network policy annotations. | ||||
|   ## @param networkPolicies.default.labels Additional network policy labels. | ||||
|   ## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress. | ||||
|   ## @param networkPolicies.default.egress Concrete egress network policy implementation. | ||||
|   ## @skip networkPolicies.default.egress Skip individual egress configuration. | ||||
|   ## @param networkPolicies.default.ingress Concrete ingress network policy implementation. | ||||
|   ## @skip networkPolicies.default.ingress Skip individual ingress configuration. | ||||
|   default: | ||||
|     enabled: false | ||||
|     annotations: {} | ||||
|     labels: {} | ||||
|     policyTypes: [] | ||||
|     # - Egress | ||||
|     # - Ingress | ||||
|     egress: [] | ||||
|     # Allow outgoing traffic to database host | ||||
|     # | ||||
|     # - to: | ||||
|     #   - ipBlock: | ||||
|     #       cidr: 192.168.179.1/32 | ||||
|     #   ports: | ||||
|     #   - port: 5432 | ||||
|     #     protocol: TCP | ||||
|  | ||||
|     # Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns. | ||||
|     # | ||||
|     # - to: | ||||
|     #   - namespaceSelector: | ||||
|     #       matchLabels: | ||||
|     #         kubernetes.io/metadata.name: kube-system | ||||
|     #     podSelector: | ||||
|     #       matchLabels: | ||||
|     #        k8s-app: kube-dns | ||||
|     #   ports: | ||||
|     #   - port: 53 | ||||
|     #     protocol: TCP | ||||
|     #   - port: 53 | ||||
|     #     protocol: UDP | ||||
|  | ||||
|     ingress: [] | ||||
|     # Allow incoming HTTP traffic from prometheus. | ||||
|     # | ||||
|     # - from: | ||||
|     #   - namespaceSelector: | ||||
|     #       matchLabels: | ||||
|     #         kubernetes.io/metadata.name: monitoring | ||||
|     #     podSelector: | ||||
|     #       matchLabels: | ||||
|     #         app.kubernetes.io/name: prometheus | ||||
|     #   ports: | ||||
|     #   - port: http | ||||
|     #     protocol: TCP | ||||
|  | ||||
|     # Allow incoming HTTP traffic from ingress-nginx. | ||||
|     # | ||||
|     # - from: | ||||
|     #   - namespaceSelector: | ||||
|     #       matchLabels: | ||||
|     #         kubernetes.io/metadata.name: ingress-nginx | ||||
|     #     podSelector: | ||||
|     #       matchLabels: | ||||
|     #         app.kubernetes.io/name: ingress-nginx | ||||
|     #   ports: | ||||
|     #   - port: http | ||||
|     #     protocol: TCP | ||||
|  | ||||
| ## @section Prometheus | ||||
| prometheus: | ||||
|   | ||||
		Reference in New Issue
	
	Block a user