kyma-project · jeffreylimnardy · Mar 11, 2026 · Mar 11, 2026 · Mar 12, 2026 · Mar 12, 2026
@@ -50,4 +50,9 @@ telemetry-manager-experimental.yaml
 # The default Telemetry CR which is installed by the lifecycle-manager
 telemetry-default-cr.yaml
 dependencies/sample-app/vendor
+dependencies/mock-backend/mock-backend
 .vscode
+
+# PR review loop (Claude skill) — local reviewer/implementer hand-off; never commit
+.pr-review-loop/
+review-loop.diff
@@ -6,6 +6,10 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 Telemetry Manager is a Kubernetes operator (built with Kubebuilder) that manages telemetry pipelines for logs, traces, and metrics in Kyma clusters. It deploys and configures OpenTelemetry Collectors and Fluent Bit agents based on user-defined pipeline CRDs.
 
+## Agent skills (Claude Code)
+
+Project skills live under **`.claude/skills/`** — e.g. **`.claude/skills/e2e/SKILL.md`** (local E2E runs) and **`.claude/skills/pr-review-loop/SKILL.md`** (merge-base/GitHub PR context, **`.pr-review-loop/*.md`** hand-off, implementer commits, loop until approved).
+
 ## Common Commands
 
 ### Build and Development
@@ -116,6 +120,36 @@ make update-golden-files  # Update golden files for config builder tests
 
 The `.env` file contains default image versions and configuration. Key environment variables for the manager are defined in `main.go` (envConfig struct).
 
+## PR Title Convention
+
+PR titles must follow the [Conventional Commits](https://www.conventionalcommits.org/) format, enforced by the `amannn/action-semantic-pull-request` GitHub Action.
+
+**Format:** `<type>: <subject>` or `<type>(<scope>): <subject>`
+
+**Allowed types:** `deps`, `chore`, `docs`, `feat`, `fix`, `test`
+
+**Rules:**
+- The subject (text after the colon) must **not** start with an uppercase character
+- Scopes are optional (`requireScope: false`)
+
+**Examples:**
+```
+feat: add retry logic to log pipeline reconciler
+fix: resolve race condition in metric exporter
+docs: update architecture diagrams
+chore: bump Go version to 1.23
+test: add e2e tests for trace pipeline validation
+deps: update controller-runtime to v0.19
+feat(metrics): support histogram aggregation
+```
+
+**Label mapping:** The PR title prefix automatically sets a `kind/` label:
+- `fix` → `kind/bug`
+- `feat` → `kind/feature`
+- `docs` → `kind/docs`
+- `chore` → `kind/chore`
+- `test` → `kind/test`
+
 ## Documentation Guidelines
 
 When adding, updating, or removing any documentation inside the `docs/` folder, you must always follow the guidelines in [docs/claude-docs.md](docs/CLAUDE.md).
@@ -24,6 +24,7 @@ const (
 	SelfMonitorImage                 = "{{ .ENV_SELFMONITOR_IMAGE }}"
 	SelfMonitorFIPSImage             = "{{ .ENV_SELFMONITOR_FIPS_IMAGE }}"
 	FaultBackendImage                = "{{ .ENV_FAULT_BACKEND_IMAGE }}"
+	AlpineImage                      = "{{ .ENV_ALPINE_IMAGE }}"
 )
 `,
 }

@@ -284,6 +284,14 @@ rules:
       - get
       - list
       - watch
+  - apiGroups:
+      - discovery.k8s.io
+    resources:
+      - endpointslices
+    verbs:
+      - get
+      - list
+      - watch
 
   ################################
   # Policy rules for trace-gateway

@@ -37,9 +37,9 @@ const (
 
 var (
 	storageVolumeSize = resource.MustParse("1000Mi")
-	cpuRequest        = resource.MustParse("10m")
-	memoryRequest     = resource.MustParse("50Mi")
-	memoryLimit       = resource.MustParse("180Mi")
+	cpuRequest        = resource.MustParse("50m")
+	memoryRequest     = resource.MustParse("100Mi")
+	memoryLimit       = resource.MustParse("300Mi")
 )
 
 type ApplierDeleter struct {
@@ -164,6 +164,11 @@ func (ad *ApplierDeleter) makeRole() *rbacv1.Role {
 				Resources: []string{"services", "endpoints", "pods"},
 				Verbs:     []string{"get", "list", "watch"},
 			},
+			{
+				APIGroups: []string{"discovery.k8s.io"},
+				Resources: []string{"endpointslices"},
+				Verbs:     []string{"get", "list", "watch"},
+			},
 		},
 	}
 

@@ -90,7 +90,7 @@ spec:
         - --log.format=json
         env:
         - name: GOMEMLIMIT
-          value: "150994880"
+          value: "251658240"
         livenessProbe:
           failureThreshold: 5
           httpGet:
@@ -113,10 +113,10 @@ spec:
           timeoutSeconds: 3
         resources:
           limits:
-            memory: 180Mi
+            memory: 300Mi
           requests:
-            cpu: 10m
-            memory: 50Mi
+            cpu: 50m
+            memory: 100Mi
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -262,6 +262,14 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - discovery.k8s.io
+  resources:
+  - endpointslices
+  verbs:
+  - get
+  - list
+  - watch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding

@@ -58,7 +58,8 @@ type KubernetesDiscoveryConfig struct {
 type Role string
 
 const (
-	RoleEndpoints Role = "endpoints"
+	RoleEndpoints     Role = "endpoints"
+	RoleEndpointSlice Role = "endpointslice"
 )
 
 type RelabelConfig struct {

@@ -61,7 +61,7 @@ func makeScrapeConfig(scrapeNamespace string) []ScrapeConfig {
 					Regex:        "true",
 				},
 				{
-					SourceLabels: []string{"__meta_kubernetes_endpoints_label_telemetry_kyma_project_io_self_monitor"},
+					SourceLabels: []string{"__meta_kubernetes_service_label_telemetry_kyma_project_io_self_monitor"},
 					Action:       Keep,
 					Regex:        "enabled",
 				},
@@ -89,7 +89,7 @@ func makeScrapeConfig(scrapeNamespace string) []ScrapeConfig {
 					TargetLabel:  "service",
 				},
 				{
-					SourceLabels: []string{"__meta_kubernetes_pod_node_name"},
+					SourceLabels: []string{"__meta_kubernetes_endpointslice_endpoint_node_name"},
 					Action:       Replace,
 					TargetLabel:  "node",
 				},
@@ -118,7 +118,7 @@ func makeScrapeConfig(scrapeNamespace string) []ScrapeConfig {
 				},
 			},
 			KubernetesDiscoveryConfigs: []KubernetesDiscoveryConfig{{
-				Role:       RoleEndpoints,
+				Role:       RoleEndpointSlice,
 				Namespaces: Names{Name: []string{scrapeNamespace}},
 			}},
 		},

@@ -20,7 +20,7 @@ scrape_configs:
         - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
           regex: "true"
           action: keep
-        - source_labels: [__meta_kubernetes_endpoints_label_telemetry_kyma_project_io_self_monitor]
+        - source_labels: [__meta_kubernetes_service_label_telemetry_kyma_project_io_self_monitor]
           regex: enabled
           action: keep
         - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
@@ -38,7 +38,7 @@ scrape_configs:
         - source_labels: [__meta_kubernetes_service_name]
           target_label: service
           action: replace
-        - source_labels: [__meta_kubernetes_pod_node_name]
+        - source_labels: [__meta_kubernetes_endpointslice_endpoint_node_name]
           target_label: node
           action: replace
       metric_relabel_configs:
@@ -54,7 +54,7 @@ scrape_configs:
           target_label: pipeline_name
           action: replace
       kubernetes_sd_configs:
-        - role: endpoints
+        - role: endpointslice
           namespaces:
             names:
                 - kyma-system