volker.raschek/prometheus-postgres-exporter
1
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: volker.raschek:master
Branches Tags
volker.raschek:master
volker.raschek:renovate/library-node-23.x
volker.raschek:0.4.2
volker.raschek:0.4.1
volker.raschek:0.4.0
volker.raschek:0.3.2
volker.raschek:0.3.1
volker.raschek:0.3.0
volker.raschek:0.2.6
volker.raschek:0.2.5
volker.raschek:0.2.4
volker.raschek:0.2.3
volker.raschek:0.2.2
volker.raschek:0.2.1
volker.raschek:0.2.0
volker.raschek:0.1.11
volker.raschek:0.1.10
volker.raschek:0.1.9
volker.raschek:0.1.8
volker.raschek:0.1.7
volker.raschek:0.1.6
volker.raschek:0.1.5
volker.raschek:0.1.4
volker.raschek:0.1.3
volker.raschek:0.1.2
volker.raschek:0.1.1
volker.raschek:0.1.0
..
compare: volker.raschek:0.2.3
Branches Tags
volker.raschek:renovate/library-node-23.x
volker.raschek:master
volker.raschek:0.4.2
volker.raschek:0.4.1
volker.raschek:0.4.0
volker.raschek:0.3.2
volker.raschek:0.3.1
volker.raschek:0.3.0
volker.raschek:0.2.6
volker.raschek:0.2.5
volker.raschek:0.2.4
volker.raschek:0.2.3
volker.raschek:0.2.2
volker.raschek:0.2.1
volker.raschek:0.2.0
volker.raschek:0.1.11
volker.raschek:0.1.10
volker.raschek:0.1.9
volker.raschek:0.1.8
volker.raschek:0.1.7
volker.raschek:0.1.6
volker.raschek:0.1.5
volker.raschek:0.1.4
volker.raschek:0.1.3
volker.raschek:0.1.2
volker.raschek:0.1.1
volker.raschek:0.1.0

No commits in common. "master" and "0.2.3" have entirely different histories.
master ... 0.2.3

18 changed files with 499 additions and 1593 deletions
Show Stats Expand all files Collapse all files

200
.drone.yml Normal file
View File

@ -0,0 +1,200 @@
---
kind: pipeline
type: kubernetes
name: Linters
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm lint
commands:
- helm lint
image: git.cryptic.systems/volker.raschek/helm:3.16.3
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Unit tests
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: helm unittest
commands:
- helm unittest --strict --file 'unittests/**/*.yaml' ./
image: git.cryptic.systems/volker.raschek/helm:3.16.3
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Generate, compare and lint README.md
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: execute NPM modules
commands:
- npm install
- npm run readme:link
- npm run readme:lint
- npm run readme:parameters
image: docker.io/library/node:23.3.0-alpine
resources:
limits:
cpu: 150
memory: 150M
- name: detect diff
commands:
- git diff --exit-code --name-only README.md
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: kubernetes
name: Release
clone:
disable: true
platform:
os: linux
steps:
- name: clone repository
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: release-helm-chart
commands:
- helm repo add prometheus-exporters https://charts.cryptic.systems/prometheus-exporters
- helm package --version ${DRONE_TAG} .
- helm cm-push ${DRONE_REPO_NAME}-${DRONE_TAG}.tgz prometheus-exporters
environment:
HELM_REPO_PASSWORD:
from_secret: helm_repo_password
HELM_REPO_USERNAME:
from_secret: helm_repo_username
image: git.cryptic.systems/volker.raschek/helm:3.16.3
resources:
limits:
cpu: 150
memory: 150M
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-postgres-exporter

32
.gitea/workflows/generate-readme.yaml
View File

@ -1,32 +0,0 @@
name: Generate README
on:
pull_request:
paths: [ "README.md", "values.yaml" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "README.md", "values.yaml" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
generate-parameters:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Generate parameter section in README
run: |
npm install
npm run readme:parameters
- name: Compare diff
run: git diff --exit-code --name-only README.md

42
.gitea/workflows/helm.yaml
View File

@ -1,42 +0,0 @@
name: Helm
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
helm-lint:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Lint helm files
run: |
helm lint --values values.yaml .
helm-unittest:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Unittest
run: |
helm unittest --strict --file 'unittests/**/*.yaml' ./

46
.gitea/workflows/markdown-linters.yaml
View File

@ -1,46 +0,0 @@
name: Markdown linter
on:
pull_request:
paths: [ "**/*.md" ]
types: [ "opened", "reopened", "synchronize" ]
push:
branches:
- '**'
paths: [ "**/*.md" ]
tags-ignore:
- '**'
workflow_dispatch: {}
jobs:
markdown-link-checker:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4.2.2
- name: Verify links in markdown files
run: |
npm install
npm run readme:link
markdown-lint:
container:
image: docker.io/library/node:23.11.0-alpine
runs-on:
- ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git
- uses: actions/checkout@v4.2.2
- name: Lint markdown files
run: |
npm install
npm run readme:lint

46
.gitea/workflows/release.yaml
View File

@ -1,46 +0,0 @@
name: Release
on:
push:
tags:
- "**"
jobs:
publish-chart:
container:
image: docker.io/volkerraschek/helm:3.17.1
runs-on: ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git npm
- uses: actions/checkout@v4
- name: Package chart
env:
HELM_REPO_NAME: upload
CHARTMUSEUM_PASSWORD: ${{ secrets.CHARTMUSEUM_PASSWORD }}
CHARTMUSEUM_REPOSITORY: ${{ vars.CHARTMUSEUM_REPOSITORY }}
CHARTMUSEUM_USERNAME: ${{ secrets.CHARTMUSEUM_USERNAME }}
CHARTMUSEUM_HOSTNAME: ${{ vars.CHARTMUSEUM_HOSTNAME }}
GITEA_PACKAGE_REGISTRY_TOKEN: ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }}
GITEA_SERVER_URL: ${{ github.server_url }}
run: |
PACKAGE_VERSION=${GITHUB_REF#refs/tags/}
REPOSITORY_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 2)
REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d '/' -f 1)
helm dependency build
helm package --version "${PACKAGE_VERSION}" ./
# chart-museum
helm repo add --username ${CHARTMUSEUM_USERNAME} --password ${CHARTMUSEUM_PASSWORD} chartmuseum https://${CHARTMUSEUM_HOSTNAME}/${CHARTMUSEUM_REPOSITORY}
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz chartmuseum
helm repo remove chartmuseum
# gitea
helm repo add --username ${REPOSITORY_OWNER} --password ${GITEA_PACKAGE_REGISTRY_TOKEN} gitea ${GITEA_SERVER_URL}/api/packages/${REPOSITORY_OWNER}/helm
helm cm-push ${REPOSITORY_NAME}-${PACKAGE_VERSION}.tgz gitea
helm repo remove gitea

2
Chart.yaml
View File

@ -4,7 +4,7 @@ description: Prometheus metric exporter for PostgreSQL
type: application type: application
kubeVersion: ">=1.20.0" kubeVersion: ">=1.20.0"
version: "0.1.0" version: "0.1.0"
appVersion: "0.17.1" appVersion: "0.16.0"
# icon: https://annotations.example.com/icon.png # icon: https://annotations.example.com/icon.png

24
Makefile
View File

@ -3,14 +3,20 @@ CONTAINER_RUNTIME?=$(shell which podman)
# HELM_IMAGE # HELM_IMAGE
HELM_IMAGE_REGISTRY_HOST?=docker.io HELM_IMAGE_REGISTRY_HOST?=docker.io
HELM_IMAGE_REPOSITORY?=volkerraschek/helm HELM_IMAGE_REPOSITORY=volkerraschek/helm
HELM_IMAGE_VERSION?=3.17.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm HELM_IMAGE_VERSION?=3.16.1 # renovate: datasource=docker registryUrl=https://docker.io depName=volkerraschek/helm
HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION}
# MARKDOWNLINKCHECKER_IMAGE
MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST?=ghcr.io
MARKDOWNLINKCHECK_IMAGE_REPOSITORY=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_VERSION?=3.12.2 # renovate: datasource=docker registryUrl=https://ghcr.io depName=tcort/markdown-link-check
MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED=${MARKDOWNLINKCHECK_IMAGE_REGISTRY_HOST}/${MARKDOWNLINKCHECK_IMAGE_REPOSITORY}:${MARKDOWNLINKCHECK_IMAGE_VERSION}
# NODE_IMAGE # NODE_IMAGE
NODE_IMAGE_REGISTRY_HOST?=docker.io NODE_IMAGE_REGISTRY_HOST?=docker.io
NODE_IMAGE_REPOSITORY?=library/node NODE_IMAGE_REPOSITORY=library/node
NODE_IMAGE_VERSION?=22.14.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node NODE_IMAGE_VERSION?=22.9.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=library/node
NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION}
# MISSING DOT # MISSING DOT
@ -84,6 +90,16 @@ container-run/helm-lint:
${HELM_IMAGE_FULLY_QUALIFIED} \ ${HELM_IMAGE_FULLY_QUALIFIED} \
lint --values values.yaml . lint --values values.yaml .
# CONTAINER RUN - MARKDOWN-LINK-CHECK
# ==============================================================================
PHONY+=container-run/markdown-link-check
container-run/markdown-link-check:
${CONTAINER_RUNTIME} run \
--rm \
--volume $(shell pwd):/work \
${MARKDOWNLINKCHECK_IMAGE_FULLY_QUALIFIED} \
*.md
# PHONY # PHONY
# ============================================================================== # ==============================================================================
# Declare the contents of the PHONY variable as phony. We keep that information # Declare the contents of the PHONY variable as phony. We keep that information

118
README.md
View File

@ -20,7 +20,7 @@ helm chart is tested for deployment scenarios with **ArgoCD**.
## Helm: configuration and installation ## Helm: configuration and installation
1. A helm chart repository must be configured, to pull the helm charts from. 1. A helm chart repository must be configured, to pull the helm charts from.
2. All available parameters are [here](#parameters) in detail documented. The parameters can be defined via the helm 2. All available parameters are [here](#parameters) in detail document. The parameters can be defined via the helm
`--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter` `--set` flag or directly as part of a `values.yaml` file. The following example defines the `prometheus-exporter`
repository and use the `--set` flag for a basic deployment. repository and use the `--set` flag for a basic deployment.
@ -46,7 +46,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi
versions can break something! versions can break something!
```bash ```bash
CHART_VERSION=0.4.2 CHART_VERSION=0.1.0
helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml helm show values prometheus-exporters/prometheus-postgres-exporter --version "${CHART_VERSION}" > values.yaml
``` ```
@ -63,37 +63,6 @@ for customizations. These can be configured in more detail via `values.yaml`.
The following examples serve as individual configurations and as inspiration for how deployment problems can be solved. The following examples serve as individual configurations and as inspiration for how deployment problems can be solved.
#### Avoid CPU throttling by defining a CPU limit
If the application is deployed with a CPU resource limit, Prometheus may throw a CPU throttling warning for the
application. This has more or less to do with the fact that the application finds the number of CPUs of the host, but
cannot use the available CPU time to perform computing operations.
The application must be informed that despite several CPUs only a part (limit) of the available computing time is
available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way
of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS
rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling.
Further information about this topic can be found [here](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).
> [!NOTE]
> The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is
> not anymore required.
>
> Please take care the a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully.
```bash
helm install prometheus-postgres-exporter prometheus-exporters/prometheus-postgres-exporter \
--set 'config.database.secret.databaseUsername=postgres' \
--set 'config.database.secret.databasePassword=postgres' \
--set 'config.database.secret.databaseConnectionUrl="postgres.example.local:5432/postgres?ssl=disable"' \
--set 'prometheus.metrics.enabled=true' \
--set 'prometheus.metrics.serviceMonitor.enabled=true' \
--set 'deployment.postgresExporter.env.name=GOMAXPROCS' \
--set 'deployment.postgresExporter.env.valueFrom.resourceFieldRef.resource=limits.cpu' \
--set 'deployment.postgresExporter.resources.limits.cpu=1000m'
```
#### TLS authentication and encryption #### TLS authentication and encryption
The first example shows how to deploy the metric exporter with TLS encryption. The verification of the custom TLS The first example shows how to deploy the metric exporter with TLS encryption. The verification of the custom TLS
@ -189,75 +158,6 @@ deployment:
- postgres - postgres
``` ```
### Network policies
Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom
network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`.
The object networkPolicies can contains multiple networkPolicy definitions. There is currently only one example
predefined - it's named `default`. Further networkPolicy rules can easy be added by defining additional objects. For example:
> [!NOTE]
> The structure of each custom network policy must be equal like that of default. For this reason don't forget to define
> `annotations`, `labels` and the other properties as well.
```yaml
networkPolicies:
enabled: false
default: {}
my-custom-network-policy: {}
```
The example below is an excerpt of the `values.yaml` file. The network policy `default` contains ingress rules to allow
incoming traffic from Prometheus. Additionally two egress rules are defined, to allow the application outgoing access to
the internal running DNS server `core-dns` and the external running postgres database listen on `10.14.243.12`.
> [!IMPORTANT]
> Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For
> this reason, there is are not default network policy rules defined.
```yaml
networkPolicies:
enabled: true
default:
enabled: true
annotations: {}
labels: {}
policyTypes:
- Egress
- Ingress
egress:
- to:
- ipBlock:
cidr: 10.14.243.12/32
ports:
- port: 5432
protocol: TCP
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- port: 53
protocol: TCP
- port: 53
protocol: UDP
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: monitoring
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
ports:
- port: http
protocol: TCP
```
## Parameters ## Parameters
### Global ### Global
@ -319,7 +219,7 @@ networkPolicies:
| `deployment.replicas` | Number of replicas for the postgres-exporter deployment. | `1` | | `deployment.replicas` | Number of replicas for the postgres-exporter deployment. | `1` |
| `deployment.restartPolicy` | Restart policy of the postgres-exporter deployment. | `""` | | `deployment.restartPolicy` | Restart policy of the postgres-exporter deployment. | `""` |
| `deployment.securityContext` | Security context of the postgres-exporter deployment. | `{}` | | `deployment.securityContext` | Security context of the postgres-exporter deployment. | `{}` |
| `deployment.strategy.type` | Strategy type - `Recreate` or `RollingUpdate`. | `RollingUpdate` | | `deployment.strategy.type` | Strategy type - `Recreate` or `Rollingupdate`. | `Recreate` |
| `deployment.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1` | | `deployment.strategy.rollingUpdate.maxSurge` | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1` |
| `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update. | `1` | | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update. | `1` |
| `deployment.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod. | `60` | | `deployment.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod. | `60` |
@ -354,17 +254,11 @@ networkPolicies:
| --------------------- | ---------------------- | ----- | | --------------------- | ---------------------- | ----- |
| `podDisruptionBudget` | Pod disruption budget. | `{}` | | `podDisruptionBudget` | Pod disruption budget. | `{}` |
### NetworkPolicies ### Network
| Name | Description | Value | | Name | Description | Value |
| ------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------- | | ----------------- | ------------------------------------------------------------------------------------------------------------------ | ----- |
| `networkPolicies.enabled` | Enable network policies in general. | `false` | | `networkPolicies` | Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave. | `{}` |
| `networkPolicies.default.enabled` | Enable the network policy for accessing the application by default. For example to scape the metrics. | `false` |
| `networkPolicies.default.annotations` | Additional network policy annotations. | `{}` |
| `networkPolicies.default.labels` | Additional network policy labels. | `{}` |
| `networkPolicies.default.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress. | `[]` |
| `networkPolicies.default.egress` | Concrete egress network policy implementation. | `[]` |
| `networkPolicies.default.ingress` | Concrete ingress network policy implementation. | `[]` |
### Prometheus ### Prometheus

1212
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

2
package.json
View File

@ -16,6 +16,6 @@
"devDependencies": { "devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0", "@bitnami/readme-generator-for-helm": "^2.5.0",
"markdown-link-check": "^3.13.6", "markdown-link-check": "^3.13.6",
"markdownlint-cli": "^0.44.0" "markdownlint-cli": "^0.43.0"
} }
} }

60
renovate.json
View File

@ -1,14 +1,9 @@
{ {
"$schema": "https://docs.renovatebot.com/renovate-schema.json", "$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [ "assignees": [ "volker.raschek" ],
"local>volker.raschek/renovate-config:default#master",
"local>volker.raschek/renovate-config:container#master",
"local>volker.raschek/renovate-config:actions#master",
"local>volker.raschek/renovate-config:npm#master",
"local>volker.raschek/renovate-config:regexp#master"
],
"customManagers": [ "customManagers": [
{ {
"description": "Update container image reference",
"fileMatch": [ "fileMatch": [
"^Chart\\.yaml$" "^Chart\\.yaml$"
], ],
@ -21,48 +16,35 @@
"versioningTemplate": "semver" "versioningTemplate": "semver"
}, },
{ {
"fileMatch": ["^README\\.md$"], "description": "Detect helm chart version in README",
"matchStrings": [ "fileMatch": [
"VERSION=(?<currentValue>.*)" "^README\\.md$"
],
"matchStrings": [
"^CHART_VERSION=(?<currentValue>.*)$"
], ],
"depNameTemplate": "volker.raschek/prometheus-postgres-exporter",
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/prometheus-postgres-exporter",
"datasourceTemplate": "git-tags", "datasourceTemplate": "git-tags",
"depNameTemplate": "volker.raschek/prometheus-postgres-exporter",
"packageNameTemplate": "git.cryptic.systems/volker.raschek/prometheus-postgres-exporter",
"versioningTemplate": "semver" "versioningTemplate": "semver"
} }
], ],
"labels": [ "renovate" ],
"packageRules": [ "packageRules": [
{ {
"addLabels": [ "addLabels": [ "renovate/automerge", "renovate/droneci" ],
"renovate/automerge",
"renovate/container"
],
"automerge": true, "automerge": true,
"excludePackagePatterns": [ "matchManagers": "droneci",
"prometheuscommunity/postgres-exporter" "matchUpdateTypes": [ "minor", "patch"]
],
"matchDatasources": [
"docker"
],
"matchUpdateTypes": [
"minor",
"patch"
]
}, },
{ {
"addLabels": [ "addLabels": [ "renovate/automerge", "renovate/npm" ],
"renovate/automerge",
"renovate/documentation"
],
"automerge": true, "automerge": true,
"matchDepNames": [ "matchPackageNames": [ "markdownlint-cli", "@bitnami/readme-generator-for-helm" ],
"volker.raschek/prometheus-postgres-exporter" "matchManagers": [ "npm" ],
"matchUpdateTypes": [ "minor", "patch"]
}
], ],
"matchUpdateTypes": [ "rebaseLabel": "renovate/rebase",
"major", "rebaseWhen": "behind-base-branch"
"minor",
"patch"
]
}
]
} }

11
templates/prometheus-postgres-exporter/_deployment.tpl
View File

@ -9,17 +9,6 @@
{{- end }} {{- end }}
{{- end }} {{- end }}
{{/* env */}}
{{- define "prometheus-postgres-exporter.deployment.env" -}}
{{- $env := dict "env" (.Values.deployment.postgresExporter.env | default (list) ) }}
{{- if and (hasKey .Values.deployment.postgresExporter.resources "limits") (hasKey .Values.deployment.postgresExporter.resources.limits "cpu") }}
{{- $env = merge $env (dict "env" (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu"))))) }}
{{- end }}
{{ toYaml $env }}
{{- end -}}
{{/* envFrom */}} {{/* envFrom */}}
{{- define "prometheus-postgres-exporter.deployment.envFrom" -}} {{- define "prometheus-postgres-exporter.deployment.envFrom" -}}

19
templates/prometheus-postgres-exporter/_networkPolicies.tpl
View File

@ -1,19 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-postgres-exporter.networkPolicies.annotations" -}}
{{ include "prometheus-postgres-exporter.annotations" .context }}
{{- if .networkPolicy.annotations }}
{{ toYaml .networkPolicy.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-postgres-exporter.networkPolicies.labels" -}}
{{ include "prometheus-postgres-exporter.labels" .context }}
{{- if .networkPolicy.labels }}
{{ toYaml .networkPolicy.labels }}
{{- end }}
{{- end }}

9
templates/prometheus-postgres-exporter/deployment.yaml
View File

@ -34,10 +34,9 @@ spec:
{{- range .Values.deployment.postgresExporter.args }} {{- range .Values.deployment.postgresExporter.args }}
- {{ . | quote }} - {{ . | quote }}
{{- end }} {{- end }}
{{- $env := (include "prometheus-postgres-exporter.deployment.env" . | fromYaml) }} {{- with .Values.deployment.postgresExporter.env }}
{{- if and (hasKey $env "env") (gt (len $env.env) 0) }}
env: env:
{{- toYaml $env.env | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- $envFrom := (include "prometheus-postgres-exporter.deployment.envFrom" . | fromYaml) }} {{- $envFrom := (include "prometheus-postgres-exporter.deployment.envFrom" . | fromYaml) }}
{{- if hasKey $envFrom "envFrom" }} {{- if hasKey $envFrom "envFrom" }}
@ -126,7 +125,3 @@ spec:
volumes: volumes:
{{- toYaml $volumes.volumes | nindent 6 }} {{- toYaml $volumes.volumes | nindent 6 }}
{{- end }} {{- end }}
{{- with .Values.deployment.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}

36
templates/prometheus-postgres-exporter/networkPolicies.yaml
View File

@ -1,36 +0,0 @@
{{- if .Values.networkPolicies.enabled }}
{{- range $key, $value := .Values.networkPolicies -}}
{{- if and (not (eq $key "enabled")) $value.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
{{- with (include "prometheus-postgres-exporter.networkPolicies.annotations" (dict "networkPolicy" $value "context" $) | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-postgres-exporter.networkPolicies.labels" (dict "networkPolicy" $value "context" $) | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ printf "%s-%s" (include "prometheus-postgres-exporter.fullname" $ ) $key }}
namespace: {{ $.Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "prometheus-postgres-exporter.pod.selectorLabels" $ | nindent 6 }}
{{- with $value.policyTypes }}
policyTypes:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.egress }}
egress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with $value.ingress }}
ingress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

15
unittests/deployment/deployment.yaml
View File

@ -95,13 +95,6 @@ tests:
path: spec.template.spec.tolerations path: spec.template.spec.tolerations
- notExists: - notExists:
path: spec.template.spec.topologySpreadConstraints path: spec.template.spec.topologySpreadConstraints
- equal:
path: spec.strategy
value:
type: "RollingUpdate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
- it: Test custom replicas - it: Test custom replicas
set: set:
@ -234,14 +227,6 @@ tests:
cpu: 25m cpu: 25m
memory: 100MB memory: 100MB
asserts: asserts:
- equal:
path: spec.template.spec.containers[0].env
value:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
- equal: - equal:
path: spec.template.spec.containers[0].resources path: spec.template.spec.containers[0].resources
value: value:

118
unittests/networkPolicies/default.yaml
View File

@ -1,118 +0,0 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: NetworkPolicies template (basic)
release:
name: prometheus-postgres-exporter-unittest
namespace: testing
templates:
- templates/prometheus-postgres-exporter/networkPolicies.yaml
tests:
- it: Skip networkPolicies in general disabled.
set:
networkPolicies.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Skip networkPolicy 'default' when disabled.
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Loop over networkPolicies
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
networkPolicies.nginx.enabled: true
networkPolicies.prometheus.enabled: true
asserts:
- hasDocuments:
count: 2
- it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
name: prometheus-postgres-exporter-unittest-default
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: prometheus-postgres-exporter
app.kubernetes.io/version: 0.1.0
helm.sh/chart: prometheus-postgres-exporter-0.1.0
- equal:
path: spec.podSelector.matchLabels
value:
app.kubernetes.io/instance: prometheus-postgres-exporter-unittest
app.kubernetes.io/name: prometheus-postgres-exporter
- notExists:
path: spec.policyTypes
- notExists:
path: spec.egress
- notExists:
path: spec.ingress
- it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
networkPolicies.default.policyTypes:
- Egress
- Ingress
networkPolicies.default.ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
networkPolicies.default.egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
asserts:
- equal:
path: spec.policyTypes
value:
- Egress
- Ingress
- equal:
path: spec.egress
value:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
- equal:
path: spec.ingress
value:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus

96
values.yaml
View File

@ -93,22 +93,6 @@ deployment:
## @param deployment.affinity Affinity for the postgres-exporter deployment. ## @param deployment.affinity Affinity for the postgres-exporter deployment.
affinity: {} affinity: {}
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/os
# operator: In
# values:
# - linux
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 20
# preference:
# matchExpressions:
# - key: kubernetes.io/arch
# operator: In
# values:
# - amd64
## @param deployment.initContainers List of additional init containers. ## @param deployment.initContainers List of additional init containers.
initContainers: [] initContainers: []
@ -224,11 +208,11 @@ deployment:
securityContext: {} securityContext: {}
# fsGroup: 2000 # fsGroup: 2000
## @param deployment.strategy.type Strategy type - `Recreate` or `RollingUpdate`. ## @param deployment.strategy.type Strategy type - `Recreate` or `Rollingupdate`.
## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. ## @param deployment.strategy.rollingUpdate.maxSurge The maximum number of pods that can be scheduled above the desired number of pods during a rolling update.
## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update. ## @param deployment.strategy.rollingUpdate.maxUnavailable The maximum number of pods that can be unavailable during a rolling update.
strategy: strategy:
type: "RollingUpdate" type: "Recreate"
rollingUpdate: rollingUpdate:
maxSurge: 1 maxSurge: 1
maxUnavailable: 1 maxUnavailable: 1
@ -266,7 +250,7 @@ grafana:
enabled: false enabled: false
## @param grafana.dashboardDiscoveryLabels Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment. ## @param grafana.dashboardDiscoveryLabels Labels that Grafana uses to discover resources. The labels may vary depending on the Grafana deployment.
## @skip grafana.dashboardDiscoveryLabels Skip individual configuration. ## @skip grafana.dashboardDiscoveryLabels
dashboardDiscoveryLabels: dashboardDiscoveryLabels:
grafana_dashboard: "1" grafana_dashboard: "1"
@ -311,77 +295,9 @@ podDisruptionBudget: {}
# maxUnavailable: 1 # maxUnavailable: 1
# minAvailable: 1 # minAvailable: 1
## @section NetworkPolicies ## @section Network
## @param networkPolicies.enabled Enable network policies in general. ## @param networkPolicies Deploy network policies based on the used container network interface (CNI) implementation - like calico or weave.
networkPolicies: networkPolicies: {}
enabled: false
## @param networkPolicies.default.enabled Enable the network policy for accessing the application by default. For example to scape the metrics.
## @param networkPolicies.default.annotations Additional network policy annotations.
## @param networkPolicies.default.labels Additional network policy labels.
## @param networkPolicies.default.policyTypes List of policy types. Supported is ingress, egress or ingress and egress.
## @param networkPolicies.default.egress Concrete egress network policy implementation.
## @skip networkPolicies.default.egress Skip individual egress configuration.
## @param networkPolicies.default.ingress Concrete ingress network policy implementation.
## @skip networkPolicies.default.ingress Skip individual ingress configuration.
default:
enabled: false
annotations: {}
labels: {}
policyTypes: []
# - Egress
# - Ingress
egress: []
# Allow outgoing traffic to database host
#
# - to:
# - ipBlock:
# cidr: 192.168.179.1/32
# ports:
# - port: 5432
# protocol: TCP
# Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns.
#
# - to:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: kube-system
# podSelector:
# matchLabels:
# k8s-app: kube-dns
# ports:
# - port: 53
# protocol: TCP
# - port: 53
# protocol: UDP
ingress: []
# Allow incoming HTTP traffic from prometheus.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: monitoring
# podSelector:
# matchLabels:
# app.kubernetes.io/name: prometheus
# ports:
# - port: http
# protocol: TCP
# Allow incoming HTTP traffic from ingress-nginx.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: ingress-nginx
# podSelector:
# matchLabels:
# app.kubernetes.io/name: ingress-nginx
# ports:
# - port: http
# protocol: TCP
## @section Prometheus ## @section Prometheus
prometheus: prometheus: