Compare commits

..

No commits in common. "master" and "0.1.7" have entirely different histories.

33 changed files with 523 additions and 7155 deletions

208
.drone.yml Normal file
View File

@ -0,0 +1,208 @@
---
kind: pipeline
type: kubernetes
name: Linters
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm lint
commands:
- helm lint
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
- name: markdown lint
commands:
- markdownlint *.md
image: git.cryptic.systems/volker.raschek/markdownlint:0.42.0
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Unit tests
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm unittest
commands:
- helm unittest --strict --file 'unittests/**/*.yaml' ./
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Generate README.md
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: generate README
commands:
- npm install
- npm run readme:parameters
- npm run readme:lint
image: docker.io/library/node:22.11.0-alpine
resources:
limits:
cpu: 150
memory: 150M
- name: detect diff
commands:
- git diff --exit-code --name-only README.md
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Release
clone:
disable: true
platform:
os: linux
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: release-helm-chart
commands:
- helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters
- helm package --version ${DRONE_TAG} .
- helm cm-push ${DRONE_REPO_NAME}-${DRONE_TAG}.tgz prometheus-exporters
environment:
HELM_REPO_PASSWORD:
from_secret: helm_repo_password
HELM_REPO_USERNAME:
from_secret: helm_repo_username
image: git.cryptic.systems/volker.raschek/helm:3.16.1
resources:
limits:
cpu: 150
memory: 150M
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-postgres-exporter

View File

@ -1,114 +0,0 @@
#!/bin/bash
set -e
CHART_FILE="Chart.yaml"
if [ ! -f "${CHART_FILE}" ]; then
echo "ERROR: ${CHART_FILE} not found!" 1>&2
exit 1
fi
DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
if [ -z "${1}" ]; then
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
while [ -z "$(git tag --list "${OLD_TAG}")" ]; do
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
done
else
OLD_TAG=${1}
if [ -z "$(git tag --list "${OLD_TAG}")" ]; then
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
exit 1
fi
fi
if [ -z "${2}" ]; then
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
while [ -z "$(git tag --list "${NEW_TAG}")" ]; do
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
done
else
NEW_TAG=${2}
if [ -z "$(git tag --list "${NEW_TAG}")" ]; then
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
exit 1
fi
fi
CHANGE_LOG_YAML=$(mktemp)
echo "[]" > "${CHANGE_LOG_YAML}"
function map_type_to_kind() {
case "${1}" in
feat)
echo "added"
;;
fix)
echo "fixed"
;;
chore|style|test|ci|docs|refac)
echo "changed"
;;
revert)
echo "removed"
;;
sec)
echo "security"
;;
*)
echo "skip"
;;
esac
}
COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")"
echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}"
while IFS= read -r line; do
if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then
TYPE="${BASH_REMATCH[1]}"
KIND=$(map_type_to_kind "${TYPE}")
if [ "${KIND}" == "skip" ]; then
continue
fi
DESC="${BASH_REMATCH[3]}"
echo "- ${KIND}: ${DESC}"
jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new"
mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}"
fi
done <<< "${COMMIT_TITLES}"
if [ -s "${CHANGE_LOG_YAML}" ]; then
yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}"
yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}"
else
echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2
exit 1
fi
rm "${CHANGE_LOG_YAML}"

View File

@ -1,32 +0,0 @@
name: Generate README
on:
pull_request:
paths: [ "README.md", "values.yaml" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "README.md", "values.yaml" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
generate-parameters:
container:
image: docker.io/library/node:24.3.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Generate parameter section in README
run: |
npm install
npm run readme:parameters
- name: Compare diff
run: git diff --exit-code --name-only README.md

View File

@ -1,42 +0,0 @@
name: Helm
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
helm-lint:
container:
image: docker.io/volkerraschek/helm:3.18.3
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Lint helm files
run: |
helm lint --values values.yaml .
helm-unittest:
container:
image: docker.io/volkerraschek/helm:3.18.3
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Unittest
run: |
helm unittest --strict --file 'unittests/**/*.yaml' ./

View File

@ -1,46 +0,0 @@
name: Markdown linter
on:
pull_request:
paths: [ "**/*.md" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "**/*.md" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
markdown-link-checker:
container:
image: docker.io/library/node:24.3.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Verify links in markdown files
run: |
npm install
npm run readme:link
markdown-lint:
container:
image: docker.io/library/node:24.3.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git
- uses: actions/checkout@v4.2.2
- name: Lint markdown files
run: |
npm install
npm run readme:lint

View File

@ -1,61 +0,0 @@
name: Release
on:
push:
tags:
- "**"
jobs:
publish-chart:
container:
image: docker.io/volkerraschek/helm:3.18.3
runs-on: ubuntu-latest
steps:
- name: Install packages via apk
run: |
apk update
apk add git npm jq yq
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Add Artifacthub.io annotations
run: |
NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
.gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
- name: Extract meta information
run: |
echo "PACKAGE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
echo "REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2 | sed --regexp-extended 's/-charts?//g')" >> $GITHUB_ENV
echo "REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)" >> $GITHUB_ENV
- name: Update Helm Chart version in README.md
run: sed -i -E "s/^CHART_VERSION=.*/CHART_VERSION=${PACKAGE_VERSION}/g" README.md
- name: Package chart
run: |
helm dependency build
helm package --version "${PACKAGE_VERSION}" ./
- name: Upload Chart to ChartMuseum
env:
CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }}
CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }}
run: |
helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY}
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
helm repo remove chartmuseum
- name: Upload Chart to Gitea
env:
GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }}
GITEA_SERVER_URL: ${{ github.server_url }}
run: |
helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
helm repo remove gitea

View File

@ -26,7 +26,7 @@
.vscode/
# drone
.drone.yml
.drone.ya?ml
# editorconfig
.editorconfig
@ -37,24 +37,13 @@ values2.yaml
# helm packages
*.tgz
.helmignore
unittests
# markdownlint
.markdownlint.yml
.markdownlint.yaml
.markdownlintignore
# npm
.prettierignore
.npmrc
package*
# maven
target
# yamllint
.yamllint.yaml
# Others
CONTRIBUTING.md
CODEOWNERS
Makefile
renovate.json
# serviceDescriptor (uctl-cluster)
serviceDescriptor.yaml

View File

@ -128,17 +128,16 @@ MD044:
# List of proper names
names:
- Git
- GitDevOps
- Gitea
- GitDevOps
- GitHub
- GitLab
- GitOps
- kube-prometheus-stack
- Memcached
- Oracle
- ORBIS U
- PostgreSQL
- Prometheus
- prometheus-exporter
- SSL
- TLS
# Include code blocks

View File

@ -1,82 +1 @@
# Contributing
I am very happy if you would like to provide a pull request 👍
The content of this file describes which requirements contributors should fulfill before submitting a pull request (PR).
1. [Valid Git commits](#valid-git-commits)
## Valid Git commits
### Commit message
The repository is subject to a strict commit message template. This states that there are several types of commits. For
example, `fix`, `chore`, `refac`, `test` or `doc`. All types are described in more detail below.
| type | description |
| ------------------- | ----------------------------------------------------------------- |
| `feat` | New feature. |
| `fix` | Fixes a bug. |
| `refac` | Refactoring production code. |
| `style` | Fixes formatting issues. No production code change. |
| `docs` | Adapt documentation. No production code change. |
| `test` | Adds new or modifies existing tests. No production code change. |
| `chore` | Updating grunt tasks. Is everything which the user does not see. |
Based on these types, commit messaged can then be created. Here are a few examples:
```text
style(README): Wrong indentation
feat(deployment): support restartPolicy
fix(my-app): Add missing volume
docs(CONTRIBUTING): Describe how to commit correctly
```
This type of commit message makes it easier for me as maintainer to keep an overview and does not cause the commits of a
pull request PR to be combined into one commit (squashing).
### Smart commits
Smart commits are excellent when it comes to tracking bugs or issues. In this repository, however, the rebasing of
commits is prohibited, which means that only merge commits are possible. This means that a smart commit message only
needs to be added to the merge commit.
This has the advantage that the maintainer can use the smart commit to find the merge commit and undo the entire history
of a merge without having to select individual commits. The following history illustrates the correct use of smart commits.
```text
* 823edbc7 Volker Raschek (G) | [Close #2] feat(deployment): support additional containers
|\
| * 321aebc3 Volker Raschek (G) | doc(README): generate README with new deployment attributes
| * 8d101dd3 Volker Raschek (G) | test(deployment): Extend unittest of additional containers
| * 6f2abd93 Volker Raschek (G) | fix(deployment): Extend deployment of additional containers
|/
* aa5ebda bob (N) | [Close #1] feat(deployment): support initContainers
```
### Commit signing
Another problem with Git is the chain of trust. Git allows the configuration of any name and e-mail address. An attacker
can impersonate any person and submit pull requests under a false identity. For as Linux Torvalds, the maintainer of the
Linux kernel.
```bash
git config --global user.name 'Linux Torvalds'
git config --global user.email 'torvalds@linux-foundation.org'
```
To avoid this, some Git repositories expect signed commits. In particular, repositories that are subject to direct
delivery to customers. For this reason, the repository is subject to a branch protection rule that only allows signed
commits. *Until* there is *no verified* and *no signed* commit, the pull request is blocked.
The following articles describes how Git can be configured to sign commits. Please keep in mind, that the e-mail
address, which is used as UID of the GPG keyring must also be defined in the profile settings of your GitHub account.
Otherwise will be marked the Git commit as *Unverified*.
1. [Signing Commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
2. [Tell Git about your signing key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key)
Inspect your Git commit via `git log`. There should be mentioned, that your commit is signed.
Furthermore, the GPG key is unique. **Don't loose your private GPG key**. Backup your private key on a safe device. For
example an external USB drive.
# Contribution Guidelines

View File

@ -1,15 +1,10 @@
annotations:
artifacthub.io/links: |
- name: Prometheus PostgreSQL exporter (binary)
url: https://github.com/prometheus-community/postgres_exporter
- name: support
url: https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter/issues
apiVersion: v2
name: prometheus-postgres-exporter
description: Prometheus metric exporter for PostgreSQL
type: application
kubeVersion: ">=1.20.0"
version: "0.1.0"
appVersion: "0.17.1"
appVersion: "0.16.0"
# icon: https://annotations.example.com/icon.png

21
LICENSE
View File

@ -1,21 +0,0 @@
MIT License
Copyright (c) 2025 Markus Pesch
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View File

@ -3,49 +3,43 @@ CONTAINER_RUNTIME?=$(shell which podman)
# HELM_IMAGE
HELM_IMAGE_REGISTRY_HOST?=docker.io
HELM_IMAGE_REPOSITORY?=volkerraschek/helm
HELM_IMAGE_VERSION?=3.18.3 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_REPOSITORY=volkerraschek/helm
HELM_IMAGE_VERSION?=3.16.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
# MARKDOWNLINKCHECKER_IMAGE
MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST?=ghcr.io
MARKDOWNLINKCHECK_IMAGE_REPOSITORY=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_VERSION?=3.12.2 # renovate: datasource=docker registryUrl=https://ghcr.io depName=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED=${MARKDOWNLINT_IMAGE_REGISTRY_HOST}/${MARKDOWNLINT_IMAGE_REPOSITORY}:${MARKDOWNLINT_IMAGE_VERSION}
# NODE_IMAGE
NODE_IMAGE_REGISTRY_HOST?=docker.io
NODE_IMAGE_REPOSITORY?=library/node
NODE_IMAGE_VERSION?=24.3.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node
NODE_IMAGE_REPOSITORY=library/node
NODE_IMAGE_VERSION?=22.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
# CHART_SERVER
CHART_SERVER_HOST?=charts.u.orbis-healthcare.com
CHART_SERVER_NAMESPACE?=orbis-u
CHART_SERVER_REPOSITORY?=qu-seed
CHART_VERSION?=0.1.0
# MISSING DOT
# ==============================================================================
missing-dot:
grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml
# CONTAINER RUN - README
# CONTAINER RUN - PREPARE ENVIRONMENT
# ==============================================================================
PHONY+=container-run/readme
container-run/readme: container-run/readme/link container-run/readme/lint container-run/readme/parameters
container-run/readme/link:
container-run/readme:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:link
container-run/readme/lint:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:lint
container-run/readme/parameters:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${NODE_IMAGE_FULLY_QUALIFIED} \
npm install && npm run readme:parameters
npm install && npm run readme:parameters && npm run readme:lint
# CONTAINER RUN - HELM UNITTESTS
# ==============================================================================
@ -73,6 +67,19 @@ container-run/helm-update-dependencies:
${HELM_IMAGE_FULLY_QUALIFIED} \
dependency update
# CONTAINER RUN - DEPLOY2CHART-REPO
# ==============================================================================
container-run/deploy2chart-repo:
${CONTAINER_RUNTIME} run \
--env HELM_REPO_PASSWORD=${CHART_SERVER_PASSWORD} \
--env HELM_REPO_USERNAME=${CHART_SERVER_USERNAME} \
--entrypoint /bin/bash \
--rm \
--volume $(shell pwd):$(shell pwd) \
--workdir $(shell pwd) \
${HELM_IMAGE_FULLY_QUALIFIED} \
-c "helm repo add ${CHART_SERVER_NAMESPACE} http://${CHART_SERVER_HOST}/${CHART_SERVER_NAMESPACE} && helm package --version ${CHART_VERSION} . && helm cm-push ./${CHART_SERVER_REPOSITORY}-${CHART_VERSION}.tgz ${CHART_SERVER_NAMESPACE}"
# CONTAINER RUN - MARKDOWN-LINT
# ==============================================================================
PHONY+=container-run/helm-lint
@ -84,6 +91,16 @@ container-run/helm-lint:
${HELM_IMAGE_FULLY_QUALIFIED} \
lint --values values.yaml .
# CONTAINER RUN - MARKDOWN-LINK-CHECK
# ==============================================================================
PHONY+=container-run/markdown-link-check
container-run/markdown-link-check:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):/work \
${MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED} \
*.md
# PHONY
# ==============================================================================
# Declare the contents of the PHONY variable as phony. We keep that information

249
README.md
View File

@ -1,27 +1,25 @@
# Prometheus PostgreSQL exporter
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/prometheus-exporters)](https://artifacthub.io/packages/search?repo=prometheus-exporters)
> [!NOTE]
> This is not the official *community* helm chart of the Prometheus metric exporter for PostgreSQL databases. If you are
> looking for the official helm chart, checkout the GitHub project
> [helm-charts](https://github.com/prometheus-community/helm-charts) of the [Prometheus
> community](https://github.com/prometheus-community).
[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/prometheus-postgres-exporter/status.svg)](https://drone.cryptic.systems/volker.raschek/prometheus-postgres-exporter)
This helm chart enables the deployment of a Prometheus metrics exporter for PostgreSQL databases and allows the
individual configuration of additional containers/initContainers, mounting of volumes, defining additional environment
variables, apply a user-defined `webConfig.yaml` and much more.
variables, apply a user-defined web-config.yaml and much more.
Chapter [configuration and installation](#helm-configuration-and-installation) describes the basics how to configure helm
and use it to deploy the exporter. It also contains further configuration examples.
Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this
helm chart is tested for deployment scenarios with **ArgoCD**.
Furthermore, this helm chart unit tests to detect regressions and stabilize the deployment. Additionally, this helm
chart is tested for deployment scenarios with ArgoCD.
> [!NOTE]
> This is not the official *community* helm chart of the Prometheus metric exporter for PostgreSQL databases. You can
> find the official community chart [here](https://github.com/prometheus-community/helm-charts).
## Helm: configuration and installation
1. A helm chart repository must be configured, to pull the helm charts from.
2. All available [parameters](#parameters) are documented in detail below. The parameters can be defined via the helm
2. All available parameters are [here](#parameters) in detail document. The parameters can be defined via the helm
`--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter`
repository and use the `--set` flag for a basic deployment.
@ -33,7 +31,7 @@ helm chart is tested for deployment scenarios with **ArgoCD**.
```bash
helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters
helm repo update
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -47,8 +45,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
versions can break something!
```bash
CHART_VERSION=0.5.2
helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml
helm show values prometheus-exporters/prometheus-postgres-exporter --version 0.1.0 > values.yaml
```
A complete list of available helm chart versions can be displayed via the following command:
@ -64,39 +61,7 @@ for customizations. These can be configured in more detail via `values.yaml`.
The following examples serve as individual configurations and as inspiration for how deployment problems can be solved.
#### Avoid CPU throttling by defining a CPU limit
If the application is deployed with a CPU resource limit, Prometheus may throw a CPU throttling warning for the
application. This has more or less to do with the fact that the application finds the number of CPUs of the host, but
cannot use the available CPU time to perform computing operations.
The application must be informed that despite several CPUs only a part (limit) of the available computing time is
available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way
of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS
rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling.
Further information about this topic can be found in one of Kanishk's blog
[posts](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).
> [!NOTE]
> The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is
> not anymore required.
>
> Please take care the a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
--set 'prometheus.metrics.enabled=true' \
--set 'prometheus.metrics.serviceMonitor.enabled=true' \
--set 'deployment.postgresExporter.env.name=GOMAXPROCS' \
--set 'deployment.postgresExporter.env.valueFrom.resourceFieldRef.resource=limits.cpu' \
--set 'deployment.postgresExporter.resources.limits.cpu=1000m'
```
#### TLS authentication and encryption
### TLS authentication and encryption
The first example shows how to deploy the metric exporter with TLS encryption. The verification of the custom TLS
certification will be skipped by Prometheus.
@ -106,7 +71,7 @@ certification will be skipped by Prometheus.
> `tls.key` and `tls.crt` of the secret can be mounted into the container filesystem for TLS authentication / encryption.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -129,7 +94,7 @@ certificate for the metrics exporter - TLS certificate verification can be enabl
replaced:
```diff
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
helm install prometheus-exporters/prometheus-postgres-exporter prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
@ -150,116 +115,6 @@ replaced:
+ --set 'prometheus.metrics.serviceMonitor.tlsConfig.keyFile=/etc/prometheus/tls/tls.key'
```
#### Grafana dashboard
The helm chart includes Grafana dashboards. These can be deployed as a configMap by activating Grafana integration. It
is assumed that the dashboard is consumed by Grafana or a sidecar container itself and that the dashboard is stored in
the Grafana container file system so that it is subsequently available to the user. The
[kube-prometheus-stack](https://artifacthub.io/packages/helm/prometheus-community/kube-prometheus-stack) deployment
makes this possible.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
--set 'grafana.enabled=true'
```
#### Avoid deploying on same node / bare metal host as PostgresDB
As a best practice, avoid running the postgres-exporter on the same node / bare-metal host as the PostgresDB. This is
because if the postgres-exporter is running on the same node and this node fails, Prometheus can send an alert about the
failure of the node or that the postgres-exporter cannot be reached. However, it is not possible to react based on the
metrics that the postgres-exporter explicitly provides. Depending on the configuration of alerts, this may mean that the
corresponding notifications are not sent to the right person or group of people.
The following example prevent the postgres-exporter from running on nodes with a PostgresDB. The PostgresDB nodes has an
additional label `database=postgres`. The configuration is carried out in `values.yaml`.
```yaml
deployment:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
preference:
matchExpressions:
- key: database
operator: NotIn
values:
- postgres
```
### Network policies
Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom
network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`.
The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example
predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example:
> [!NOTE]
> The structure of each custom network policy must be equal like that of default. For this reason don't forget to define
> `annotations`, `labels` and the other properties as well.
```yaml
networkPolicies:
enabled: false
default: {}
my-custom-network-policy: {}
```
The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow
incoming traffic from Prometheus. Additionally two egress rules are defined, to allow the application outgoing access to
the internal running DNS server `core-dns` and the external running postgres database listen on `10.14.243.12`.
> [!IMPORTANT]
> Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For
> this reason, there is are not default network policy rules defined.
```yaml
networkPolicies:
enabled: true
default:
enabled: true
annotations: {}
labels: {}
policyTypes:
- Egress
- Ingress
egress:
- to:
- ipBlock:
cidr: 10.14.243.12/32
ports:
- port: 5432
protocol: TCP
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: TCP
- port: 53
protocol: UDP
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: monitoring
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: http
protocol: TCP
```
## Parameters
### Global
@ -271,32 +126,32 @@ networkPolicies:
### Configuration
| Name | Description | Value |
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------- |
| `config.database.existingSecret.enabled` | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `false` |
| `config.database.existingSecret.secretName` | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `""` |
| `config.database.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.database.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.database.secret.databaseUsername` | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret. | `""` |
| `config.database.secret.databasePassword` | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret. | `""` |
| `config.database.secret.databaseConnectionUrl` | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret. | `""` |
| `config.exporterConfig.existingSecret.enabled` | Mount an existing secret containing the key `exporterConfig.yaml`. | `false` |
| `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`. | `""` |
| `config.exporterConfig.secret.annotations` | Additional annotations of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.labels` | Additional labels of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.exporterConfig` | Content of the `exporterConfig.yaml`. Further information can be found in the [README](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta) file of the Postgres exporter binary. | `{}` |
| `config.webConfig.existingSecret.enabled` | Mount an existing secret containing the key `webConfig.yaml`. | `false` |
| `config.webConfig.existingSecret.secretName` | Name of the existing secret containing the key `webConfig.yaml`. | `""` |
| `config.webConfig.secret.annotations` | Additional annotations of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.labels` | Additional labels of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.webConfig` | Content of the `webConfig.yaml`. Further [documentation](https://prometheus.io/docs/prometheus/latest/configuration/https/) is available on the official Prometheus website. | `{}` |
| Name | Description | Value |
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `config.database.existingSecret.enabled` | Mount an existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `false` |
| `config.database.existingSecret.secretName` | Name of the existing secret containing the application specific `DATA_SOURCE_` prefixed environment variables. | `""` |
| `config.database.secret.annotations` | Additional annotations of the secret containing the database credentials. | `{}` |
| `config.database.secret.labels` | Additional labels of the secret containing the database credentials. | `{}` |
| `config.database.secret.databaseUsername` | Database username. Will be defined as env `DATA_SOURCE_USER` as part of a secret. | `""` |
| `config.database.secret.databasePassword` | Database password. Will be defined as env `DATA_SOURCE_PASS` as part of a secret. | `""` |
| `config.database.secret.databaseConnectionUrl` | Complex database connection URL. Will be defined as env `DATA_SOURCE_URI` as part of a secret. | `""` |
| `config.exporterConfig.existingSecret.enabled` | Mount an existing secret containing the key `exporterConfig.yaml`. | `false` |
| `config.exporterConfig.existingSecret.secretName` | Name of the existing secret containing the key `exporterConfig.yaml`. | `""` |
| `config.exporterConfig.secret.annotations` | Additional annotations of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.labels` | Additional labels of the secret containing the `exporterConfig.yaml`. | `{}` |
| `config.exporterConfig.secret.exporterConfig` | Content of the `exporterConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | `{}` |
| `config.webConfig.existingSecret.enabled` | Mount an existing secret containing the key `webConfig.yaml`. | `false` |
| `config.webConfig.existingSecret.secretName` | Name of the existing secret containing the key `webConfig.yaml`. | `""` |
| `config.webConfig.secret.annotations` | Additional annotations of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.labels` | Additional labels of the secret containing the `webConfig.yaml`. | `{}` |
| `config.webConfig.secret.webConfig` | Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/). | `{}` |
### Deployment
| Name | Description | Value |
| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------------------- |
| `deployment.annotations` | Additional deployment annotations. | `{}` |
| `deployment.labels` | Additional deployment labels. | `{}` |
| `deployment.labels` | Additional ingress labels. | `{}` |
| `deployment.additionalContainers` | List of additional containers. | `[]` |
| `deployment.affinity` | Affinity for the postgres-exporter deployment. | `{}` |
| `deployment.initContainers` | List of additional init containers. | `[]` |
@ -318,26 +173,23 @@ networkPolicies:
| `deployment.postgresExporter.volumeMounts` | Additional volume mounts. | `[]` |
| `deployment.nodeSelector` | NodeSelector of the postgres-exporter deployment. | `{}` |
| `deployment.priorityClassName` | PriorityClassName of the postgres-exporter deployment. | `""` |
| `deployment.replicas` | Number of replicas for the postgres-exporter deployment. | `1` |
| `deployment.replicaCount` | Number of replicas for the postgres-exporter deployment. | `1` |
| `deployment.restartPolicy` | Restart policy of the postgres-exporter deployment. | `""` |
| `deployment.securityContext` | Security context of the postgres-exporter deployment. | `{}` |
| `deployment.strategy.type` | Strategy type - `Recreate` or `RollingUpdate`. | `RollingUpdate` |
| `deployment.strategy.type` | Strategy type - `Recreate` or `Rollingupdate`. | `Recreate` |
| `deployment.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1` |
| `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update. | `1` |
| `deployment.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod. | `60` |
| `deployment.tolerations` | Tolerations of the postgres-exporter deployment. | `[]` |
| `deployment.topologySpreadConstraints` | TopologySpreadConstraints of the postgres-exporter deployment. | `[]` |
| `deployment.volumes` | Additional volumes to mount into the pods of the prometheus-exporter deployment. | `[]` |
| `deployment.volumes` | Additional volumes to mount into the pods of the Prometheus-exporter deployment. | `[]` |
### Grafana
| Name | Description | Value |
| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ----------- |
| `grafana.enabled` | Enable integration into Grafana. Require the Prometheus operator deployment. | `false` |
| `grafana.dashboardDiscoveryLabels` | Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment. | `undefined` |
| `grafana.dashboards.postgresExporter.enabled` | Enable deployment of Grafana dashboard `postgresExporter`. | `true` |
| `grafana.dashboards.postgresExporter.annotations` | Additional configmap annotations. | `{}` |
| `grafana.dashboards.postgresExporter.labels` | Additional configmap labels. | `{}` |
| Name | Description | Value |
| ------------------------------------ | --------------------------------------------------------- | ------- |
| `grafana.enabled` | Enable integration into Grafana. | `false` |
| `grafana.dashboards.businessMetrics` | Enable deployment of Grafana dashboard `businessMetrics`. | `true` |
### Ingress
@ -356,17 +208,11 @@ networkPolicies:
| --------------------- | ---------------------- | ----- |
| `podDisruptionBudget` | Pod disruption budget. | `{}` |
### NetworkPolicies
### Network
| Name | Description | Value |
| ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- |
| `networkPolicies.enabled` | Enable network policies in general. | `false` |
| `networkPolicies.default.enabled` | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` |
| `networkPolicies.default.annotations` | Additional network policy annotations. | `{}` |
| `networkPolicies.default.labels` | Additional network policy labels. | `{}` |
| `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress. | `[]` |
| `networkPolicies.default.egress` | Concrete egress network policy implementation. | `[]` |
| `networkPolicies.default.ingress` | Concrete ingress network policy implementation. | `[]` |
| Name | Description | Value |
| ----------------- | ------------------------------------------------------------------------------------------------------------------ | ----- |
| `networkPolicies` | Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | `{}` |
### Prometheus
@ -375,7 +221,7 @@ networkPolicies:
| `prometheus.metrics.enabled` | Enable of scraping metrics by Prometheus. | `true` |
| `prometheus.metrics.podMonitor.enabled` | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | `false` |
| `prometheus.metrics.podMonitor.annotations` | Additional podMonitor annotations. | `{}` |
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `true` |
| `prometheus.metrics.podMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.podMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.podMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.podMonitor.labels` | Additional podMonitor labels. | `{}` |
@ -388,11 +234,12 @@ networkPolicies:
| `prometheus.metrics.serviceMonitor.enabled` | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | `false` |
| `prometheus.metrics.serviceMonitor.annotations` | Additional serviceMonitor annotations. | `{}` |
| `prometheus.metrics.serviceMonitor.labels` | Additional serviceMonitor labels. | `{}` |
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `true` |
| `prometheus.metrics.serviceMonitor.enableHttp2` | Enable HTTP2. | `false` |
| `prometheus.metrics.serviceMonitor.followRedirects` | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | `false` |
| `prometheus.metrics.serviceMonitor.honorLabels` | Honor labels. | `false` |
| `prometheus.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `60s` |
| `prometheus.metrics.serviceMonitor.path` | HTTP path for scraping Prometheus metrics. | `/metrics` |
| `prometheus.metrics.serviceMonitor.port` | HTTP port for scraping Prometheus metrics. | `9187` |
| `prometheus.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]` |
| `prometheus.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `30s` |
| `prometheus.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. | `http` |

1988
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "prometheus-postgres-exporter",
"homepage": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter.git",
"name": "qu-seed-chart",
"homepage": "https://github.com/dedalus-cis4u/qu-seed-chart.git",
"license": "MIT",
"private": true,
"engineStrict": true,
@ -9,13 +9,11 @@
"npm": ">=8.0.0"
},
"scripts": {
"readme:link": "markdown-link-check *.md",
"readme:lint": "markdownlint *.md -f",
"readme:parameters": "readme-generator -v values.yaml -r README.md"
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdown-link-check": "^3.13.6",
"markdownlint-cli": "^0.45.0"
"markdownlint-cli": "^0.41.0"
}
}

View File

@ -1,14 +1,9 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>volker.raschek/renovate-config:default#master",
"local>volker.raschek/renovate-config:container#master",
"local>volker.raschek/renovate-config:actions#master",
"local>volker.raschek/renovate-config:npm#master",
"local>volker.raschek/renovate-config:regexp#master"
],
"assignees": [ "volker.raschek" ],
"customManagers": [
{
"description": "Update container image reference",
"fileMatch": [
"^Chart\\.yaml$"
],
@ -16,53 +11,26 @@
"appVersion: \"(?<currentValue>.*?)\"\\s+"
],
"datasourceTemplate": "docker",
"depNameTemplate": "prometheuscommunity/postgres-exporter",
"lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter",
"versioningTemplate": "semver"
},
{
"fileMatch": ["^README\\.md$"],
"matchStrings": [
"VERSION=(?<currentValue>.*)"
],
"depNameTemplate": "volker.raschek/prometheus-postgres-exporter",
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter",
"datasourceTemplate": "git-tags",
"versioningTemplate": "semver"
"depNameTemplate": "prometheus-postgres-exporter",
"lookupNameTemplate": "quay.io/prometheuscommunity/postgres-exporter"
}
],
"labels": [ "renovate" ],
"packageRules": [
{
"addLabels": [
"renovate/automerge",
"renovate/container"
],
"addLabels": [ "renovate/droneci", "renovate/automerge" ],
"automerge": true,
"excludePackagePatterns": [
"prometheuscommunity/postgres-exporter"
],
"matchDatasources": [
"docker"
],
"matchUpdateTypes": [
"minor",
"patch"
]
"matchManagers": "droneci",
"matchUpdateTypes": [ "minor", "patch"]
},
{
"addLabels": [
"renovate/automerge",
"renovate/documentation"
],
"addLabels": [ "renovate/markdownlint", "renovate/automerge" ],
"automerge": true,
"matchDepNames": [
"volker.raschek/prometheus-postgres-exporter"
],
"matchUpdateTypes": [
"major",
"minor",
"patch"
]
"matchPackageNames": [ "markdownlint-cli", "@bitnami/readme-generator-for-helm" ],
"matchManagers": [ "npm" ],
"matchUpdateTypes": [ "minor", "patch"]
}
]
],
"rebaseLabel": "renovate/rebase",
"rebaseWhen": "behind-base-branch"
}

View File

@ -1,20 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" . }}
{{- if .Values.grafana.dashboards.postgresExporter.annotations }}
{{ toYaml .Values.grafana.dashboards.postgresExporter.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-postgres-exporter.configMap.grafanaDashboards.postgresExporter.labels" -}}
{{ include "prometheus-postgres-exporter.labels" . }}
{{- if .Values.grafana.dashboards.postgresExporter.labels }}
{{ toYaml .Values.grafana.dashboards.postgresExporter.labels }}
{{- end }}
{{ toYaml .Values.grafana.dashboardDiscoveryLabels }}
{{- end }}

View File

@ -9,17 +9,6 @@
{{- end }}
{{- end }}
{{/* env */}}
{{- define "prometheus-postgres-exporter.deployment.env" -}}
{{- $env := dict "env" (.Values.deployment.postgresExporter.env | default (list) ) }}
{{- if and (hasKey .Values.deployment.postgresExporter.resources "limits") (hasKey .Values.deployment.postgresExporter.resources.limits "cpu") }}
{{- $env = merge $env (dict "env" (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu"))))) }}
{{- end }}
{{ toYaml $env }}
{{- end -}}
{{/* envFrom */}}
{{- define "prometheus-postgres-exporter.deployment.envFrom" -}}
@ -63,15 +52,15 @@
{{/* volumeMounts */}}
{{- define "prometheus-postgres-exporter.deployment.volumeMounts" -}}
{{- $volumeMounts := .Values.deployment.postgresExporter.volumeMounts | default list }}
{{- $volumeMounts = concat $volumeMounts (list (dict "name" "config-d" "mountPath" "/etc/prometheus-postgres-exporter/config.d" )) }}
{{ toYaml (dict "volumeMounts" $volumeMounts) }}
{{- $volumeMounts := dict "volumeMounts" (.Values.deployment.postgresExporter.volumeMounts | default (list) ) }}
{{- $volumeMounts = merge $volumeMounts (dict "volumeMounts" (list (dict "name" "config-d" "mountPath" "/etc/prometheus-postgres-exporter/config.d" ))) }}
{{ toYaml $volumeMounts }}
{{- end -}}
{{/* volumes */}}
{{- define "prometheus-postgres-exporter.deployment.volumes" -}}
{{- $volumes := .Values.deployment.volumes | default list }}
{{- $volumes := dict "volumes" (.Values.deployment.volumes | default (list) ) }}
{{- $exporterSecretName := .Values.config.exporterConfig.existingSecret.secretName -}}
{{- if not .Values.config.exporterConfig.existingSecret.enabled }}
@ -83,8 +72,8 @@
{{- $webConfigSecretName = printf "%s-web-config" (include "prometheus-postgres-exporter.fullname" . ) }}
{{- end }}
{{- $volumes = concat $volumes (list (dict "name" "config-d" "projected" (dict "defaultMode" 444 "sources" (list (dict "secret" (dict "name" $exporterSecretName)) (dict "secret" (dict "name" $webConfigSecretName)))))) }}
{{- $volumes = merge $volumes (dict "volumes" (list (dict "name" "config-d" "projected" (dict "defaultMode" 444 "sources" (list (dict "secret" (dict "name" $exporterSecretName)) (dict "secret" (dict "name" $webConfigSecretName))))))) }}
{{ toYaml (dict "volumes" $volumes) }}
{{ toYaml $volumes }}
{{- end -}}

View File

@ -1,19 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-postgres-exporter.networkPolicies.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" .context }}
{{- if .networkPolicy.annotations }}
{{ toYaml .networkPolicy.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-postgres-exporter.networkPolicies.labels" -}}
{{ include "prometheus-postgres-exporter.labels" .context }}
{{- if .networkPolicy.labels }}
{{ toYaml .networkPolicy.labels }}
{{- end }}
{{- end }}

View File

@ -4,37 +4,6 @@
{{- define "prometheus-postgres-exporter.pod.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" . }}
# The following annotations are required to trigger a rolling update. Further information can be found in the official
# documentation of helm:
#
# https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
#
{{/* database */}}
{{- if and .Values.config.database.existingSecret.enabled .Values.config.database.existingSecret.secretName }}
{{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.database.existingSecret.secretName ) }}
checksum/secret-database: {{ print $secret.spec | sha256sum }}
{{- else }}
checksum/secret-database: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretDatabase.yaml") . | sha256sum }}
{{- end }}
{{/* exporter config */}}
{{- if and .Values.config.exporterConfig.existingSecret.enabled .Values.config.exporterConfig.existingSecret.secretName }}
{{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.exporterConfig.existingSecret.secretName ) }}
checksum/secret-exporter-config: {{ print $secret.spec | sha256sum }}
{{- else }}
checksum/secret-exporter-config: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretExporterConfig.yaml") . | sha256sum }}
{{- end }}
{{/* web config */}}
{{- if and .Values.config.webConfig.existingSecret.enabled .Values.config.webConfig.existingSecret.secretName }}
{{- $secret := default (dict "data" (dict)) (lookup "v1" "Secret" .Release.Namespace .Values.config.webConfig.existingSecret.secretName ) }}
checksum/secret-web-config: {{ print $secret.spec | sha256sum }}
{{- else }}
checksum/secret-web-config: {{ include (print $.Template.BasePath "/prometheus-postgres-exporter/secretWebConfig.yaml") . | sha256sum }}
{{- end }}
{{- end }}
{{/* labels */}}

View File

@ -3,7 +3,7 @@ kind: Deployment
metadata:
{{- with (include "prometheus-postgres-exporter.deployment.annotations" . | fromYaml) }}
annotations:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with (include "prometheus-postgres-exporter.deployment.labels" . | fromYaml) }}
labels:
@ -12,21 +12,14 @@ metadata:
name: {{ include "prometheus-postgres-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
replicas: {{ .Values.deployment.replicas }}
selector:
matchLabels:
{{- include "prometheus-postgres-exporter.pod.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- include "prometheus-postgres-exporter.pod.annotations" . | nindent 8 }}
labels:
{{- include "prometheus-postgres-exporter.pod.labels" . | nindent 8 }}
spec:
{{- with .Values.deployment.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: postgres-exporter
args:
@ -36,10 +29,9 @@ spec:
{{- range .Values.deployment.postgresExporter.args }}
- {{ . | quote }}
{{- end }}
{{- $env := (include "prometheus-postgres-exporter.deployment.env" . | fromYaml) }}
{{- if and (hasKey $env "env") (gt (len $env.env) 0) }}
{{- with .Values.deployment.postgresExporter.env }}
env:
{{- toYaml $env.env | nindent 8 }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- $envFrom := (include "prometheus-postgres-exporter.deployment.envFrom" . | fromYaml) }}
{{- if hasKey $envFrom "envFrom" }}
@ -128,7 +120,3 @@ spec:
volumes:
{{- toYaml $volumes.volumes | nindent 6 }}
{{- end }}
{{- with .Values.deployment.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}

View File

@ -5,7 +5,7 @@ kind: Ingress
metadata:
{{- with (include "prometheus-postgres-exporter.ingress.annotations" . | fromYaml) }}
annotations:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with (include "prometheus-postgres-exporter.ingress.labels" . | fromYaml) }}
labels:

View File

@ -1,36 +0,0 @@
{{- if .Values.networkPolicies.enabled }}
{{- range $key, $value := .Values.networkPolicies -}}
{{- if and (not (eq $key "enabled")) $value.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
{{- with (include "prometheus-postgres-exporter.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-postgres-exporter.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ printf "%s-%s" (include "prometheus-postgres-exporter.fullname" $ ) $key }}
namespace: {{ $.Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "prometheus-postgres-exporter.pod.selectorLabels" $ | nindent 6 }}
{{- with $value.policyTypes }}
policyTypes:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.egress }}
egress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.ingress }}
ingress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@ -16,7 +16,7 @@ metadata:
spec:
{{- with .Values.prometheus.rules }}
groups:
- name: {{ template "prometheus-postgres-exporter.fullname" $ }}
- name: {{ template "prometheus-postgres-exporter.name" $ }}
rules:
{{ toYaml . | nindent 4 }}
{{- end }}

View File

@ -25,7 +25,7 @@ spec:
{{- toYaml . | nindent 6 }}
{{- end }}
scrapeTimeout: {{ required "The scrape timeout of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scrapeTimeout }}
scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme }}
scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme}}
targetPort: {{ required "The port of the service is not defined!" .Values.services.http.port }}
{{- with .Values.prometheus.metrics.serviceMonitor.tlsConfig }}
tlsConfig:

View File

@ -1,79 +0,0 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: ConfigMap template (Grafana Dashboard PostgresExporter)
release:
name: prometheus-postgres-exporter-unittest
namespace: testing
templates:
- templates/prometheus-postgres-exporter/configMapGrafanaDashboardPostgresExporter.yaml
tests:
- it: Rendering postgresExporter
asserts:
- hasDocuments:
count: 0
- it: Rendering
set:
grafana.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: ConfigMap
name: prometheus-postgres-exporter-unittest-grafana-dashboard-postgres-exporter
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
grafana_dashboard: "1"
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- exists:
path: data["postgresExporter.json"]
- it: Test custom annotations and labels
set:
grafana.enabled: true
grafana.dashboards.postgresExporter.annotations:
foo: bar
grafana.dashboards.postgresExporter.labels:
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
grafana_dashboard: "1"
helm.sh/chart: prometheus-postgres-exporter-0.1.0
bar: foo
- it: Test custom grafana discovery labels
set:
grafana.enabled: true
grafana.dashboardDiscoveryLabels:
grafana_dashboard: null
my-custom-discovery-label: my-value
asserts:
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
my-custom-discovery-label: my-value
helm.sh/chart: prometheus-postgres-exporter-0.1.0

View File

@ -7,29 +7,18 @@ release:
namespace: testing
templates:
- templates/prometheus-postgres-exporter/deployment.yaml
- templates/prometheus-postgres-exporter/secretDatabase.yaml
- templates/prometheus-postgres-exporter/secretExporterConfig.yaml
- templates/prometheus-postgres-exporter/secretWebConfig.yaml
tests:
- it: Rendering default
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
asserts:
- hasDocuments:
count: 1
template: templates/prometheus-postgres-exporter/deployment.yaml
- containsDocument:
apiVersion: apps/v1
kind: Deployment
name: prometheus-postgres-exporter-unittest
namespace: testing
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: metadata.annotations
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: metadata.labels
value:
@ -38,51 +27,22 @@ tests:
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.replicas
value: 1
template: templates/prometheus-postgres-exporter/deployment.yaml
- exists:
path: spec.template.metadata.annotations.checksum/secret-database
template: templates/prometheus-postgres-exporter/deployment.yaml
- exists:
path: spec.template.metadata.annotations.checksum/secret-exporter-config
template: templates/prometheus-postgres-exporter/deployment.yaml
- exists:
path: spec.template.metadata.annotations.checksum/secret-web-config
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.affinity
template: templates/prometheus-postgres-exporter/deployment.yaml
- contains:
path: spec.template.spec.containers[0].envFrom
content:
secretRef:
name: prometheus-postgres-exporter-unittest-database-env
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.containers[0].args
value:
- --config.file=/etc/prometheus-postgres-exporter/config.d/exporterConfig.yaml
- --web.config.file=/etc/prometheus-postgres-exporter/config.d/webConfig.yaml
- --web.listen-address=:9187
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- mountPath: /etc/prometheus-postgres-exporter/config.d
name: config-d
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.volumes
value:
@ -94,124 +54,45 @@ tests:
name: prometheus-postgres-exporter-unittest-exporter-config
- secret:
name: prometheus-postgres-exporter-unittest-web-config
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.containers[0].image
value: quay.io/prometheuscommunity/postgres-exporter:v0.1.0
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.containers[0].imagePullPolicy
value: IfNotPresent
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].resources
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].securityContext
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.dnsConfig
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.dnsPolicy
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.hostname
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.hostNetwork
value: false
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.imagePullSecrets
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.nodeSelector
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.priorityClassName
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.restartPolicy
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.subdomain
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.terminationGracePeriodSeconds
value: 60
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.tolerations
template: templates/prometheus-postgres-exporter/deployment.yaml
- notExists:
path: spec.template.spec.topologySpreadConstraints
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.strategy
value:
type: "RollingUpdate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom replicas
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.replicas: 3
asserts:
- equal:
path: spec.replicas
value: 3
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom affinity
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
asserts:
- equal:
path: spec.template.spec.affinity
value:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test additional arguments
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.args:
- "--foo=bar"
- "--bar=foo"
@ -224,42 +105,26 @@ tests:
- --web.listen-address=:9187
- --foo=bar
- --bar=foo
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom imageRegistry and imageRepository
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.image.registry: registry.example.local
deployment.postgresExporter.image.repository: path/special/prometheus-postgres-exporter
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.example.local/path/special/prometheus-postgres-exporter:v0.1.0
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom imagePullPolicy
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.image.pullPolicy: Always
asserts:
- equal:
path: spec.template.spec.containers[0].imagePullPolicy
value: Always
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test config.database.existingSecret
set:
# Normal test values
config.database.existingSecret.enabled: true
config.database.existingSecret.secretName: custom-database-secret
asserts:
@ -268,16 +133,9 @@ tests:
content:
secretRef:
name: custom-database-secret
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test config.exporterConfig.existingSecret
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
config.exporterConfig.existingSecret.enabled: true
config.exporterConfig.existingSecret.secretName: exporter-config-secret
asserts:
@ -286,7 +144,6 @@ tests:
value:
- mountPath: /etc/prometheus-postgres-exporter/config.d
name: config-d
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.volumes
value:
@ -298,16 +155,9 @@ tests:
name: exporter-config-secret
- secret:
name: prometheus-postgres-exporter-unittest-web-config
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test config.webConfig.existingSecret
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
config.webConfig.existingSecret.enabled: true
config.webConfig.existingSecret.secretName: web-config-secret
asserts:
@ -316,7 +166,6 @@ tests:
value:
- mountPath: /etc/prometheus-postgres-exporter/config.d
name: config-d
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.volumes
value:
@ -328,16 +177,9 @@ tests:
name: prometheus-postgres-exporter-unittest-exporter-config
- secret:
name: web-config-secret
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom resource limits and requests
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.resources:
limits:
cpu: 100m
@ -346,15 +188,6 @@ tests:
cpu: 25m
memory: 100MB
asserts:
- equal:
path: spec.template.spec.containers[0].env
value:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.containers[0].resources
value:
@ -364,16 +197,9 @@ tests:
requests:
cpu: 25m
memory: 100MB
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test custom securityContext
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.securityContext:
capabilities:
add:
@ -397,16 +223,9 @@ tests:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test dnsConfig
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.dnsConfig:
nameservers:
- "8.8.8.8"
@ -418,31 +237,17 @@ tests:
nameservers:
- "8.8.8.8"
- "8.8.4.4"
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test dnsPolicy
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.dnsPolicy: ClusterFirst
asserts:
- equal:
path: spec.template.spec.dnsPolicy
value: ClusterFirst
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test hostNetwork, hostname, subdomain
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.hostNetwork: true
deployment.hostname: pg-exporter
deployment.subdomain: exporters.internal
@ -450,24 +255,15 @@ tests:
- equal:
path: spec.template.spec.hostNetwork
value: true
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.hostname
value: pg-exporter
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
path: spec.template.spec.subdomain
value: exporters.internal
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test imagePullSecrets
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.imagePullSecrets:
- name: my-pull-secret
- name: my-special-secret
@ -477,16 +273,9 @@ tests:
value:
- name: my-pull-secret
- name: my-special-secret
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test nodeSelector
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.nodeSelector:
foo: bar
asserts:
@ -494,61 +283,33 @@ tests:
path: spec.template.spec.nodeSelector
value:
foo: bar
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test priorityClassName
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.priorityClassName: my-priority
asserts:
- equal:
path: spec.template.spec.priorityClassName
value: my-priority
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test restartPolicy
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.restartPolicy: Always
asserts:
- equal:
path: spec.template.spec.restartPolicy
value: Always
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test terminationGracePeriodSeconds
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.terminationGracePeriodSeconds: 120
asserts:
- equal:
path: spec.template.spec.terminationGracePeriodSeconds
value: 120
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test tolerations
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.tolerations:
- key: database/type
operator: Equal
@ -562,16 +323,9 @@ tests:
operator: Equal
value: postgres
effect: NoSchedule
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test topologySpreadConstraints
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.topologySpreadConstraints:
- topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
@ -587,16 +341,9 @@ tests:
labelSelector:
matchLabels:
app.kubernetes.io/instance: prometheus-postgres-exporter
template: templates/prometheus-postgres-exporter/deployment.yaml
- it: Test additional volumeMounts and volumes
set:
# Ensure that the secrets and config maps are well configured.
config.database.secret.databaseUsername: "postgres"
config.database.secret.databasePassword: "postgres"
config.database.secret.databaseConnectionUrl: "localhost:5432/postgres?sslmode=disable"
# Normal test values
deployment.postgresExporter.volumeMounts:
- name: data
mountPath: /usr/lib/prometheus-postgres-exporter/data
@ -605,26 +352,14 @@ tests:
hostPath:
path: /usr/lib/prometheus-postgres-exporter/data
asserts:
- equal:
- contains:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: data
content:
name: data
mountPath: /usr/lib/prometheus-postgres-exporter/data
- name: config-d
mountPath: /etc/prometheus-postgres-exporter/config.d
template: templates/prometheus-postgres-exporter/deployment.yaml
- equal:
- contains:
path: spec.template.spec.volumes
value:
- name: data
content:
name: data
hostPath:
path: /usr/lib/prometheus-postgres-exporter/data
- name: config-d
projected:
defaultMode: 444
sources:
- secret:
name: prometheus-postgres-exporter-unittest-exporter-config
- secret:
name: prometheus-postgres-exporter-unittest-web-config
template: templates/prometheus-postgres-exporter/deployment.yaml
path: /usr/lib/prometheus-postgres-exporter/data

View File

@ -1,118 +0,0 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: NetworkPolicies template (basic)
release:
name: prometheus-postgres-exporter-unittest
namespace: testing
templates:
- templates/prometheus-postgres-exporter/networkPolicies.yaml
tests:
- it: Skip networkPolicies in general disabled.
set:
networkPolicies.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Skip networkPolicy 'default' when disabled.
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Loop over networkPolicies
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
networkPolicies.nginx.enabled: true
networkPolicies.prometheus.enabled: true
asserts:
- hasDocuments:
count: 2
- it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
name: prometheus-postgres-exporter-unittest-default
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.podSelector.matchLabels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/name: prometheus-postgres-exporter
- notExists:
path: spec.policyTypes
- notExists:
path: spec.egress
- notExists:
path: spec.ingress
- it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
networkPolicies.default.policyTypes:
- Egress
- Ingress
networkPolicies.default.ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
networkPolicies.default.egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
asserts:
- equal:
path: spec.policyTypes
value:
- Egress
- Ingress
- equal:
path: spec.egress
value:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
- equal:
path: spec.ingress
value:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus

View File

@ -58,7 +58,7 @@ tests:
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.podMetricsEndpoints[0].enableHttp2
value: true
value: false
- equal:
path: spec.podMetricsEndpoints[0].followRedirects
value: false
@ -119,7 +119,7 @@ tests:
set:
prometheus.metrics.enabled: true
prometheus.metrics.podMonitor.enabled: true
prometheus.metrics.podMonitor.enableHttp2: false
prometheus.metrics.podMonitor.enableHttp2: true
prometheus.metrics.podMonitor.followRedirects: true
prometheus.metrics.podMonitor.honorLabels: true
prometheus.metrics.podMonitor.interval: "180s"
@ -137,7 +137,7 @@ tests:
count: 1
- equal:
path: spec.podMetricsEndpoints[0].enableHttp2
value: false
value: true
- equal:
path: spec.podMetricsEndpoints[0].followRedirects
value: true

View File

@ -59,7 +59,7 @@ tests:
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.endpoints[0].enableHttp2
value: true
value: false
- equal:
path: spec.endpoints[0].followRedirects
value: false
@ -121,7 +121,7 @@ tests:
set:
prometheus.metrics.enabled: true
prometheus.metrics.serviceMonitor.enabled: true
prometheus.metrics.serviceMonitor.enableHttp2: false
prometheus.metrics.serviceMonitor.enableHttp2: true
prometheus.metrics.serviceMonitor.followRedirects: true
prometheus.metrics.serviceMonitor.honorLabels: true
prometheus.metrics.serviceMonitor.interval: "180s"
@ -139,7 +139,7 @@ tests:
count: 1
- equal:
path: spec.endpoints[0].enableHttp2
value: false
value: true
- equal:
path: spec.endpoints[0].followRedirects
value: true

View File

@ -1,700 +0,0 @@
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"nameOverride": {
"type": "string"
},
"fullnameOverride": {
"type": "string"
},
"config": {
"type": "object",
"properties": {
"database": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"databaseUsername": {
"type": "string"
},
"databasePassword": {
"type": "string"
},
"databaseConnectionUrl": {
"type": "string"
}
},
"required": [
"annotations",
"labels",
"databaseUsername",
"databasePassword",
"databaseConnectionUrl"
]
}
},
"required": [
"existingSecret",
"secret"
]
},
"exporterConfig": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"exporterConfig": {
"type": "object"
}
},
"required": [
"annotations",
"labels",
"exporterConfig"
]
}
},
"required": [
"existingSecret",
"secret"
]
},
"webConfig": {
"type": "object",
"properties": {
"existingSecret": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"secretName": {
"type": "string"
}
},
"required": [
"enabled",
"secretName"
]
},
"secret": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"webConfig": {
"type": "object"
}
},
"required": [
"annotations",
"labels",
"webConfig"
]
}
},
"required": [
"existingSecret",
"secret"
]
}
},
"required": [
"database",
"exporterConfig",
"webConfig"
]
},
"deployment": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"additionalContainers": {
"type": "array",
"items": {}
},
"affinity": {
"type": "object"
},
"initContainers": {
"type": "array",
"items": {}
},
"dnsConfig": {
"type": "object"
},
"dnsPolicy": {
"type": "string"
},
"hostname": {
"type": "string"
},
"subdomain": {
"type": "string"
},
"hostNetwork": {
"type": "boolean"
},
"imagePullSecrets": {
"type": "array",
"items": {}
},
"postgresExporter": {
"type": "object",
"properties": {
"args": {
"type": "array",
"items": {}
},
"env": {
"type": "array",
"items": {}
},
"envFrom": {
"type": "array",
"items": {}
},
"image": {
"type": "object",
"properties": {
"registry": {
"type": "string"
},
"repository": {
"type": "string"
},
"tag": {
"type": "string"
},
"pullPolicy": {
"type": "string"
}
},
"required": [
"registry",
"repository",
"tag",
"pullPolicy"
]
},
"resources": {
"type": "object"
},
"securityContext": {
"type": "object"
},
"volumeMounts": {
"type": "array",
"items": {}
}
},
"required": [
"args",
"env",
"envFrom",
"image",
"resources",
"securityContext",
"volumeMounts"
]
},
"nodeSelector": {
"type": "object"
},
"priorityClassName": {
"type": "string"
},
"replicas": {
"type": "integer"
},
"restartPolicy": {
"type": "string"
},
"securityContext": {
"type": "object"
},
"strategy": {
"type": "object",
"properties": {
"type": {
"type": "string"
},
"rollingUpdate": {
"type": "object",
"properties": {
"maxSurge": {
"type": "integer"
},
"maxUnavailable": {
"type": "integer"
}
},
"required": [
"maxSurge",
"maxUnavailable"
]
}
},
"required": [
"type",
"rollingUpdate"
]
},
"terminationGracePeriodSeconds": {
"type": "integer"
},
"tolerations": {
"type": "array",
"items": {}
},
"topologySpreadConstraints": {
"type": "array",
"items": {}
},
"volumes": {
"type": "array",
"items": {}
}
},
"required": [
"annotations",
"labels",
"additionalContainers",
"affinity",
"initContainers",
"dnsConfig",
"dnsPolicy",
"hostname",
"subdomain",
"hostNetwork",
"imagePullSecrets",
"postgresExporter",
"nodeSelector",
"priorityClassName",
"replicas",
"restartPolicy",
"securityContext",
"strategy",
"terminationGracePeriodSeconds",
"tolerations",
"topologySpreadConstraints",
"volumes"
]
},
"grafana": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"dashboardDiscoveryLabels": {
"type": "object"
},
"dashboards": {
"type": "object",
"properties": {
"postgresExporter": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"labels"
]
}
},
"required": [
"postgresExporter"
]
}
},
"required": [
"enabled",
"dashboardDiscoveryLabels",
"dashboards"
]
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"className": {
"type": "string"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"hosts": {
"type": "array",
"items": {}
},
"tls": {
"type": "array",
"items": {}
}
},
"required": [
"enabled",
"className",
"annotations",
"labels",
"hosts",
"tls"
]
},
"podDisruptionBudget": {
"type": "object"
},
"networkPolicies": {
"type": "object"
},
"prometheus": {
"type": "object",
"properties": {
"metrics": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"podMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"enableHttp2": {
"type": "boolean"
},
"followRedirects": {
"type": "boolean"
},
"honorLabels": {
"type": "boolean"
},
"labels": {
"type": "object"
},
"interval": {
"type": "string"
},
"path": {
"type": "string"
},
"relabelings": {
"type": "array",
"items": {}
},
"scrapeTimeout": {
"type": "string"
},
"scheme": {
"type": "string"
},
"tlsConfig": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"enableHttp2",
"followRedirects",
"honorLabels",
"labels",
"interval",
"path",
"relabelings",
"scrapeTimeout",
"scheme",
"tlsConfig"
]
},
"serviceMonitor": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"enableHttp2": {
"type": "boolean"
},
"followRedirects": {
"type": "boolean"
},
"honorLabels": {
"type": "boolean"
},
"interval": {
"type": "string"
},
"path": {
"type": "string"
},
"relabelings": {
"type": "array",
"items": {}
},
"scrapeTimeout": {
"type": "string"
},
"scheme": {
"type": "string"
},
"tlsConfig": {
"type": "object"
}
},
"required": [
"enabled",
"annotations",
"labels",
"enableHttp2",
"followRedirects",
"honorLabels",
"interval",
"path",
"relabelings",
"scrapeTimeout",
"scheme",
"tlsConfig"
]
}
},
"required": [
"enabled",
"podMonitor",
"serviceMonitor"
]
},
"rules": {
"type": "array",
"items": {}
}
},
"required": [
"metrics",
"rules"
]
},
"services": {
"type": "object",
"properties": {
"http": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"annotations": {
"type": "object"
},
"externalIPs": {
"type": "array",
"items": {}
},
"externalTrafficPolicy": {
"type": "string"
},
"internalTrafficPolicy": {
"type": "string"
},
"ipFamilies": {
"type": "array",
"items": {}
},
"labels": {
"type": "object"
},
"loadBalancerClass": {
"type": "string"
},
"loadBalancerIP": {
"type": "string"
},
"loadBalancerSourceRanges": {
"type": "array",
"items": {}
},
"port": {
"type": "integer"
},
"sessionAffinity": {
"type": "string"
},
"sessionAffinityConfig": {
"type": "object"
},
"type": {
"type": "string"
}
},
"required": [
"enabled",
"annotations",
"externalIPs",
"externalTrafficPolicy",
"internalTrafficPolicy",
"ipFamilies",
"labels",
"loadBalancerClass",
"loadBalancerIP",
"loadBalancerSourceRanges",
"port",
"sessionAffinity",
"sessionAffinityConfig",
"type"
]
}
},
"required": [
"http"
]
},
"serviceAccount": {
"type": "object",
"properties": {
"existing": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"serviceAccountName": {
"type": "string"
}
},
"required": [
"enabled",
"serviceAccountName"
]
},
"new": {
"type": "object",
"properties": {
"annotations": {
"type": "object"
},
"labels": {
"type": "object"
},
"automountServiceAccountToken": {
"type": "boolean"
},
"imagePullSecrets": {
"type": "array",
"items": {}
},
"secrets": {
"type": "array",
"items": {}
}
},
"required": [
"annotations",
"labels",
"automountServiceAccountToken",
"imagePullSecrets",
"secrets"
]
}
},
"required": [
"existing",
"new"
]
}
},
"required": [
"nameOverride",
"fullnameOverride",
"config",
"deployment",
"grafana",
"ingress",
"podDisruptionBudget",
"networkPolicies",
"prometheus",
"services",
"serviceAccount"
]
}

View File

@ -1,3 +1,6 @@
# Default values for qu-seed.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
## @section Global
## @param nameOverride Individual release name suffix.
@ -35,7 +38,7 @@ config:
## @param config.exporterConfig.secret.annotations Additional annotations of the secret containing the `exporterConfig.yaml`.
## @param config.exporterConfig.secret.labels Additional labels of the secret containing the `exporterConfig.yaml`.
## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found in the [README](https://github.com/prometheus-community/postgres_exporter?tab=readme-ov-file#multi-target-support-beta) file of the Postgres exporter binary.
## @param config.exporterConfig.secret.exporterConfig Content of the `exporterConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/).
## @skip config.exporterConfig.secret.exporterConfig Skip individual postgres exporter configuration.
secret:
annotations: {}
@ -59,7 +62,7 @@ config:
## @param config.webConfig.secret.annotations Additional annotations of the secret containing the `webConfig.yaml`.
## @param config.webConfig.secret.labels Additional labels of the secret containing the `webConfig.yaml`.
## @param config.webConfig.secret.webConfig Content of the `webConfig.yaml`. Further [documentation](https://prometheus.io/docs/prometheus/latest/configuration/https/) is available on the official Prometheus website.
## @param config.webConfig.secret.webConfig Content of the `webConfig.yaml`. Further information can be found [here](https://prometheus.io/docs/prometheus/latest/configuration/https/).
## @skip config.webConfig.secret.webConfig Skip individual web configuration.
secret:
annotations: {}
@ -81,7 +84,7 @@ config:
## @section Deployment
deployment:
## @param deployment.annotations Additional deployment annotations.
## @param deployment.labels Additional deployment labels.
## @param deployment.labels Additional ingress labels.
annotations: {}
labels: {}
@ -93,22 +96,6 @@ deployment:
## @param deployment.affinity Affinity for the postgres-exporter deployment.
affinity: {}
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/os
# operator: In
# values:
# - linux
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 20
# preference:
# matchExpressions:
# - key: kubernetes.io/arch
# operator: In
# values:
# - amd64
## @param deployment.initContainers List of additional init containers.
initContainers: []
@ -214,8 +201,8 @@ deployment:
## @param deployment.priorityClassName PriorityClassName of the postgres-exporter deployment.
priorityClassName: ""
## @param deployment.replicas Number of replicas for the postgres-exporter deployment.
replicas: 1
## @param deployment.replicaCount Number of replicas for the postgres-exporter deployment.
replicaCount: 1
## @param deployment.restartPolicy Restart policy of the postgres-exporter deployment.
restartPolicy: ""
@ -224,11 +211,11 @@ deployment:
securityContext: {}
# fsGroup: 2000
## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`.
## @param deployment.strategy.type Strategy type - `Recreate` or `Rollingupdate`.
## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update.
## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update.
strategy:
type: "RollingUpdate"
type: "Recreate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
@ -261,23 +248,12 @@ deployment:
# secretName: my-secret
## @section Grafana
## @param grafana.enabled Enable integration into Grafana. Require the Prometheus operator deployment.
## @param grafana.enabled Enable integration into Grafana.
## @param grafana.dashboards.businessMetrics Enable deployment of Grafana dashboard `businessMetrics`.
grafana:
enabled: false
## @param grafana.dashboardDiscoveryLabels Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment.
## @skip grafana.dashboardDiscoveryLabels Skip individual configuration.
dashboardDiscoveryLabels:
grafana_dashboard: "1"
dashboards:
## @param grafana.dashboards.postgresExporter.enabled Enable deployment of Grafana dashboard `postgresExporter`.
## @param grafana.dashboards.postgresExporter.annotations Additional configmap annotations.
## @param grafana.dashboards.postgresExporter.labels Additional configmap labels.
postgresExporter:
enabled: true
annotations: {}
labels: {}
businessMetrics: true
## @section Ingress
ingress:
@ -311,77 +287,9 @@ podDisruptionBudget: {}
# maxUnavailable: 1
# minAvailable: 1
## @section NetworkPolicies
## @param networkPolicies.enabled Enable network policies in general.
networkPolicies:
enabled: false
## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics.
## @param networkPolicies.default.annotations Additional network policy annotations.
## @param networkPolicies.default.labels Additional network policy labels.
## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress.
## @param networkPolicies.default.egress Concrete egress network policy implementation.
## @skip networkPolicies.default.egress Skip individual egress configuration.
## @param networkPolicies.default.ingress Concrete ingress network policy implementation.
## @skip networkPolicies.default.ingress Skip individual ingress configuration.
default:
enabled: false
annotations: {}
labels: {}
policyTypes: []
# - Egress
# - Ingress
egress: []
# Allow outgoing traffic to database host
#
# - to:
# - ipBlock:
# cidr: 192.168.179.1/32
# ports:
# - port: 5432
# protocol: TCP
# Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns.
#
# - to:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: kube-system
# podSelector:
# matchLabels:
# k8s-app: kube-dns
# ports:
# - port: 53
# protocol: TCP
# - port: 53
# protocol: UDP
ingress: []
# Allow incoming HTTP traffic from prometheus.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: monitoring
# podSelector:
# matchLabels:
# app.kubernetes.io/name: prometheus
# ports:
# - port: http
# protocol: TCP
# Allow incoming HTTP traffic from ingress-nginx.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: ingress-nginx
# podSelector:
# matchLabels:
# app.kubernetes.io/name: ingress-nginx
# ports:
# - port: http
# protocol: TCP
## @section Network
## @param networkPolicies Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave.
networkPolicies: {}
## @section Prometheus
prometheus:
@ -396,7 +304,7 @@ prometheus:
## @param prometheus.metrics.podMonitor.honorLabels Honor labels.
## @param prometheus.metrics.podMonitor.labels Additional podMonitor labels.
## @param prometheus.metrics.podMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param prometheus.metrics.podMonitor.path HTTP path for scraping Prometheus metrics.
## @param prometheus.metrics.podMonitor.path HTTP path for scraping prometheus metrics.
## @param prometheus.metrics.podMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
## @param prometheus.metrics.podMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param prometheus.metrics.podMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@ -405,7 +313,7 @@ prometheus:
podMonitor:
enabled: false
annotations: {}
enableHttp2: true
enableHttp2: false
followRedirects: false
honorLabels: false
labels: {}
@ -423,7 +331,7 @@ prometheus:
## @param prometheus.metrics.serviceMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.
## @param prometheus.metrics.serviceMonitor.honorLabels Honor labels.
## @param prometheus.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping Prometheus metrics.
## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping prometheus metrics.
## @param prometheus.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
## @param prometheus.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param prometheus.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`.
@ -433,7 +341,7 @@ prometheus:
enabled: false
annotations: {}
labels: {}
enableHttp2: true
enableHttp2: false
followRedirects: false
honorLabels: false
interval: "60s"
@ -443,8 +351,8 @@ prometheus:
scheme: "http"
tlsConfig: {}
## @param prometheus.rules Array of Prometheus rules for monitoring the application and triggering alerts.
## @skip prometheus.rules Skip individual Prometheus rules.
## @param prometheus.rules Array of prometheus rules for monitoring the application and triggering alerts.
## @skip prometheus.rules Skip individual prometheus rules.
rules: []
# - alert: ExporterErrors
# expr: pg_exporter_last_scrape_error == 1