diff --git a/go.mod b/go.mod index 19bd1ef09..d80681c2b 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/onsi/ginkgo/v2 v2.26.0 github.com/onsi/gomega v1.38.2 github.com/openshift/api v0.0.0-20250707164913-2cd5821c9080 - github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0 + github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.86.0 github.com/prometheus/common v0.66.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.11.1 @@ -26,7 +26,7 @@ require ( k8s.io/apimachinery v0.34.1 k8s.io/client-go v0.34.1 k8s.io/kube-aggregator v0.34.1 - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 sigs.k8s.io/controller-runtime v0.22.3 sigs.k8s.io/yaml v1.6.0 ) @@ -90,7 +90,7 @@ require ( go.opentelemetry.io/proto/otlp v1.7.0 // indirect go.uber.org/automaxprocs v1.6.0 // indirect go.uber.org/multierr v1.11.0 // indirect - go.yaml.in/yaml/v2 v2.4.2 // indirect + go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect golang.org/x/mod v0.27.0 // indirect @@ -115,7 +115,7 @@ require ( k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect sigs.k8s.io/randfill v1.0.0 // indirect sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect ) diff --git a/go.sum b/go.sum index 348004cdf..ed73bddae 100644 --- a/go.sum +++ b/go.sum @@ -138,8 +138,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0 h1:oY+F5FZFmCjCyzkHWPjVQpzvnvEB/0FP+iyzDUUlqFc= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0/go.mod h1:VB7wtBmDT6W2RJHzsvPZlBId+EnmeQA0d33fFTXvraM= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.86.0 h1:qHIsKfA2yDNx6Ch+B8sEMNy4sDq+uijCVZBscziNe+M= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.86.0/go.mod h1:nPk0OteXBkbT0CRCa2oZQL1jRLW6RJ2fuIijHypeJdk= github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= @@ -224,8 +224,8 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -316,14 +316,14 @@ k8s.io/kube-aggregator v0.34.1 h1:WNLV0dVNoFKmuyvdWLd92iDSyD/TSTjqwaPj0U9XAEU= k8s.io/kube-aggregator v0.34.1/go.mod h1:RU8j+5ERfp0h+gIvWtxRPfsa5nK7rboDm8RST8BJfYQ= k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0 h1:qPrZsv1cwQiFeieFlRqT627fVZ+tyfou/+S5S0H5ua0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.22.3 h1:I7mfqz/a/WdmDCEnXmSPm8/b/yRTy6JsKKENTijTq8Y= sigs.k8s.io/controller-runtime v0.22.3/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg= +sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco= diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go index 25736ce92..e467c2bfa 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/resource.go @@ -22,9 +22,15 @@ const ( PrometheusesKind = "Prometheus" PrometheusName = "prometheuses" + PrometheusAgentsKind = "PrometheusAgent" + PrometheusAgentName = "prometheusagents" + AlertmanagersKind = "Alertmanager" AlertmanagerName = "alertmanagers" + AlertmanagerConfigsKind = "AlertmanagerConfig" + AlertmanagerConfigName = "alertmanagerconfigs" + ServiceMonitorsKind = "ServiceMonitor" ServiceMonitorName = "servicemonitors" @@ -39,22 +45,51 @@ const ( ScrapeConfigsKind = "ScrapeConfig" ScrapeConfigName = "scrapeconfigs" + + ThanosRulersKind = "ThanosRuler" + ThanosRulerName = "thanosrulers" ) var resourceToKindMap = map[string]string{ - PrometheusName: PrometheusesKind, - AlertmanagerName: AlertmanagersKind, - ServiceMonitorName: ServiceMonitorsKind, - PodMonitorName: PodMonitorsKind, - PrometheusRuleName: PrometheusRuleKind, - ProbeName: ProbesKind, - ScrapeConfigName: ScrapeConfigsKind, + PrometheusName: PrometheusesKind, + PrometheusAgentName: PrometheusAgentsKind, + AlertmanagerName: AlertmanagersKind, + AlertmanagerConfigName: AlertmanagerConfigsKind, + ServiceMonitorName: ServiceMonitorsKind, + PodMonitorName: PodMonitorsKind, + PrometheusRuleName: PrometheusRuleKind, + ProbeName: ProbesKind, + ScrapeConfigName: ScrapeConfigsKind, + ThanosRulerName: ThanosRulersKind, +} + +var kindToResource = map[string]string{ + PrometheusesKind: PrometheusName, + PrometheusAgentsKind: PrometheusAgentName, + AlertmanagersKind: AlertmanagerName, + AlertmanagerConfigsKind: AlertmanagerConfigName, + ServiceMonitorsKind: ServiceMonitorName, + PodMonitorsKind: PodMonitorName, + PrometheusRuleKind: PrometheusRuleName, + ProbesKind: ProbeName, + ScrapeConfigsKind: ScrapeConfigName, + ThanosRulersKind: ThanosRulerName, +} + +// KindToResource returns the resource name corresponding to the given kind. +func KindToResource(k string) string { + kind, found := kindToResource[k] + if !found { + panic(fmt.Sprintf("failed to map kind %q to a resource name", k)) + } + return kind } -func ResourceToKind(s string) string { - kind, found := resourceToKindMap[s] +// ResourceToKind returns the kind corresponding to the given resource name. +func ResourceToKind(r string) string { + kind, found := resourceToKindMap[r] if !found { - panic(fmt.Sprintf("failed to map resource %q to a kind", s)) + panic(fmt.Sprintf("failed to map resource %q to a kind", r)) } return kind } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go index 1eb6b0227..29de79728 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go @@ -48,14 +48,20 @@ const ( // // The resource defines via label and namespace selectors which `AlertmanagerConfig` objects should be associated to the deployed Alertmanager instances. type Alertmanager struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + // +optional + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of the desired behavior of the Alertmanager cluster. More info: + // spec defines the specification of the desired behavior of the Alertmanager cluster. More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +required Spec AlertmanagerSpec `json:"spec"` - // Most recent observed status of the Alertmanager cluster. Read-only. + // status defines the most recent observed status of the Alertmanager cluster. Read-only. // More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional Status AlertmanagerStatus `json:"status,omitempty"` } @@ -68,7 +74,7 @@ func (l *Alertmanager) DeepCopyObject() runtime.Object { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type AlertmanagerSpec struct { - // PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. + // podMetadata defines labels and annotations which are propagated to the Alertmanager pods. // // The following items are reserved and cannot be overridden: // * "alertmanager" label, set to the name of the Alertmanager instance. @@ -77,45 +83,55 @@ type AlertmanagerSpec struct { // * "app.kubernetes.io/name" label, set to "alertmanager". // * "app.kubernetes.io/version" label, set to the Alertmanager version. // * "kubectl.kubernetes.io/default-container" annotation, set to "alertmanager". + // +optional PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` - // Image if specified has precedence over baseImage, tag and sha + // image if specified has precedence over baseImage, tag and sha // combinations. Specifying the version is still necessary to ensure the // Prometheus Operator knows what version of Alertmanager is being // configured. + // +optional Image *string `json:"image,omitempty"` - // Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. + // imagePullPolicy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. // See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. // +kubebuilder:validation:Enum="";Always;Never;IfNotPresent + // +optional ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` - // Version the cluster should be on. + // version the cluster should be on. + // +optional Version string `json:"version,omitempty"` - // Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. + // tag of Alertmanager container image to be deployed. Defaults to the value of `version`. // Version is ignored if Tag is set. // Deprecated: use 'image' instead. The image tag can be specified as part of the image URL. + // +optional Tag string `json:"tag,omitempty"` - // SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. + // sha of Alertmanager container image to be deployed. Defaults to the value of `version`. // Similar to a tag, but the SHA explicitly deploys an immutable container image. // Version and Tag are ignored if SHA is set. // Deprecated: use 'image' instead. The image digest can be specified as part of the image URL. + // +optional SHA string `json:"sha,omitempty"` - // Base image that is used to deploy pods, without tag. + // baseImage that is used to deploy pods, without tag. // Deprecated: use 'image' instead. + // +optional BaseImage string `json:"baseImage,omitempty"` - // An optional list of references to secrets in the same namespace + // imagePullSecrets An optional list of references to secrets in the same namespace // to use for pulling prometheus and alertmanager images from registries // see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + // +optional ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` - // Secrets is a list of Secrets in the same namespace as the Alertmanager + // secrets is a list of Secrets in the same namespace as the Alertmanager // object, which shall be mounted into the Alertmanager Pods. // Each Secret is added to the StatefulSet definition as a volume named `secret-`. // The Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container. + // +optional Secrets []string `json:"secrets,omitempty"` - // ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager + // configMaps defines a list of ConfigMaps in the same namespace as the Alertmanager // object, which shall be mounted into the Alertmanager Pods. // Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. // The ConfigMaps are mounted into `/etc/alertmanager/configmaps/` in the 'alertmanager' container. + // +optional ConfigMaps []string `json:"configMaps,omitempty"` - // ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + // configSecret defines the name of a Kubernetes Secret in the same namespace as the // Alertmanager object, which contains the configuration for this Alertmanager // instance. If empty, it defaults to `alertmanager-`. // @@ -127,91 +143,110 @@ type AlertmanagerSpec struct { // If either the secret or the `alertmanager.yaml` key is missing, the // operator provisions a minimal Alertmanager configuration with one empty // receiver (effectively dropping alert notifications). + // +optional ConfigSecret string `json:"configSecret,omitempty"` - // Log level for Alertmanager to be configured with. + // logLevel for Alertmanager to be configured with. // +kubebuilder:validation:Enum="";debug;info;warn;error + // +optional LogLevel string `json:"logLevel,omitempty"` - // Log format for Alertmanager to be configured with. + // logFormat for Alertmanager to be configured with. // +kubebuilder:validation:Enum="";logfmt;json + // +optional LogFormat string `json:"logFormat,omitempty"` - // Size is the expected size of the alertmanager cluster. The controller will + // replicas defines the expected size of the alertmanager cluster. The controller will // eventually make the size of the running cluster equal to the expected // size. + // +optional Replicas *int32 `json:"replicas,omitempty"` - // Time duration Alertmanager shall retain data for. Default is '120h', + // retention defines the time duration Alertmanager shall retain data for. Default is '120h', // and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). // +kubebuilder:default:="120h" + // +optional Retention GoDuration `json:"retention,omitempty"` - // Storage is the definition of how storage will be used by the Alertmanager + // storage defines the definition of how storage will be used by the Alertmanager // instances. + // +optional Storage *StorageSpec `json:"storage,omitempty"` - // Volumes allows configuration of additional volumes on the output StatefulSet definition. + // volumes allows configuration of additional volumes on the output StatefulSet definition. // Volumes specified will be appended to other volumes that are generated as a result of // StorageSpec objects. + // +optional Volumes []v1.Volume `json:"volumes,omitempty"` - // VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + // volumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. // VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, // that are generated as a result of StorageSpec objects. + // +optional VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + // persistentVolumeClaimRetentionPolicy controls if and how PVCs are deleted during the lifecycle of a StatefulSet. // The default behavior is all PVCs are retained. // This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. // It requires enabling the StatefulSetAutoDeletePVC feature gate. // // +optional PersistentVolumeClaimRetentionPolicy *appsv1.StatefulSetPersistentVolumeClaimRetentionPolicy `json:"persistentVolumeClaimRetentionPolicy,omitempty"` - // The external URL the Alertmanager instances will be available under. This is + // externalUrl defines the URL used to access the Alertmanager web service. This is // necessary to generate correct URLs. This is necessary if Alertmanager is not // served from root of a DNS name. + // +optional ExternalURL string `json:"externalUrl,omitempty"` - // The route prefix Alertmanager registers HTTP handlers for. This is useful, + // routePrefix Alertmanager registers HTTP handlers for. This is useful, // if using ExternalURL and a proxy is rewriting HTTP routes of a request, // and the actual ExternalURL is still true, but the server serves requests // under a different route prefix. For example for use with `kubectl proxy`. + // +optional RoutePrefix string `json:"routePrefix,omitempty"` - // If set to true all actions on the underlying managed objects are not + // paused if set to true all actions on the underlying managed objects are not // going to be performed, except for delete actions. + // +optional Paused bool `json:"paused,omitempty"` - // Define which Nodes the Pods are scheduled on. + // nodeSelector defines which Nodes the Pods are scheduled on. + // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // Define resources requests and limits for single Pods. + // resources defines the resource requests and limits of the Pods. + // +optional Resources v1.ResourceRequirements `json:"resources,omitempty"` - // If specified, the pod's scheduling constraints. + // affinity defines the pod's scheduling constraints. + // +optional Affinity *v1.Affinity `json:"affinity,omitempty"` - // If specified, the pod's tolerations. + // tolerations defines the pod's tolerations. + // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // If specified, the pod's topology spread constraints. + // topologySpreadConstraints defines the Pod's topology spread constraints. + // +optional TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // SecurityContext holds pod-level security attributes and common container settings. + // securityContext holds pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. + // +optional SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` - // Defines the DNS policy for the pods. + // dnsPolicy defines the DNS policy for the pods. // // +optional DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` - // Defines the DNS configuration for the pods. + // dnsConfig defines the DNS configuration for the pods. // // +optional DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` - // Indicates whether information about services should be injected into pod's environment variables + // enableServiceLinks defines whether information about services should be injected into pod's environment variables // +optional EnableServiceLinks *bool `json:"enableServiceLinks,omitempty"` - // The name of the service name used by the underlying StatefulSet(s) as the governing service. + // serviceName defines the service name used by the underlying StatefulSet(s) as the governing service. // If defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels. - // If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alermanager resources. + // If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alertmanager resources. // When deploying multiple Alertmanager resources in the same namespace, it is recommended to specify a different value for each. // See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. // +optional // +kubebuilder:validation:MinLength=1 ServiceName *string `json:"serviceName,omitempty"` - // ServiceAccountName is the name of the ServiceAccount to use to run the + // serviceAccountName is the name of the ServiceAccount to use to run the // Prometheus Pods. + // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` - // ListenLocal makes the Alertmanager server listen on loopback, so that it + // listenLocal defines the Alertmanager server listen on loopback, so that it // does not bind against the Pod IP. Note this is only for the Alertmanager // UI, not the gossip communication. + // +optional ListenLocal bool `json:"listenLocal,omitempty"` - // Containers allows injecting additional containers. This is meant to + // containers allows injecting additional containers. This is meant to // allow adding an authentication proxy to an Alertmanager pod. // Containers described here modify an operator generated container if they // share the same name and modifications are done via a strategic merge @@ -219,8 +254,9 @@ type AlertmanagerSpec struct { // `config-reloader`. Overriding containers is entirely outside the scope // of what the maintainers will support and by doing so, you accept that // this behaviour may break at any time without notice. + // +optional Containers []v1.Container `json:"containers,omitempty"` - // InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + // initContainers allows adding initContainers to the pod definition. Those can be used to e.g. // fetch secrets for injection into the Alertmanager configuration from external sources. Any // errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ // InitContainers described here modify an operator @@ -229,42 +265,55 @@ type AlertmanagerSpec struct { // `init-config-reloader`. Overriding init containers is entirely outside the // scope of what the maintainers will support and by doing so, you accept that // this behaviour may break at any time without notice. + // +optional InitContainers []v1.Container `json:"initContainers,omitempty"` - // Priority class assigned to the Pods + // priorityClassName assigned to the Pods + // +optional PriorityClassName string `json:"priorityClassName,omitempty"` - // AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. + // additionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. + // +optional AdditionalPeers []string `json:"additionalPeers,omitempty"` - // ClusterAdvertiseAddress is the explicit address to advertise in cluster. + // clusterAdvertiseAddress defines the explicit address to advertise in cluster. // Needs to be provided for non RFC1918 [1] (public) addresses. // [1] RFC1918: https://tools.ietf.org/html/rfc1918 + // +optional ClusterAdvertiseAddress string `json:"clusterAdvertiseAddress,omitempty"` - // Interval between gossip attempts. + // clusterGossipInterval defines the interval between gossip attempts. + // +optional ClusterGossipInterval GoDuration `json:"clusterGossipInterval,omitempty"` - // Defines the identifier that uniquely identifies the Alertmanager cluster. + // clusterLabel defines the identifier that uniquely identifies the Alertmanager cluster. // You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the `.spec.additionalPeers` field. + // +optional ClusterLabel *string `json:"clusterLabel,omitempty"` - // Interval between pushpull attempts. + // clusterPushpullInterval defines the interval between pushpull attempts. + // +optional ClusterPushpullInterval GoDuration `json:"clusterPushpullInterval,omitempty"` - // Timeout for cluster peering. + // clusterPeerTimeout defines the timeout for cluster peering. + // +optional ClusterPeerTimeout GoDuration `json:"clusterPeerTimeout,omitempty"` - // Port name used for the pods and governing service. + // portName defines the port's name for the pods and governing service. // Defaults to `web`. // +kubebuilder:default:="web" + // +optional PortName string `json:"portName,omitempty"` - // ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. + // forceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. // Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. + // +optional ForceEnableClusterMode bool `json:"forceEnableClusterMode,omitempty"` - // AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. + // alertmanagerConfigSelector defines the selector to be used for to merge and configure Alertmanager with. + // +optional AlertmanagerConfigSelector *metav1.LabelSelector `json:"alertmanagerConfigSelector,omitempty"` - // Namespaces to be selected for AlertmanagerConfig discovery. If nil, only + // alertmanagerConfigNamespaceSelector defines the namespaces to be selected for AlertmanagerConfig discovery. If nil, only // check own namespace. + // +optional AlertmanagerConfigNamespaceSelector *metav1.LabelSelector `json:"alertmanagerConfigNamespaceSelector,omitempty"` - // AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects + // alertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects // process incoming alerts. + // +optional AlertmanagerConfigMatcherStrategy AlertmanagerConfigMatcherStrategy `json:"alertmanagerConfigMatcherStrategy,omitempty"` - // Minimum number of seconds for which a newly created pod should be ready + // minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready // without any of its container crashing for it to be considered available. // // If unset, pods will be considered available as soon as they are ready. @@ -272,33 +321,36 @@ type AlertmanagerSpec struct { // +kubebuilder:validation:Minimum:=0 // +optional MinReadySeconds *int32 `json:"minReadySeconds,omitempty"` - // Pods' hostAliases configuration + // hostAliases Pods configuration // +listType=map // +listMapKey=ip + // +optional HostAliases []HostAlias `json:"hostAliases,omitempty"` - // Defines the web command line flags when starting Alertmanager. + // web defines the web command line flags when starting Alertmanager. + // +optional Web *AlertmanagerWebSpec `json:"web,omitempty"` - // Defines the limits command line flags when starting Alertmanager. + // limits defines the limits command line flags when starting Alertmanager. + // +optional Limits *AlertmanagerLimitsSpec `json:"limits,omitempty"` - // Configures the mutual TLS configuration for the Alertmanager cluster's gossip protocol. + // clusterTLS defines the mutual TLS configuration for the Alertmanager cluster's gossip protocol. // // It requires Alertmanager >= 0.24.0. - //+optional + // +optional ClusterTLS *ClusterTLSConfig `json:"clusterTLS,omitempty"` - // alertmanagerConfiguration specifies the configuration of Alertmanager. + // alertmanagerConfiguration defines the configuration of Alertmanager. // // If defined, it takes precedence over the `configSecret` field. // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. // - //+optional + // +optional AlertmanagerConfiguration *AlertmanagerConfiguration `json:"alertmanagerConfiguration,omitempty"` - // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + // automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. // If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials. // +optional AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty"` - // Enable access to Alertmanager feature flags. By default, no features are enabled. + // enableFeatures defines the Alertmanager's feature flags. By default, no features are enabled. // Enabling features which are disabled by default is entirely outside the // scope of what the maintainers will support and by doing so, you accept // that this behaviour may break at any time without notice. @@ -306,7 +358,7 @@ type AlertmanagerSpec struct { // It requires Alertmanager >= 0.27.0. // +optional EnableFeatures []string `json:"enableFeatures,omitempty"` - // AdditionalArgs allows setting additional arguments for the 'Alertmanager' container. + // additionalArgs allows setting additional arguments for the 'Alertmanager' container. // It is intended for e.g. activating hidden flags which are not supported by // the dedicated configuration options yet. The arguments are passed as-is to the // Alertmanager container which may cause issues if they are invalid or not supported @@ -314,7 +366,7 @@ type AlertmanagerSpec struct { // +optional AdditionalArgs []Argument `json:"additionalArgs,omitempty"` - // Optional duration in seconds the pod needs to terminate gracefully. + // terminationGracePeriodSeconds defines the Optional duration in seconds the pod needs to terminate gracefully. // Value must be non-negative integer. The value zero indicates stop immediately via // the kill signal (no opportunity to shut down) which may lead to data corruption. // @@ -324,7 +376,7 @@ type AlertmanagerSpec struct { // +optional TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` - // HostUsers supports the user space in Kubernetes. + // hostUsers supports the user space in Kubernetes. // // More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ // @@ -337,7 +389,7 @@ type AlertmanagerSpec struct { } type AlertmanagerConfigMatcherStrategy struct { - // AlertmanagerConfigMatcherStrategyType defines the strategy used by + // type defines the strategy used by // AlertmanagerConfig objects to match alerts in the routes and inhibition // rules. // @@ -345,6 +397,7 @@ type AlertmanagerConfigMatcherStrategy struct { // // +kubebuilder:validation:Enum="OnNamespace";"OnNamespaceExceptForAlertmanagerNamespace";"None" // +kubebuilder:default:="OnNamespace" + // +optional Type AlertmanagerConfigMatcherStrategyType `json:"type,omitempty"` } @@ -362,7 +415,7 @@ const ( // is in the same namespace as the Alertmanager object, where it will process all alerts. OnNamespaceExceptForAlertmanagerNamespaceConfigMatcherStrategyType AlertmanagerConfigMatcherStrategyType = "OnNamespaceExceptForAlertmanagerNamespace" - // With `None`, the route and inhbition rules of an AlertmanagerConfig + // With `None`, the route and inhibition rules of an AlertmanagerConfig // object process all incoming alerts. NoneConfigMatcherStrategyType AlertmanagerConfigMatcherStrategyType = "None" ) @@ -370,15 +423,16 @@ const ( // AlertmanagerConfiguration defines the Alertmanager configuration. // +k8s:openapi-gen=true type AlertmanagerConfiguration struct { - // The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. + // name defines the name of the AlertmanagerConfig custom resource which is used to generate the Alertmanager configuration. // It must be defined in the same namespace as the Alertmanager object. // The operator will not enforce a `namespace` label for routes and inhibition rules. // +kubebuilder:validation:MinLength=1 + // +optional Name string `json:"name,omitempty"` - // Defines the global parameters of the Alertmanager configuration. + // global defines the global parameters of the Alertmanager configuration. // +optional Global *AlertmanagerGlobalConfig `json:"global,omitempty"` - // Custom notification templates. + // templates defines the custom notification templates. // +optional Templates []SecretOrConfigMap `json:"templates,omitempty"` } @@ -386,46 +440,57 @@ type AlertmanagerConfiguration struct { // AlertmanagerGlobalConfig configures parameters that are valid in all other configuration contexts. // See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file type AlertmanagerGlobalConfig struct { - // Configures global SMTP parameters. + // smtp defines global SMTP parameters. // +optional SMTPConfig *GlobalSMTPConfig `json:"smtp,omitempty"` - // ResolveTimeout is the default value used by alertmanager if the alert does + // resolveTimeout defines the default value used by alertmanager if the alert does // not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. // This has no impact on alerts from Prometheus, as they always include EndsAt. + // +optional ResolveTimeout Duration `json:"resolveTimeout,omitempty"` - // HTTP client configuration. + // httpConfig defines the default HTTP configuration. + // +optional HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"` - // The default Slack API URL. + // slackApiUrl defines the default Slack API URL. + // +optional SlackAPIURL *v1.SecretKeySelector `json:"slackApiUrl,omitempty"` - // The default OpsGenie API URL. + // opsGenieApiUrl defines the default OpsGenie API URL. + // +optional OpsGenieAPIURL *v1.SecretKeySelector `json:"opsGenieApiUrl,omitempty"` - // The default OpsGenie API Key. + // opsGenieApiKey defines the default OpsGenie API Key. + // +optional OpsGenieAPIKey *v1.SecretKeySelector `json:"opsGenieApiKey,omitempty"` - // The default Pagerduty URL. - PagerdutyURL *string `json:"pagerdutyUrl,omitempty"` + // pagerdutyUrl defines the default Pagerduty URL. + // +optional + PagerdutyURL *URL `json:"pagerdutyUrl,omitempty"` - // The default Telegram config + // telegram defines the default Telegram config + // +optional TelegramConfig *GlobalTelegramConfig `json:"telegram,omitempty"` - // The default configuration for Jira. + // jira defines the default configuration for Jira. + // +optional JiraConfig *GlobalJiraConfig `json:"jira,omitempty"` - // The default configuration for VictorOps. + // victorops defines the default configuration for VictorOps. + // +optional VictorOpsConfig *GlobalVictorOpsConfig `json:"victorops,omitempty"` - // The default configuration for Rocket Chat. + // rocketChat defines the default configuration for Rocket Chat. + // +optional RocketChatConfig *GlobalRocketChatConfig `json:"rocketChat,omitempty"` - // The default configuration for Jira. + // webex defines the default configuration for Jira. + // +optional WebexConfig *GlobalWebexConfig `json:"webex,omitempty"` - // The default WeChat Config + // wechat defines the default WeChat Config // +optional WeChatConfig *GlobalWeChatConfig `json:"wechat,omitempty"` } @@ -435,23 +500,29 @@ type AlertmanagerGlobalConfig struct { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type AlertmanagerStatus struct { - // Represents whether any actions on the underlying managed objects are + // paused defines whether any actions on the underlying managed objects are // being performed. Only delete actions will be performed. + // +optional Paused bool `json:"paused"` - // Total number of non-terminated pods targeted by this Alertmanager + // replicas defines the total number of non-terminated pods targeted by this Alertmanager // object (their labels match the selector). + // +optional Replicas int32 `json:"replicas"` - // Total number of non-terminated pods targeted by this Alertmanager + // updatedReplicas defines the total number of non-terminated pods targeted by this Alertmanager // object that have the desired version spec. + // +optional UpdatedReplicas int32 `json:"updatedReplicas"` - // Total number of available pods (ready for at least minReadySeconds) + // availableReplicas defines the total number of available pods (ready for at least minReadySeconds) // targeted by this Alertmanager cluster. + // +optional AvailableReplicas int32 `json:"availableReplicas"` - // Total number of unavailable pods targeted by this Alertmanager object. + // unavailableReplicas defines the total number of unavailable pods targeted by this Alertmanager object. + // +optional UnavailableReplicas int32 `json:"unavailableReplicas"` - // The selector used to match the pods targeted by this Alertmanager object. + // selector used to match the pods targeted by this Alertmanager object. + // +optional Selector string `json:"selector,omitempty"` - // The current state of the Alertmanager object. + // conditions defines the current state of the Alertmanager object. // +listType=map // +listMapKey=type // +optional @@ -474,11 +545,11 @@ func (a *Alertmanager) SetUnavailableReplicas(i int) { a.Status.UnavailableRepli // +k8s:openapi-gen=true type AlertmanagerWebSpec struct { WebConfigFileFields `json:",inline"` - // Maximum number of GET requests processed concurrently. This corresponds to the + // getConcurrency defines the maximum number of GET requests processed concurrently. This corresponds to the // Alertmanager's `--web.get-concurrency` flag. // +optional GetConcurrency *uint32 `json:"getConcurrency,omitempty"` - // Timeout for HTTP requests. This corresponds to the Alertmanager's + // timeout for HTTP requests. This corresponds to the Alertmanager's // `--web.timeout` flag. // +optional Timeout *uint32 `json:"timeout,omitempty"` @@ -487,14 +558,14 @@ type AlertmanagerWebSpec struct { // AlertmanagerLimitsSpec defines the limits command line flags when starting Alertmanager. // +k8s:openapi-gen=true type AlertmanagerLimitsSpec struct { - // The maximum number active and pending silences. This corresponds to the + // maxSilences defines the maximum number active and pending silences. This corresponds to the // Alertmanager's `--silences.max-silences` flag. // It requires Alertmanager >= v0.28.0. // // +kubebuilder:validation:Minimum:=0 // +optional MaxSilences *int32 `json:"maxSilences,omitempty"` - // The maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's + // maxPerSilenceBytes defines the maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's // `--silences.max-per-silence-bytes` flag. // It requires Alertmanager >= v0.28.0. // @@ -505,47 +576,47 @@ type AlertmanagerLimitsSpec struct { // GlobalSMTPConfig configures global SMTP parameters. // See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file type GlobalSMTPConfig struct { - // The default SMTP From header field. + // from defines the default SMTP From header field. // +optional From *string `json:"from,omitempty"` - // The default SMTP smarthost used for sending emails. + // smartHost defines the default SMTP smarthost used for sending emails. // +optional SmartHost *HostPort `json:"smartHost,omitempty"` - // The default hostname to identify to the SMTP server. + // hello defines the default hostname to identify to the SMTP server. // +optional Hello *string `json:"hello,omitempty"` - // SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate to the SMTP server. + // authUsername represents SMTP Auth using CRAM-MD5, LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate to the SMTP server. // +optional AuthUsername *string `json:"authUsername,omitempty"` - // SMTP Auth using LOGIN and PLAIN. + // authPassword represents SMTP Auth using LOGIN and PLAIN. // +optional AuthPassword *v1.SecretKeySelector `json:"authPassword,omitempty"` - // SMTP Auth using PLAIN + // authIdentity represents SMTP Auth using PLAIN // +optional AuthIdentity *string `json:"authIdentity,omitempty"` - // SMTP Auth using CRAM-MD5. + // authSecret represents SMTP Auth using CRAM-MD5. // +optional AuthSecret *v1.SecretKeySelector `json:"authSecret,omitempty"` - // The default SMTP TLS requirement. + // requireTLS defines the default SMTP TLS requirement. // Note that Go does not support unencrypted connections to remote SMTP endpoints. // +optional RequireTLS *bool `json:"requireTLS,omitempty"` - // The default TLS configuration for SMTP receivers + // tlsConfig defines the default TLS configuration for SMTP receivers // +optional TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` } // GlobalTelegramConfig configures global Telegram parameters. type GlobalTelegramConfig struct { - // The default Telegram API URL. + // apiURL defines he default Telegram API URL. // // It requires Alertmanager >= v0.24.0. // +optional @@ -554,7 +625,7 @@ type GlobalTelegramConfig struct { // GlobalJiraConfig configures global Jira parameters. type GlobalJiraConfig struct { - // The default Jira API URL. + // apiURL defines the default Jira API URL. // // It requires Alertmanager >= v0.28.0. // @@ -564,21 +635,21 @@ type GlobalJiraConfig struct { // GlobalRocketChatConfig configures global Rocket Chat parameters. type GlobalRocketChatConfig struct { - // The default Rocket Chat API URL. + // apiURL defines the default Rocket Chat API URL. // // It requires Alertmanager >= v0.28.0. // // +optional APIURL *URL `json:"apiURL,omitempty"` - // The default Rocket Chat token. + // token defines the default Rocket Chat token. // // It requires Alertmanager >= v0.28.0. // // +optional Token *v1.SecretKeySelector `json:"token,omitempty"` - // The default Rocket Chat Token ID. + // tokenID defines the default Rocket Chat Token ID. // // It requires Alertmanager >= v0.28.0. // @@ -589,7 +660,7 @@ type GlobalRocketChatConfig struct { // GlobalWebexConfig configures global Webex parameters. // See https://prometheus.io/docs/alerting/latest/configuration/#configuration-file type GlobalWebexConfig struct { - // The default Webex API URL. + // apiURL defines the is the default Webex API URL. // // It requires Alertmanager >= v0.25.0. // @@ -598,16 +669,16 @@ type GlobalWebexConfig struct { } type GlobalWeChatConfig struct { - // The default WeChat API URL. + // apiURL defines he default WeChat API URL. // The default value is "https://qyapi.weixin.qq.com/cgi-bin/" // +optional APIURL *URL `json:"apiURL,omitempty"` - // The default WeChat API Secret. + // apiSecret defines the default WeChat API Secret. // +optional APISecret *v1.SecretKeySelector `json:"apiSecret,omitempty"` - // The default WeChat API Corporate ID. + // apiCorpID defines the default WeChat API Corporate ID. // +optional // +kubebuilder:validation:MinLength=1 APICorpID *string `json:"apiCorpID,omitempty"` @@ -615,11 +686,11 @@ type GlobalWeChatConfig struct { // GlobalVictorOpsConfig configures global VictorOps parameters. type GlobalVictorOpsConfig struct { - // The default VictorOps API URL. + // apiURL defines the default VictorOps API URL. // // +optional APIURL *URL `json:"apiURL,omitempty"` - // The default VictorOps API Key. + // apiKey defines the default VictorOps API Key. // // +optional APIKey *v1.SecretKeySelector `json:"apiKey,omitempty"` @@ -627,51 +698,22 @@ type GlobalVictorOpsConfig struct { // HostPort represents a "host:port" network address. type HostPort struct { - // Defines the host's address, it can be a DNS name or a literal IP address. + // host defines the host's address, it can be a DNS name or a literal IP address. // +kubebuilder:validation:MinLength=1 + // +required Host string `json:"host"` - // Defines the host's port, it can be a literal port number or a port name. + // port defines the host's port, it can be a literal port number or a port name. // +kubebuilder:validation:MinLength=1 + // +required Port string `json:"port"` } -// HTTPConfig defines a client HTTP configuration. -// See https://prometheus.io/docs/alerting/latest/configuration/#http_config -type HTTPConfig struct { - // Authorization header configuration for the client. - // This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. - // +optional - Authorization *SafeAuthorization `json:"authorization,omitempty"` - // BasicAuth for the client. - // This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. - // +optional - BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // OAuth2 client credentials used to fetch a token for the targets. - // +optional - OAuth2 *OAuth2 `json:"oauth2,omitempty"` - // The secret's key that contains the bearer token to be used by the client - // for authentication. - // The secret needs to be in the same namespace as the Alertmanager - // object and accessible by the Prometheus Operator. - // +optional - BearerTokenSecret *v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` - // TLS configuration for the client. - // +optional - TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` - - ProxyConfig `json:",inline"` - - // FollowRedirects specifies whether the client should follow HTTP 3xx redirects. - // +optional - FollowRedirects *bool `json:"followRedirects,omitempty"` -} - // AlertmanagerList is a list of Alertmanagers. // +k8s:openapi-gen=true type AlertmanagerList struct { + // TypeMeta defines the versioned schema of this representation of an object. metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. metav1.ListMeta `json:"metadata,omitempty"` // List of Alertmanagers Items []Alertmanager `json:"items"` @@ -685,10 +727,10 @@ func (l *AlertmanagerList) DeepCopyObject() runtime.Object { // ClusterTLSConfig defines the mutual TLS configuration for the Alertmanager cluster TLS protocol. // +k8s:openapi-gen=true type ClusterTLSConfig struct { - // Server-side configuration for mutual TLS. + // server defines the server-side configuration for mutual TLS. // +required ServerTLS WebTLSConfig `json:"server"` - // Client-side configuration for mutual TLS. + // client defines the client-side configuration for mutual TLS. // +required ClientTLS SafeTLSConfig `json:"client"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go index a4731458b..d68b69831 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go @@ -16,25 +16,25 @@ package v1 // PodDNSConfig defines the DNS parameters of a pod in addition to // those generated from DNSPolicy. type PodDNSConfig struct { - // A list of DNS name server IP addresses. + // nameservers defines the list of DNS name server IP addresses. // This will be appended to the base nameservers generated from DNSPolicy. - // +kubebuilder:validation:Optional + // +optional // +listType:=set // +kubebuilder:validation:items:MinLength:=1 Nameservers []string `json:"nameservers,omitempty"` - // A list of DNS search domains for host-name lookup. + // searches defines the list of DNS search domains for host-name lookup. // This will be appended to the base search paths generated from DNSPolicy. - // +kubebuilder:validation:Optional + // +optional // +listType:=set // +kubebuilder:validation:items:MinLength:=1 Searches []string `json:"searches,omitempty"` - // A list of DNS resolver options. + // options defines the list of DNS resolver options. // This will be merged with the base options generated from DNSPolicy. // Resolution options given in Options // will override those that appear in the base DNSPolicy. - // +kubebuilder:validation:Optional + // +optional // +listType=map // +listMapKey=name Options []PodDNSConfigOption `json:"options,omitempty"` @@ -42,12 +42,13 @@ type PodDNSConfig struct { // PodDNSConfigOption defines DNS resolver options of a pod. type PodDNSConfigOption struct { - // Name is required and must be unique. + // name is required and must be unique. // +kubebuilder:validation:MinLength=1 + // +required Name string `json:"name"` - // Value is optional. - // +kubebuilder:validation:Optional + // value is optional. + // +optional Value *string `json:"value,omitempty"` } @@ -56,21 +57,21 @@ type PodDNSConfigOption struct { type DNSPolicy string const ( - // DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS + // DNSClusterFirstWithHostNet defines that the pod should use cluster DNS // first, if it is available, then fall back on the default // (as determined by kubelet) DNS settings. DNSClusterFirstWithHostNet DNSPolicy = "ClusterFirstWithHostNet" - // DNSClusterFirst indicates that the pod should use cluster DNS + // DNSClusterFirst defines that the pod should use cluster DNS // first unless hostNetwork is true, if it is available, then // fall back on the default (as determined by kubelet) DNS settings. DNSClusterFirst DNSPolicy = "ClusterFirst" - // DNSDefault indicates that the pod should use the default (as + // DNSDefault defines that the pod should use the default (as // determined by kubelet) DNS settings. DNSDefault DNSPolicy = "Default" - // DNSNone indicates that the pod should use empty DNS settings. DNS + // DNSNone defines that the pod should use empty DNS settings. DNS // parameters such as nameservers and search paths should be defined via // DNSConfig. DNSNone DNSPolicy = "None" diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/http_config.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/http_config.go new file mode 100644 index 000000000..3d7a0b823 --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/http_config.go @@ -0,0 +1,130 @@ +// Copyright 2018 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1 + +import ( + "errors" + "fmt" + + v1 "k8s.io/api/core/v1" +) + +// HTTPConfig defines the configuration for the HTTP client. +type HTTPConfig struct { + // authorization configures the Authorization header credentials used by + // the client. + // + // Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. + // + // +optional + Authorization *SafeAuthorization `json:"authorization,omitempty"` + + // basicAuth defines the Basic Authentication credentials used by the + // client. + // + // Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. + // + // +optional + BasicAuth *BasicAuth `json:"basicAuth,omitempty"` + + // oauth2 defines the OAuth2 settings used by the client. + // + // It requires Prometheus >= 2.27.0. + // + // Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. + // + // +optional + OAuth2 *OAuth2 `json:"oauth2,omitempty"` + + // bearerTokenSecret defines a key of a Secret containing the bearer token + // used by the client for authentication. The secret needs to be in the + // same namespace as the custom resource and readable by the Prometheus + // Operator. + // + // Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. + // + // +optional + // + // Deprecated: use `authorization` instead. + BearerTokenSecret *v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` + + // tlsConfig defines the TLS configuration used by the client. + // + // +optional + TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` + + ProxyConfig `json:",inline"` + + // followRedirects defines whether the client should follow HTTP 3xx + // redirects. + // + // +optional + FollowRedirects *bool `json:"followRedirects,omitempty"` + + // enableHttp2 can be used to disable HTTP2. + // + // +optional + EnableHTTP2 *bool `json:"enableHttp2,omitempty"` +} + +// Validate semantically validates the given HTTPConfig. +func (hc *HTTPConfig) Validate() error { + if hc == nil { + return nil + } + + // Check duplicate authentication methods. + switch { + case hc.Authorization != nil: + switch { + case hc.BasicAuth != nil: + return errors.New("authorization and basicAuth cannot be configured at the same time") + case hc.BearerTokenSecret != nil: + return errors.New("authorization and bearerTokenSecret cannot be configured at the same time") + case hc.OAuth2 != nil: + return errors.New("authorization and oauth2 cannot be configured at the same time") + } + case hc.BasicAuth != nil: + switch { + case hc.BearerTokenSecret != nil: + return errors.New("basicAuth and bearerTokenSecret cannot be configured at the same time") + case hc.OAuth2 != nil: + return errors.New("basicAuth and oauth2 cannot be configured at the same time") + } + case hc.BearerTokenSecret != nil: + switch { + case hc.OAuth2 != nil: + return errors.New("bearerTokenSecret and oauth2 cannot be configured at the same time") + } + } + + if err := hc.Authorization.Validate(); err != nil { + return fmt.Errorf("authorization: %w", err) + } + + if err := hc.OAuth2.Validate(); err != nil { + return fmt.Errorf("oauth2: %w", err) + } + + if err := hc.TLSConfig.Validate(); err != nil { + return fmt.Errorf("tlsConfig: %w", err) + } + + if err := hc.ProxyConfig.Validate(); err != nil { + return err + } + + return nil +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go index ee0f25086..58783ae82 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go @@ -15,7 +15,6 @@ package v1 import ( - v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" @@ -30,6 +29,7 @@ const ( // +genclient // +k8s:openapi-gen=true // +kubebuilder:resource:categories="prometheus-operator",shortName="pmon" +// +kubebuilder:subresource:status // The `PodMonitor` custom resource definition (CRD) defines how `Prometheus` and `PrometheusAgent` can scrape metrics from a group of pods. // Among other things, it allows to specify: @@ -40,10 +40,23 @@ const ( // // `Prometheus` and `PrometheusAgent` objects select `PodMonitor` objects using label and namespace selectors. type PodMonitor struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + // +optional + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of desired Pod selection for target discovery by Prometheus. + // spec defines the specification of desired Pod selection for target discovery by Prometheus. + // +required Spec PodMonitorSpec `json:"spec"` + // status defines the status subresource. It is under active development and is updated only when the + // "StatusForConfigurationResources" feature gate is enabled. + // + // Most recent observed status of the PodMonitor. Read-only. + // More info: + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional + Status ConfigResourceStatus `json:"status,omitempty,omitzero"` } // DeepCopyObject implements the runtime.Object interface. @@ -51,10 +64,14 @@ func (l *PodMonitor) DeepCopyObject() runtime.Object { return l.DeepCopy() } +func (l *PodMonitor) Bindings() []WorkloadBinding { + return l.Status.Bindings +} + // PodMonitorSpec contains specification parameters for a PodMonitor. // +k8s:openapi-gen=true type PodMonitorSpec struct { - // The label to use to retrieve the job name from. + // jobLabel defines the label to use to retrieve the job name from. // `jobLabel` selects the label from the associated Kubernetes `Pod` // object which will be used as the `job` label for all metrics. // @@ -64,22 +81,25 @@ type PodMonitorSpec struct { // // If the value of this field is empty, the `job` label of the metrics // defaults to the namespace and name of the PodMonitor object (e.g. `/`). + // +optional JobLabel string `json:"jobLabel,omitempty"` - // `podTargetLabels` defines the labels which are transferred from the + // podTargetLabels defines the labels which are transferred from the // associated Kubernetes `Pod` object onto the ingested metrics. // + // +optional PodTargetLabels []string `json:"podTargetLabels,omitempty"` - // Defines how to scrape metrics from the selected pods. + // podMetricsEndpoints defines how to scrape metrics from the selected pods. // // +optional PodMetricsEndpoints []PodMetricsEndpoint `json:"podMetricsEndpoints"` - // Label selector to select the Kubernetes `Pod` objects to scrape metrics from. + // selector defines the label selector to select the Kubernetes `Pod` objects to scrape metrics from. + // +required Selector metav1.LabelSelector `json:"selector"` - // Mechanism used to select the endpoints to scrape. + // selectorMechanism defines the mechanism used to select the endpoints to scrape. // By default, the selection process relies on relabel configurations to filter the discovered targets. // Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. // Which strategy is best for your use case needs to be carefully evaluated. @@ -89,23 +109,24 @@ type PodMonitorSpec struct { // +optional SelectorMechanism *SelectorMechanism `json:"selectorMechanism,omitempty"` - // `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. + // namespaceSelector defines in which namespace(s) Prometheus should discover the pods. // By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. + // +optional NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` - // `sampleLimit` defines a per-scrape limit on the number of scraped samples + // sampleLimit defines a per-scrape limit on the number of scraped samples // that will be accepted. // // +optional SampleLimit *uint64 `json:"sampleLimit,omitempty"` - // `targetLimit` defines a limit on the number of scraped targets that will + // targetLimit defines a limit on the number of scraped targets that will // be accepted. // // +optional TargetLimit *uint64 `json:"targetLimit,omitempty"` - // `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + // scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the // protocols supported by Prometheus in order of preference (from most to least preferred). // // If unset, Prometheus uses its default value. @@ -116,25 +137,25 @@ type PodMonitorSpec struct { // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` - // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. // // It requires Prometheus >= v3.0.0. // +optional FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` - // Per-scrape limit on number of labels that will be accepted for a sample. + // labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // // +optional LabelLimit *uint64 `json:"labelLimit,omitempty"` - // Per-scrape limit on length of labels name that will be accepted for a sample. + // labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // // +optional LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` - // Per-scrape limit on length of labels value that will be accepted for a sample. + // labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // @@ -143,7 +164,7 @@ type PodMonitorSpec struct { NativeHistogramConfig `json:",inline"` - // Per-scrape limit on the number of targets dropped by relabeling + // keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // // It requires Prometheus >= v2.47.0. @@ -151,7 +172,7 @@ type PodMonitorSpec struct { // +optional KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` - // `attachMetadata` defines additional metadata which is added to the + // attachMetadata defines additional metadata which is added to the // discovered targets. // // It requires Prometheus >= v2.35.0. @@ -159,12 +180,12 @@ type PodMonitorSpec struct { // +optional AttachMetadata *AttachMetadata `json:"attachMetadata,omitempty"` - // The scrape class to apply. + // scrapeClass defines the scrape class to apply. // +optional // +kubebuilder:validation:MinLength=1 ScrapeClassName *string `json:"scrapeClass,omitempty"` - // When defined, bodySizeLimit specifies a job level limit on the size + // bodySizeLimit when defined specifies a job level limit on the size // of uncompressed response body that will be accepted by Prometheus. // // It requires Prometheus >= v2.28.0. @@ -176,9 +197,10 @@ type PodMonitorSpec struct { // PodMonitorList is a list of PodMonitors. // +k8s:openapi-gen=true type PodMonitorList struct { + // TypeMeta defines the versioned schema of this representation of an object. + // +optional metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. metav1.ListMeta `json:"metadata,omitempty"` // List of PodMonitors Items []PodMonitor `json:"items"` @@ -194,30 +216,32 @@ func (l *PodMonitorList) DeepCopyObject() runtime.Object { // // +k8s:openapi-gen=true type PodMetricsEndpoint struct { - // The `Pod` port name which exposes the endpoint. + // port defines the `Pod` port name which exposes the endpoint. // // It takes precedence over the `portNumber` and `targetPort` fields. // +optional Port *string `json:"port,omitempty"` - // The `Pod` port number which exposes the endpoint. + // portNumber defines the `Pod` port number which exposes the endpoint. // +kubebuilder:validation:Minimum=1 // +kubebuilder:validation:Maximum=65535 // +optional PortNumber *int32 `json:"portNumber,omitempty"` - // Name or number of the target port of the `Pod` object behind the Service, the + // targetPort defines the name or number of the target port of the `Pod` object behind the Service, the // port must be specified with container port property. // // Deprecated: use 'port' or 'portNumber' instead. + // +optional TargetPort *intstr.IntOrString `json:"targetPort,omitempty"` - // HTTP path from which to scrape for metrics. + // path defines the HTTP path from which to scrape for metrics. // // If empty, Prometheus uses the default value (e.g. `/metrics`). + // +optional Path string `json:"path,omitempty"` - // HTTP scheme to use for scraping. + // scheme defines the HTTP scheme to use for scraping. // // `http` and `https` are the expected values unless you rewrite the // `__scheme__` label via relabeling. @@ -225,48 +249,39 @@ type PodMetricsEndpoint struct { // If empty, Prometheus uses the default value `http`. // // +kubebuilder:validation:Enum=http;https + // +optional Scheme string `json:"scheme,omitempty"` - // `params` define optional HTTP URL parameters. + // params define optional HTTP URL parameters. + // +optional Params map[string][]string `json:"params,omitempty"` - // Interval at which Prometheus scrapes the metrics from the target. + // interval at which Prometheus scrapes the metrics from the target. // // If empty, Prometheus uses the global scrape interval. + // +optional Interval Duration `json:"interval,omitempty"` - // Timeout after which Prometheus considers the scrape to be failed. + // scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. // // If empty, Prometheus uses the global scrape timeout unless it is less // than the target's scrape interval value in which the latter is used. // The value cannot be greater than the scrape interval otherwise the operator will reject the resource. - ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` - - // TLS configuration to use when scraping the target. - // - // +optional - TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` - - // `bearerTokenSecret` specifies a key of a Secret containing the bearer - // token for scraping targets. The secret needs to be in the same namespace - // as the PodMonitor object and readable by the Prometheus Operator. - // // +optional - // - // Deprecated: use `authorization` instead. - BearerTokenSecret v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` + ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` - // When true, `honorLabels` preserves the metric's labels when they collide + // honorLabels when true preserves the metric's labels when they collide // with the target's labels. + // +optional HonorLabels bool `json:"honorLabels,omitempty"` - // `honorTimestamps` controls whether Prometheus preserves the timestamps + // honorTimestamps defines whether Prometheus preserves the timestamps // when exposed by the target. // // +optional HonorTimestamps *bool `json:"honorTimestamps,omitempty"` - // `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + // trackTimestampsStaleness defines whether Prometheus tracks staleness of // the metrics that have an explicit timestamp present in scraped data. // Has no effect if `honorTimestamps` is false. // @@ -275,38 +290,13 @@ type PodMetricsEndpoint struct { // +optional TrackTimestampsStaleness *bool `json:"trackTimestampsStaleness,omitempty"` - // `basicAuth` configures the Basic Authentication credentials to use when - // scraping the target. - // - // Cannot be set at the same time as `authorization`, or `oauth2`. - // - // +optional - BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - - // `oauth2` configures the OAuth2 settings to use when scraping the target. - // - // It requires Prometheus >= 2.27.0. - // - // Cannot be set at the same time as `authorization`, or `basicAuth`. - // - // +optional - OAuth2 *OAuth2 `json:"oauth2,omitempty"` - - // `authorization` configures the Authorization header credentials to use when - // scraping the target. - // - // Cannot be set at the same time as `basicAuth`, or `oauth2`. - // - // +optional - Authorization *SafeAuthorization `json:"authorization,omitempty"` - - // `metricRelabelings` configures the relabeling rules to apply to the + // metricRelabelings defines the relabeling rules to apply to the // samples before ingestion. // // +optional MetricRelabelConfigs []RelabelConfig `json:"metricRelabelings,omitempty"` - // `relabelings` configures the relabeling rules to apply the target's + // relabelings defines the relabeling rules to apply the target's // metadata labels. // // The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -318,21 +308,7 @@ type PodMetricsEndpoint struct { // +optional RelabelConfigs []RelabelConfig `json:"relabelings,omitempty"` - // +optional - ProxyConfig `json:",inline"` - - // `followRedirects` defines whether the scrape requests should follow HTTP - // 3xx redirects. - // - // +optional - FollowRedirects *bool `json:"followRedirects,omitempty"` - - // `enableHttp2` can be used to disable HTTP2 when scraping the target. - // - // +optional - EnableHttp2 *bool `json:"enableHttp2,omitempty"` - - // When true, the pods which are not running (e.g. either in Failed or + // filterRunning when true, the pods which are not running (e.g. either in Failed or // Succeeded state) are dropped during the target discovery. // // If unset, the filtering is enabled. @@ -341,4 +317,6 @@ type PodMetricsEndpoint struct { // // +optional FilterRunning *bool `json:"filterRunning,omitempty"` + + HTTPConfig `json:",inline"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go index 44e2e9471..0dabfe5e9 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go @@ -15,6 +15,8 @@ package v1 import ( + "errors" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,6 +31,7 @@ const ( // +genclient // +k8s:openapi-gen=true // +kubebuilder:resource:categories="prometheus-operator",shortName="prb" +// +kubebuilder:subresource:status // The `Probe` custom resource definition (CRD) defines how to scrape metrics from prober exporters such as the [blackbox exporter](https://github.com/prometheus/blackbox_exporter). // @@ -38,10 +41,23 @@ const ( // // `Prometheus` and `PrometheusAgent` objects select `Probe` objects using label and namespace selectors. type Probe struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + // +optional + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of desired Ingress selection for target discovery by Prometheus. + // spec defines the specification of desired Ingress selection for target discovery by Prometheus. + // +required Spec ProbeSpec `json:"spec"` + // status defines the status subresource. It is under active development and is updated only when the + // "StatusForConfigurationResources" feature gate is enabled. + // + // Most recent observed status of the Probe. Read-only. + // More info: + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional + Status ConfigResourceStatus `json:"status,omitempty,omitzero"` } // DeepCopyObject implements the runtime.Object interface. @@ -49,49 +65,65 @@ func (l *Probe) DeepCopyObject() runtime.Object { return l.DeepCopy() } +func (l *Probe) Bindings() []WorkloadBinding { + return l.Status.Bindings +} + // ProbeSpec contains specification parameters for a Probe. // +k8s:openapi-gen=true type ProbeSpec struct { - // The job name assigned to scraped metrics by default. + // jobName assigned to scraped metrics by default. + // +optional JobName string `json:"jobName,omitempty"` - // Specification for the prober to use for probing targets. + // prober defines the specification for the prober to use for probing targets. // The prober.URL parameter is required. Targets cannot be probed if left empty. + // +optional ProberSpec ProberSpec `json:"prober,omitempty"` - // The module to use for probing specifying how to probe the target. + // module to use for probing specifying how to probe the target. // Example module configuring in the blackbox exporter: // https://github.com/prometheus/blackbox_exporter/blob/master/example.yml + // +optional Module string `json:"module,omitempty"` - // Targets defines a set of static or dynamically discovered targets to probe. + // targets defines a set of static or dynamically discovered targets to probe. + // +optional Targets ProbeTargets `json:"targets,omitempty"` - // Interval at which targets are probed using the configured prober. + // interval at which targets are probed using the configured prober. // If not specified Prometheus' global scrape interval is used. + // +optional Interval Duration `json:"interval,omitempty"` - // Timeout for scraping metrics from the Prometheus exporter. + // scrapeTimeout defines the timeout for scraping metrics from the Prometheus exporter. // If not specified, the Prometheus global scrape timeout is used. // The value cannot be greater than the scrape interval otherwise the operator will reject the resource. + // +optional ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` - // TLS configuration to use when scraping the endpoint. + // tlsConfig defines the TLS configuration to use when scraping the endpoint. + // +optional TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` - // Secret to mount to read bearer token for scraping targets. The secret + // bearerTokenSecret defines the secret to mount to read bearer token for scraping targets. The secret // needs to be in the same namespace as the probe and accessible by // the Prometheus Operator. + // +optional BearerTokenSecret v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` - // BasicAuth allow an endpoint to authenticate over basic authentication. + // basicAuth allow an endpoint to authenticate over basic authentication. // More info: https://prometheus.io/docs/operating/configuration/#endpoint + // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + // oauth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. + // +optional OAuth2 *OAuth2 `json:"oauth2,omitempty"` - // MetricRelabelConfigs to apply to samples before ingestion. + // metricRelabelings defines the RelabelConfig to apply to samples before ingestion. + // +optional MetricRelabelConfigs []RelabelConfig `json:"metricRelabelings,omitempty"` - // Authorization section for this endpoint + // authorization section for this endpoint + // +optional Authorization *SafeAuthorization `json:"authorization,omitempty"` - // SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + // sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. // +optional SampleLimit *uint64 `json:"sampleLimit,omitempty"` - // TargetLimit defines a limit on the number of scraped targets that will be accepted. + // targetLimit defines a limit on the number of scraped targets that will be accepted. // +optional TargetLimit *uint64 `json:"targetLimit,omitempty"` - // `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + // scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the // protocols supported by Prometheus in order of preference (from most to least preferred). // // If unset, Prometheus uses its default value. @@ -101,26 +133,27 @@ type ProbeSpec struct { // +listType=set // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` - // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. // // It requires Prometheus >= v3.0.0. // +optional FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` - // Per-scrape limit on number of labels that will be accepted for a sample. + // labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. // Only valid in Prometheus versions 2.27.0 and newer. // +optional LabelLimit *uint64 `json:"labelLimit,omitempty"` - // Per-scrape limit on length of labels name that will be accepted for a sample. + // labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. // Only valid in Prometheus versions 2.27.0 and newer. // +optional LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` - // Per-scrape limit on length of labels value that will be accepted for a sample. + // labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. // Only valid in Prometheus versions 2.27.0 and newer. // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + // +optional NativeHistogramConfig `json:",inline"` - // Per-scrape limit on the number of targets dropped by relabeling + // keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // // It requires Prometheus >= v2.47.0. @@ -128,12 +161,12 @@ type ProbeSpec struct { // +optional KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` - // The scrape class to apply. + // scrapeClass defines the scrape class to apply. // +optional // +kubebuilder:validation:MinLength=1 ScrapeClassName *string `json:"scrapeClass,omitempty"` - // The list of HTTP query parameters for the scrape. + // params defines the list of HTTP query parameters for the scrape. // Please note that the `.spec.module` field takes precedence over the `module` parameter from this list when both are defined. // The module name must be added using Module under ProbeSpec. // +optional @@ -146,13 +179,14 @@ type ProbeSpec struct { // ProbeParam defines specification of extra parameters for a Probe. // +k8s:openapi-gen=true type ProbeParam struct { - // The parameter name + // name defines the parameter name // +kubebuilder:validation:MinLength=1 // +required Name string `json:"name,omitempty"` - // The parameter values + // values defines the parameter values // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:items:MinLength=1 + // +optional Values []string `json:"values,omitempty"` } @@ -165,43 +199,37 @@ type ProbeTargets struct { // relabeling configuration. // If `ingress` is also defined, `staticConfig` takes precedence. // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. + // +optional StaticConfig *ProbeTargetStaticConfig `json:"staticConfig,omitempty"` // ingress defines the Ingress objects to probe and the relabeling // configuration. // If `staticConfig` is also defined, `staticConfig` takes precedence. + // +optional Ingress *ProbeTargetIngress `json:"ingress,omitempty"` } // Validate semantically validates the given ProbeTargets. func (it *ProbeTargets) Validate() error { if it.StaticConfig == nil && it.Ingress == nil { - return &ProbeTargetsValidationError{"at least one of .spec.targets.staticConfig and .spec.targets.ingress is required"} + return errors.New("at least one of .spec.targets.staticConfig and .spec.targets.ingress is required") } return nil } -// ProbeTargetsValidationError is returned by ProbeTargets.Validate() -// on semantically invalid configurations. -// +k8s:openapi-gen=false -type ProbeTargetsValidationError struct { - err string -} - -func (e *ProbeTargetsValidationError) Error() string { - return e.err -} - // ProbeTargetStaticConfig defines the set of static targets considered for probing. // +k8s:openapi-gen=true type ProbeTargetStaticConfig struct { - // The list of hosts to probe. + // static defines the list of hosts to probe. + // +optional Targets []string `json:"static,omitempty"` - // Labels assigned to all metrics scraped from the targets. + // labels defines all labels assigned to all metrics scraped from the targets. + // +optional Labels map[string]string `json:"labels,omitempty"` - // RelabelConfigs to apply to the label set of the targets before it gets + // relabelingConfigs defines relabelings to be apply to the label set of the targets before it gets // scraped. // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + // +optional RelabelConfigs []RelabelConfig `json:"relabelingConfigs,omitempty"` } @@ -209,33 +237,39 @@ type ProbeTargetStaticConfig struct { // The operator configures a target for each host/path combination of each ingress object. // +k8s:openapi-gen=true type ProbeTargetIngress struct { - // Selector to select the Ingress objects. + // selector to select the Ingress objects. + // +optional Selector metav1.LabelSelector `json:"selector,omitempty"` - // From which namespaces to select Ingress objects. + // namespaceSelector defines from which namespaces to select Ingress objects. + // +optional NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` - // RelabelConfigs to apply to the label set of the target before it gets + // relabelingConfigs to apply to the label set of the target before it gets // scraped. // The original ingress address is available via the // `__tmp_prometheus_ingress_address` label. It can be used to customize the // probed URL. // The original scrape job's name is available via the `__tmp_prometheus_job_name` label. // More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config + // +optional RelabelConfigs []RelabelConfig `json:"relabelingConfigs,omitempty"` } // ProberSpec contains specification parameters for the Prober used for probing. // +k8s:openapi-gen=true type ProberSpec struct { - // Mandatory URL of the prober. + // url defines the mandatory URL of the prober. + // +required URL string `json:"url"` - // HTTP scheme to use for scraping. + // scheme defines the HTTP scheme to use for scraping. // `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. // If empty, Prometheus uses the default value `http`. // +kubebuilder:validation:Enum=http;https + // +optional Scheme string `json:"scheme,omitempty"` - // Path to collect metrics from. + // path to collect metrics from. // Defaults to `/probe`. // +kubebuilder:default:="/probe" + // +optional Path string `json:"path,omitempty"` // +optional @@ -245,11 +279,14 @@ type ProberSpec struct { // ProbeList is a list of Probes. // +k8s:openapi-gen=true type ProbeList struct { + // TypeMeta defines the versioned schema of this representation of an object. + // +optional metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. + // +optional metav1.ListMeta `json:"metadata,omitempty"` // List of Probes + // +required Items []Probe `json:"items"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go index 3fe51eb4d..71427906e 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go @@ -15,6 +15,7 @@ package v1 import ( + "errors" "fmt" "strings" @@ -53,7 +54,7 @@ const ( // RuntimeConfig configures the values for the process behavior. type RuntimeConfig struct { - // The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + // goGC defines the Go garbage collection target percentage. Lowering this number may increase the CPU usage. // See: https://tip.golang.org/doc/gc-guide#GOGC // +optional // +kubebuilder:validation:Minimum=-1 @@ -102,8 +103,8 @@ type CoreV1TopologySpreadConstraint v1.TopologySpreadConstraint type TopologySpreadConstraint struct { CoreV1TopologySpreadConstraint `json:",inline"` - //+optional - // Defines what Prometheus Operator managed labels should be added to labelSelector on the topologySpreadConstraint. + // additionalLabelSelectors Defines what Prometheus Operator managed labels should be added to labelSelector on the topologySpreadConstraint. + // +optional AdditionalLabelSelectors *AdditionalLabelSelectors `json:"additionalLabelSelectors,omitempty"` } @@ -113,7 +114,7 @@ type EnableFeature string // CommonPrometheusFields are the options available to both the Prometheus server and agent. // +k8s:deepcopy-gen=true type CommonPrometheusFields struct { - // PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + // podMetadata defines labels and annotations which are propagated to the Prometheus pods. // // The following items are reserved and cannot be overridden: // * "prometheus" label, set to the name of the Prometheus object. @@ -124,9 +125,10 @@ type CommonPrometheusFields struct { // * "operator.prometheus.io/name" label, set to the name of the Prometheus object. // * "operator.prometheus.io/shard" label, set to the shard number of the Prometheus object. // * "kubectl.kubernetes.io/default-container" annotation, set to "prometheus". + // +optional PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` - // ServiceMonitors to be selected for target discovery. An empty label + // serviceMonitorSelector defines the serviceMonitors to be selected for target discovery. An empty label // selector matches all objects. A null label selector matches no objects. // // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -137,13 +139,15 @@ type CommonPrometheusFields struct { // This behavior is *deprecated* and will be removed in the next major version // of the custom resource definition. It is recommended to use // `spec.additionalScrapeConfigs` instead. + // +optional ServiceMonitorSelector *metav1.LabelSelector `json:"serviceMonitorSelector,omitempty"` - // Namespaces to match for ServicedMonitors discovery. An empty label selector + // serviceMonitorNamespaceSelector defines the namespaces to match for ServicedMonitors discovery. An empty label selector // matches all namespaces. A null label selector (default value) matches the current // namespace only. + // +optional ServiceMonitorNamespaceSelector *metav1.LabelSelector `json:"serviceMonitorNamespaceSelector,omitempty"` - // PodMonitors to be selected for target discovery. An empty label selector + // podMonitorSelector defines the podMonitors to be selected for target discovery. An empty label selector // matches all objects. A null label selector matches no objects. // // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -154,13 +158,15 @@ type CommonPrometheusFields struct { // This behavior is *deprecated* and will be removed in the next major version // of the custom resource definition. It is recommended to use // `spec.additionalScrapeConfigs` instead. + // +optional PodMonitorSelector *metav1.LabelSelector `json:"podMonitorSelector,omitempty"` - // Namespaces to match for PodMonitors discovery. An empty label selector + // podMonitorNamespaceSelector defines the namespaces to match for PodMonitors discovery. An empty label selector // matches all namespaces. A null label selector (default value) matches the current // namespace only. + // +optional PodMonitorNamespaceSelector *metav1.LabelSelector `json:"podMonitorNamespaceSelector,omitempty"` - // Probes to be selected for target discovery. An empty label selector + // probeSelector defines the probes to be selected for target discovery. An empty label selector // matches all objects. A null label selector matches no objects. // // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -171,13 +177,15 @@ type CommonPrometheusFields struct { // This behavior is *deprecated* and will be removed in the next major version // of the custom resource definition. It is recommended to use // `spec.additionalScrapeConfigs` instead. + // +optional ProbeSelector *metav1.LabelSelector `json:"probeSelector,omitempty"` - // Namespaces to match for Probe discovery. An empty label + // probeNamespaceSelector defines the namespaces to match for Probe discovery. An empty label // selector matches all namespaces. A null label selector matches the // current namespace only. + // +optional ProbeNamespaceSelector *metav1.LabelSelector `json:"probeNamespaceSelector,omitempty"` - // ScrapeConfigs to be selected for target discovery. An empty label + // scrapeConfigSelector defines the scrapeConfigs to be selected for target discovery. An empty label // selector matches all objects. A null label selector matches no objects. // // If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -193,7 +201,7 @@ type CommonPrometheusFields struct { // // +optional ScrapeConfigSelector *metav1.LabelSelector `json:"scrapeConfigSelector,omitempty"` - // Namespaces to match for ScrapeConfig discovery. An empty label selector + // scrapeConfigNamespaceSelector defines the namespaces to match for ScrapeConfig discovery. An empty label selector // matches all namespaces. A null label selector matches the current // namespace only. // @@ -202,19 +210,21 @@ type CommonPrometheusFields struct { // +optional ScrapeConfigNamespaceSelector *metav1.LabelSelector `json:"scrapeConfigNamespaceSelector,omitempty"` - // Version of Prometheus being deployed. The operator uses this information + // version of Prometheus being deployed. The operator uses this information // to generate the Prometheus StatefulSet + configuration files. // // If not specified, the operator assumes the latest upstream version of // Prometheus available at the time when the version of the operator was // released. + // +optional Version string `json:"version,omitempty"` - // When a Prometheus deployment is paused, no actions except for deletion + // paused defines when a Prometheus deployment is paused, no actions except for deletion // will be performed on the underlying objects. + // +optional Paused bool `json:"paused,omitempty"` - // Container image name for Prometheus. If specified, it takes precedence + // image defines the container image name for Prometheus. If specified, it takes precedence // over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. // // Specifying `spec.version` is still necessary to ensure the Prometheus @@ -226,16 +236,18 @@ type CommonPrometheusFields struct { // // +optional Image *string `json:"image,omitempty"` - // Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + // imagePullPolicy defines the image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. // See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. // +kubebuilder:validation:Enum="";Always;Never;IfNotPresent + // +optional ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` - // An optional list of references to Secrets in the same namespace + // imagePullSecrets defines an optional list of references to Secrets in the same namespace // to use for pulling images from registries. // See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + // +optional ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` - // Number of replicas of each shard to deploy for a Prometheus deployment. + // replicas defines the number of replicas of each shard to deploy for a Prometheus deployment. // `spec.replicas` multiplied by `spec.shards` is the total number of Pods // created. // @@ -243,7 +255,7 @@ type CommonPrometheusFields struct { // +optional Replicas *int32 `json:"replicas,omitempty"` - // Number of shards to distribute the scraped targets onto. + // shards defines the number of shards to distribute the scraped targets onto. // // `spec.replicas` multiplied by `spec.shards` is the total number of Pods // being created. @@ -269,16 +281,17 @@ type CommonPrometheusFields struct { // You can also disable sharding on a specific target by setting the // `__tmp_disable_sharding` label with relabeling configuration. When // the label value isn't empty, all Prometheus shards will scrape the target. + // +optional Shards *int32 `json:"shards,omitempty"` - // Name of Prometheus external label used to denote the replica name. + // replicaExternalLabelName defines the name of Prometheus external label used to denote the replica name. // The external label will _not_ be added when the field is set to the // empty string (`""`). // // Default: "prometheus_replica" // +optional ReplicaExternalLabelName *string `json:"replicaExternalLabelName,omitempty"` - // Name of Prometheus external label used to denote the Prometheus instance + // prometheusExternalLabelName defines the name of Prometheus external label used to denote the Prometheus instance // name. The external label will _not_ be added when the field is set to // the empty string (`""`). // @@ -286,23 +299,27 @@ type CommonPrometheusFields struct { // +optional PrometheusExternalLabelName *string `json:"prometheusExternalLabelName,omitempty"` - // Log level for Prometheus and the config-reloader sidecar. + // logLevel for Prometheus and the config-reloader sidecar. // +kubebuilder:validation:Enum="";debug;info;warn;error + // +optional LogLevel string `json:"logLevel,omitempty"` - // Log format for Log level for Prometheus and the config-reloader sidecar. + // logFormat for Log level for Prometheus and the config-reloader sidecar. // +kubebuilder:validation:Enum="";logfmt;json + // +optional LogFormat string `json:"logFormat,omitempty"` - // Interval between consecutive scrapes. + // scrapeInterval defines interval between consecutive scrapes. // // Default: "30s" // +kubebuilder:default:="30s" + // +optional ScrapeInterval Duration `json:"scrapeInterval,omitempty"` - // Number of seconds to wait until a scrape request times out. + // scrapeTimeout defines the number of seconds to wait until a scrape request times out. // The value cannot be greater than the scrape interval otherwise the operator will reject the resource. + // +optional ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` - // The protocols to negotiate during a scrape. It tells clients the + // scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the // protocols supported by Prometheus in order of preference (from most to least preferred). // // If unset, Prometheus uses its default value. @@ -315,13 +332,14 @@ type CommonPrometheusFields struct { // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` - // The labels to add to any time series or alerts when communicating with + // externalLabels defines the labels to add to any time series or alerts when communicating with // external systems (federation, remote storage, Alertmanager). // Labels defined by `spec.replicaExternalLabelName` and // `spec.prometheusExternalLabelName` take precedence over this list. + // +optional ExternalLabels map[string]string `json:"externalLabels,omitempty"` - // Enable Prometheus to be used as a receiver for the Prometheus remote + // enableRemoteWriteReceiver defines the Prometheus to be used as a receiver for the Prometheus remote // write protocol. // // WARNING: This is not considered an efficient way of ingesting samples. @@ -331,9 +349,10 @@ type CommonPrometheusFields struct { // For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver // // It requires Prometheus >= v2.33.0. + // +optional EnableRemoteWriteReceiver bool `json:"enableRemoteWriteReceiver,omitempty"` - // Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + // enableOTLPReceiver defines the Prometheus to be used as a receiver for the OTLP Metrics protocol. // // Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. // @@ -341,7 +360,7 @@ type CommonPrometheusFields struct { // +optional EnableOTLPReceiver *bool `json:"enableOTLPReceiver,omitempty"` - // List of the protobuf message versions to accept when receiving the + // remoteWriteReceiverMessageVersions list of the protobuf message versions to accept when receiving the // remote writes. // // It requires Prometheus >= v2.54.0. @@ -351,7 +370,7 @@ type CommonPrometheusFields struct { // +optional RemoteWriteReceiverMessageVersions []RemoteWriteMessageVersion `json:"remoteWriteReceiverMessageVersions,omitempty"` - // Enable access to Prometheus feature flags. By default, no features are enabled. + // enableFeatures enables access to Prometheus feature flags. By default, no features are enabled. // // Enabling features which are disabled by default is entirely outside the // scope of what the maintainers will support and by doing so, you accept @@ -363,32 +382,37 @@ type CommonPrometheusFields struct { // +optional EnableFeatures []EnableFeature `json:"enableFeatures,omitempty"` - // The external URL under which the Prometheus service is externally + // externalUrl defines the external URL under which the Prometheus service is externally // available. This is necessary to generate correct URLs (for instance if // Prometheus is accessible behind an Ingress resource). + // +optional ExternalURL string `json:"externalUrl,omitempty"` - // The route prefix Prometheus registers HTTP handlers for. + // routePrefix defines the route prefix Prometheus registers HTTP handlers for. // // This is useful when using `spec.externalURL`, and a proxy is rewriting // HTTP routes of a request, and the actual ExternalURL is still true, but // the server serves requests under a different route prefix. For example // for use with `kubectl proxy`. + // +optional RoutePrefix string `json:"routePrefix,omitempty"` - // Storage defines the storage used by Prometheus. + // storage defines the storage used by Prometheus. + // +optional Storage *StorageSpec `json:"storage,omitempty"` - // Volumes allows the configuration of additional volumes on the output + // volumes allows the configuration of additional volumes on the output // StatefulSet definition. Volumes specified will be appended to other // volumes that are generated as a result of StorageSpec objects. + // +optional Volumes []v1.Volume `json:"volumes,omitempty"` - // VolumeMounts allows the configuration of additional VolumeMounts. + // volumeMounts allows the configuration of additional VolumeMounts. // // VolumeMounts will be appended to other VolumeMounts in the 'prometheus' // container, that are generated as a result of StorageSpec objects. + // +optional VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + // persistentVolumeClaimRetentionPolicy defines the field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. // The default behavior is all PVCs are retained. // This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. // It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -396,20 +420,24 @@ type CommonPrometheusFields struct { // +optional PersistentVolumeClaimRetentionPolicy *appsv1.StatefulSetPersistentVolumeClaimRetentionPolicy `json:"persistentVolumeClaimRetentionPolicy,omitempty"` - // Defines the configuration of the Prometheus web server. + // web defines the configuration of the Prometheus web server. + // +optional Web *PrometheusWebSpec `json:"web,omitempty"` - // Defines the resources requests and limits of the 'prometheus' container. + // resources defines the resources requests and limits of the 'prometheus' container. + // +optional Resources v1.ResourceRequirements `json:"resources,omitempty"` - // Defines on which Nodes the Pods are scheduled. + // nodeSelector defines on which Nodes the Pods are scheduled. + // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // ServiceAccountName is the name of the ServiceAccount to use to run the + // serviceAccountName is the name of the ServiceAccount to use to run the // Prometheus Pods. + // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` - // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + // automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. // If the field isn't set, the operator mounts the service account token by default. // // **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. @@ -417,61 +445,65 @@ type CommonPrometheusFields struct { // +optional AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty"` - // Secrets is a list of Secrets in the same namespace as the Prometheus + // secrets defines a list of Secrets in the same namespace as the Prometheus // object, which shall be mounted into the Prometheus Pods. // Each Secret is added to the StatefulSet definition as a volume named `secret-`. // The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. // +listType:=set + // +optional Secrets []string `json:"secrets,omitempty"` - // ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + // configMaps defines a list of ConfigMaps in the same namespace as the Prometheus // object, which shall be mounted into the Prometheus Pods. // Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. // The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. + // +optional ConfigMaps []string `json:"configMaps,omitempty"` - // Defines the Pods' affinity scheduling rules if specified. + // affinity defines the Pods' affinity scheduling rules if specified. // +optional Affinity *v1.Affinity `json:"affinity,omitempty"` - // Defines the Pods' tolerations if specified. + // tolerations defines the Pods' tolerations if specified. // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // Defines the pod's topology spread constraints if specified. - //+optional + // topologySpreadConstraints defines the pod's topology spread constraints if specified. + // +optional TopologySpreadConstraints []TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // Defines the list of remote write configurations. + // remoteWrite defines the list of remote write configurations. // +optional RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` - // Settings related to the OTLP receiver feature. + // otlp defines the settings related to the OTLP receiver feature. // It requires Prometheus >= v2.55.0. // // +optional OTLP *OTLPConfig `json:"otlp,omitempty"` - // SecurityContext holds pod-level security attributes and common container settings. + // securityContext holds pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. // +optional SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` - // Defines the DNS policy for the pods. + // dnsPolicy defines the DNS policy for the pods. // // +optional DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` - // Defines the DNS configuration for the pods. + // dnsConfig defines the DNS configuration for the pods. // // +optional DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` - // When true, the Prometheus server listens on the loopback address + // listenLocal when true, the Prometheus server listens on the loopback address // instead of the Pod IP's address. + // + // +optional ListenLocal bool `json:"listenLocal,omitempty"` - // Indicates whether information about services should be injected into pod's environment variables + // enableServiceLinks defines whether information about services should be injected into pod's environment variables // +optional EnableServiceLinks *bool `json:"enableServiceLinks,omitempty"` - // Containers allows injecting additional containers or modifying operator + // containers allows injecting additional containers or modifying operator // generated containers. This can be used to allow adding an authentication // proxy to the Pods or to change the behavior of an operator generated // container. Containers described here modify an operator generated @@ -488,7 +520,7 @@ type CommonPrometheusFields struct { // may break at any time without notice. // +optional Containers []v1.Container `json:"containers,omitempty"` - // InitContainers allows injecting initContainers to the Pod definition. Those + // initContainers allows injecting initContainers to the Pod definition. Those // can be used to e.g. fetch secrets for injection into the Prometheus // configuration from external sources. Any errors during the execution of // an initContainer will lead to a restart of the Pod. More info: @@ -506,7 +538,7 @@ type CommonPrometheusFields struct { // +optional InitContainers []v1.Container `json:"initContainers,omitempty"` - // AdditionalScrapeConfigs allows specifying a key of a Secret containing + // additionalScrapeConfigs allows specifying a key of a Secret containing // additional Prometheus scrape configurations. Scrape configurations // specified are appended to the configurations generated by the Prometheus // Operator. Job configurations specified must have the form as specified @@ -520,7 +552,7 @@ type CommonPrometheusFields struct { // +optional AdditionalScrapeConfigs *v1.SecretKeySelector `json:"additionalScrapeConfigs,omitempty"` - // APIServerConfig allows specifying a host and auth methods to access the + // apiserverConfig allows specifying a host and auth methods to access the // Kuberntees API server. // If null, Prometheus is assumed to run inside of the cluster: it will // discover the API servers automatically and use the Pod's CA certificate @@ -528,14 +560,16 @@ type CommonPrometheusFields struct { // +optional APIServerConfig *APIServerConfig `json:"apiserverConfig,omitempty"` - // Priority class assigned to the Pods. + // priorityClassName assigned to the Pods. + // +optional PriorityClassName string `json:"priorityClassName,omitempty"` - // Port name used for the pods and governing service. + // portName used for the pods and governing service. // Default: "web" // +kubebuilder:default:="web" + // +optional PortName string `json:"portName,omitempty"` - // When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + // arbitraryFSAccessThroughSMs when true, ServiceMonitor, PodMonitor and Probe object are forbidden to // reference arbitrary files on the file system of the 'prometheus' // container. // When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value @@ -545,26 +579,30 @@ type CommonPrometheusFields struct { // `spec.arbitraryFSAccessThroughSM` to 'true' would prevent the attack. // Users should instead provide the credentials using the // `spec.bearerTokenSecret` field. + // +optional ArbitraryFSAccessThroughSMs ArbitraryFSAccessThroughSMsConfig `json:"arbitraryFSAccessThroughSMs,omitempty"` - // When true, Prometheus resolves label conflicts by renaming the labels in the scraped data + // overrideHonorLabels when true, Prometheus resolves label conflicts by renaming the labels in the scraped data // to “exported_” for all targets created from ServiceMonitor, PodMonitor and // ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies. - // In practice,`overrideHonorLaels:true` enforces `honorLabels:false` + // In practice,`OverrideHonorLabels:true` enforces `honorLabels:false` // for all ServiceMonitor, PodMonitor and ScrapeConfig objects. + // +optional OverrideHonorLabels bool `json:"overrideHonorLabels,omitempty"` - // When true, Prometheus ignores the timestamps for all the targets created + // overrideHonorTimestamps when true, Prometheus ignores the timestamps for all the targets created // from service and pod monitors. // Otherwise the HonorTimestamps field of the service or pod monitor applies. + // +optional OverrideHonorTimestamps bool `json:"overrideHonorTimestamps,omitempty"` - // When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + // ignoreNamespaceSelectors when true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor // and Probe objects will be ignored. They will only discover targets // within the namespace of the PodMonitor, ServiceMonitor and Probe // object. + // +optional IgnoreNamespaceSelectors bool `json:"ignoreNamespaceSelectors,omitempty"` - // When not empty, a label will be added to: + // enforcedNamespaceLabel when not empty, a label will be added to: // // 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. // 2. All metrics generated from recording rules defined in `PrometheusRule` objects. @@ -576,9 +614,10 @@ type CommonPrometheusFields struct { // The label's name is this field's value. // The label's value is the namespace of the `ServiceMonitor`, // `PodMonitor`, `Probe`, `PrometheusRule` or `ScrapeConfig` object. + // +optional EnforcedNamespaceLabel string `json:"enforcedNamespaceLabel,omitempty"` - // When defined, enforcedSampleLimit specifies a global limit on the number + // enforcedSampleLimit when defined specifies a global limit on the number // of scraped samples that will be accepted. This overrides any // `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects // unless `spec.sampleLimit` is greater than zero and less than @@ -596,7 +635,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedSampleLimit *uint64 `json:"enforcedSampleLimit,omitempty"` - // When defined, enforcedTargetLimit specifies a global limit on the number + // enforcedTargetLimit when defined specifies a global limit on the number // of scraped targets. The value overrides any `spec.targetLimit` set by // ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is // greater than zero and less than `spec.enforcedTargetLimit`. @@ -613,7 +652,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedTargetLimit *uint64 `json:"enforcedTargetLimit,omitempty"` - // When defined, enforcedLabelLimit specifies a global limit on the number + // enforcedLabelLimit when defined specifies a global limit on the number // of labels per sample. The value overrides any `spec.labelLimit` set by // ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is // greater than zero and less than `spec.enforcedLabelLimit`. @@ -629,7 +668,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedLabelLimit *uint64 `json:"enforcedLabelLimit,omitempty"` - // When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + // enforcedLabelNameLengthLimit when defined specifies a global limit on the length // of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by // ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is // greater than zero and less than `spec.enforcedLabelNameLengthLimit`. @@ -645,7 +684,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedLabelNameLengthLimit *uint64 `json:"enforcedLabelNameLengthLimit,omitempty"` - // When not null, enforcedLabelValueLengthLimit defines a global limit on the length + // enforcedLabelValueLengthLimit when not null defines a global limit on the length // of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by // ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is // greater than zero and less than `spec.enforcedLabelValueLengthLimit`. @@ -661,7 +700,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedLabelValueLengthLimit *uint64 `json:"enforcedLabelValueLengthLimit,omitempty"` - // When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + // enforcedKeepDroppedTargets when defined specifies a global limit on the number of targets // dropped by relabeling that will be kept in memory. The value overrides // any `spec.keepDroppedTargets` set by // ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is @@ -678,7 +717,7 @@ type CommonPrometheusFields struct { // // +optional EnforcedKeepDroppedTargets *uint64 `json:"enforcedKeepDroppedTargets,omitempty"` - // When defined, enforcedBodySizeLimit specifies a global limit on the size + // enforcedBodySizeLimit when defined specifies a global limit on the size // of uncompressed response body that will be accepted by Prometheus. // Targets responding with a body larger than this many bytes will cause // the scrape to fail. @@ -691,16 +730,17 @@ type CommonPrometheusFields struct { // * Scrape objects with a bodySizeLimit value less than or equal to enforcedBodySizeLimit keep their specific value. // * Scrape objects with a bodySizeLimit value greater than enforcedBodySizeLimit are set to enforcedBodySizeLimit. // + // +optional EnforcedBodySizeLimit ByteSize `json:"enforcedBodySizeLimit,omitempty"` - // Specifies the validation scheme for metric and label names. + // nameValidationScheme defines the validation scheme for metric and label names. // // It requires Prometheus >= v2.55.0. // // +optional NameValidationScheme *NameValidationSchemeOptions `json:"nameValidationScheme,omitempty"` - // Specifies the character escaping scheme that will be requested when scraping + // nameEscapingScheme defines the character escaping scheme that will be requested when scraping // for metric and label names that do not conform to the legacy Prometheus // character set. // @@ -709,7 +749,7 @@ type CommonPrometheusFields struct { // +optional NameEscapingScheme *NameEscapingSchemeOptions `json:"nameEscapingScheme,omitempty"` - // Whether to convert all scraped classic histograms into a native + // convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native // histogram with custom buckets. // // It requires Prometheus >= v3.4.0. @@ -717,7 +757,7 @@ type CommonPrometheusFields struct { // +optional ConvertClassicHistogramsToNHCB *bool `json:"convertClassicHistogramsToNHCB,omitempty"` - // Whether to scrape a classic histogram that is also exposed as a native histogram. + // scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. // // Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. // @@ -726,7 +766,7 @@ type CommonPrometheusFields struct { // +optional ScrapeClassicHistograms *bool `json:"scrapeClassicHistograms,omitempty"` - // Minimum number of seconds for which a newly created Pod should be ready + // minReadySeconds defines the minimum number of seconds for which a newly created Pod should be ready // without any of its container crashing for it to be considered available. // // If unset, pods will be considered available as soon as they are ready. @@ -735,7 +775,7 @@ type CommonPrometheusFields struct { // +optional MinReadySeconds *int32 `json:"minReadySeconds,omitempty"` - // Optional list of hosts and IPs that will be injected into the Pod's + // hostAliases defines the optional list of hosts and IPs that will be injected into the Pod's // hosts file if specified. // // +listType=map @@ -743,7 +783,7 @@ type CommonPrometheusFields struct { // +optional HostAliases []HostAlias `json:"hostAliases,omitempty"` - // AdditionalArgs allows setting additional arguments for the 'prometheus' container. + // additionalArgs allows setting additional arguments for the 'prometheus' container. // // It is intended for e.g. activating hidden flags which are not supported by // the dedicated configuration options yet. The arguments are passed as-is to the @@ -757,7 +797,7 @@ type CommonPrometheusFields struct { // +optional AdditionalArgs []Argument `json:"additionalArgs,omitempty"` - // Configures compression of the write-ahead log (WAL) using Snappy. + // walCompression defines the compression of the write-ahead log (WAL) using Snappy. // // WAL compression is enabled by default for Prometheus >= 2.20.0 // @@ -766,7 +806,7 @@ type CommonPrometheusFields struct { // +optional WALCompression *bool `json:"walCompression,omitempty"` - // List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + // excludedFromEnforcement defines the list of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects // to be excluded from enforcing a namespace label of origin. // // It is only applicable if `spec.enforcedNamespaceLabel` set to true. @@ -774,7 +814,7 @@ type CommonPrometheusFields struct { // +optional ExcludedFromEnforcement []ObjectReference `json:"excludedFromEnforcement,omitempty"` - // Use the host's network namespace if true. + // hostNetwork defines the host's network namespace if true. // // Make sure to understand the security implications if you want to enable // it (https://kubernetes.io/docs/concepts/configuration/overview/ ). @@ -782,22 +822,24 @@ type CommonPrometheusFields struct { // When hostNetwork is enabled, this will set the DNS policy to // `ClusterFirstWithHostNet` automatically (unless `.spec.DNSPolicy` is set // to a different value). + // + // +optional HostNetwork bool `json:"hostNetwork,omitempty"` - // PodTargetLabels are appended to the `spec.podTargetLabels` field of all + // podTargetLabels are appended to the `spec.podTargetLabels` field of all // PodMonitor and ServiceMonitor objects. // // +optional PodTargetLabels []string `json:"podTargetLabels,omitempty"` - // TracingConfig configures tracing in Prometheus. + // tracingConfig defines tracing in Prometheus. // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. // // +optional TracingConfig *PrometheusTracingConfig `json:"tracingConfig,omitempty"` - // BodySizeLimit defines per-scrape on response body size. + // bodySizeLimit defines per-scrape on response body size. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -805,7 +847,7 @@ type CommonPrometheusFields struct { // // +optional BodySizeLimit *ByteSize `json:"bodySizeLimit,omitempty"` - // SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + // sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -813,7 +855,7 @@ type CommonPrometheusFields struct { // // +optional SampleLimit *uint64 `json:"sampleLimit,omitempty"` - // TargetLimit defines a limit on the number of scraped targets that will be accepted. + // targetLimit defines a limit on the number of scraped targets that will be accepted. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -821,7 +863,7 @@ type CommonPrometheusFields struct { // // +optional TargetLimit *uint64 `json:"targetLimit,omitempty"` - // Per-scrape limit on number of labels that will be accepted for a sample. + // labelLimit defines per-scrape limit on number of labels that will be accepted for a sample. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -829,7 +871,7 @@ type CommonPrometheusFields struct { // // +optional LabelLimit *uint64 `json:"labelLimit,omitempty"` - // Per-scrape limit on length of labels name that will be accepted for a sample. + // labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -837,7 +879,7 @@ type CommonPrometheusFields struct { // // +optional LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` - // Per-scrape limit on length of labels value that will be accepted for a sample. + // labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. // Only valid in Prometheus versions 2.45.0 and newer. // // Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -845,7 +887,7 @@ type CommonPrometheusFields struct { // // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` - // Per-scrape limit on the number of targets dropped by relabeling + // keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // // It requires Prometheus >= v2.47.0. @@ -856,18 +898,18 @@ type CommonPrometheusFields struct { // +optional KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` - // Defines the strategy used to reload the Prometheus configuration. + // reloadStrategy defines the strategy used to reload the Prometheus configuration. // If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. // +optional ReloadStrategy *ReloadStrategyType `json:"reloadStrategy,omitempty"` - // Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. - // If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). + // maximumStartupDurationSeconds defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + // If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 900 seconds (15 minutes). // +optional // +kubebuilder:validation:Minimum=60 MaximumStartupDurationSeconds *int32 `json:"maximumStartupDurationSeconds,omitempty"` - // List of scrape classes to expose to scraping objects such as + // scrapeClasses defines the list of scrape classes to expose to scraping objects such as // PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. // // This is an *experimental feature*, it may change in any upcoming release @@ -875,9 +917,10 @@ type CommonPrometheusFields struct { // // +listType=map // +listMapKey=name + // +optional ScrapeClasses []ScrapeClass `json:"scrapeClasses,omitempty"` - // Defines the service discovery role used to discover targets from + // serviceDiscoveryRole defines the service discovery role used to discover targets from // `ServiceMonitor` objects and Alertmanager endpoints. // // If set, the value should be either "Endpoints" or "EndpointSlice". @@ -886,13 +929,13 @@ type CommonPrometheusFields struct { // +optional ServiceDiscoveryRole *ServiceDiscoveryRole `json:"serviceDiscoveryRole,omitempty"` - // Defines the runtime reloadable configuration of the timeseries database(TSDB). + // tsdb defines the runtime reloadable configuration of the timeseries database(TSDB). // It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. // // +optional TSDB *TSDBSpec `json:"tsdb,omitempty"` - // File to which scrape failures are logged. + // scrapeFailureLogFile defines the file to which scrape failures are logged. // Reloading the configuration will reopen the file. // // If the filename has an empty path, e.g. 'file.log', The Prometheus Pods @@ -905,7 +948,7 @@ type CommonPrometheusFields struct { // +optional ScrapeFailureLogFile *string `json:"scrapeFailureLogFile,omitempty"` - // The name of the service name used by the underlying StatefulSet(s) as the governing service. + // serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. // If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. // If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, // or `prometheus-agent-operated` for PrometheusAgent resources. @@ -915,11 +958,11 @@ type CommonPrometheusFields struct { // +kubebuilder:validation:MinLength=1 ServiceName *string `json:"serviceName,omitempty"` - // RuntimeConfig configures the values for the Prometheus process behavior + // runtime defines the values for the Prometheus process behavior // +optional Runtime *RuntimeConfig `json:"runtime,omitempty"` - // Optional duration in seconds the pod needs to terminate gracefully. + // terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. // Value must be non-negative integer. The value zero indicates stop immediately via // the kill signal (no opportunity to shut down) which may lead to data corruption. // @@ -929,7 +972,7 @@ type CommonPrometheusFields struct { // +optional TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` - // HostUsers supports the user space in Kubernetes. + // hostUsers supports the user space in Kubernetes. // // More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ // @@ -1040,14 +1083,19 @@ func (cpf *CommonPrometheusFields) WebRoutePrefix() string { // // The Operator continuously reconciles the scrape and rules configuration and a sidecar container running in the Prometheus pods triggers a reload of the configuration when needed. type Prometheus struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of the desired behavior of the Prometheus cluster. More info: + // spec defines the specification of the desired behavior of the Prometheus cluster. More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +required Spec PrometheusSpec `json:"spec"` - // Most recent observed status of the Prometheus cluster. Read-only. + // status defines the most recent observed status of the Prometheus cluster. Read-only. // More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional Status PrometheusStatus `json:"status,omitempty"` } @@ -1059,9 +1107,11 @@ func (l *Prometheus) DeepCopyObject() runtime.Object { // PrometheusList is a list of Prometheuses. // +k8s:openapi-gen=true type PrometheusList struct { + // TypeMeta defines the versioned schema of this representation of an object. + // +optional metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. + // +optional metav1.ListMeta `json:"metadata,omitempty"` // List of Prometheuses Items []Prometheus `json:"items"` @@ -1076,23 +1126,29 @@ func (l *PrometheusList) DeepCopyObject() runtime.Object { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type PrometheusSpec struct { + // +optional CommonPrometheusFields `json:",inline"` - // Deprecated: use 'spec.image' instead. + // baseImage is deprecated: use 'spec.image' instead. + // +optional BaseImage string `json:"baseImage,omitempty"` - // Deprecated: use 'spec.image' instead. The image's tag can be specified as part of the image name. + // tag is deprecated: use 'spec.image' instead. The image's tag can be specified as part of the image name. + // +optional Tag string `json:"tag,omitempty"` - // Deprecated: use 'spec.image' instead. The image's digest can be specified as part of the image name. + // sha is deprecated: use 'spec.image' instead. The image's digest can be specified as part of the image name. + // +optional SHA string `json:"sha,omitempty"` - // How long to retain the Prometheus data. + // retention defines how long to retain the Prometheus data. // // Default: "24h" if `spec.retention` and `spec.retentionSize` are empty. + // +optional Retention Duration `json:"retention,omitempty"` - // Maximum number of bytes used by the Prometheus data. + // retentionSize defines the maximum number of bytes used by the Prometheus data. + // +optional RetentionSize ByteSize `json:"retentionSize,omitempty"` - // ShardRetentionPolicy defines the retention policy for the Prometheus shards. + // shardRetentionPolicy defines the retention policy for the Prometheus shards. // (Alpha) Using this field requires the 'PrometheusShardRetentionPolicy' feature gate to be enabled. // // The final goals for this feature can be seen at https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/proposals/202310-shard-autoscaling.md#graceful-scale-down-of-prometheus-servers, @@ -1102,38 +1158,40 @@ type PrometheusSpec struct { // +optional ShardRetentionPolicy *ShardRetentionPolicy `json:"shardRetentionPolicy,omitempty"` - // When true, the Prometheus compaction is disabled. + // disableCompaction when true, the Prometheus compaction is disabled. // When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically // disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). + // +optional DisableCompaction bool `json:"disableCompaction,omitempty"` - // Defines the configuration of the Prometheus rules' engine. + // rules defines the configuration of the Prometheus rules' engine. + // +optional Rules Rules `json:"rules,omitempty"` - // Defines the list of PrometheusRule objects to which the namespace label + // prometheusRulesExcludedFromEnforce defines the list of PrometheusRule objects to which the namespace label // enforcement doesn't apply. // This is only relevant when `spec.enforcedNamespaceLabel` is set to true. // +optional // Deprecated: use `spec.excludedFromEnforcement` instead. PrometheusRulesExcludedFromEnforce []PrometheusRuleExcludeConfig `json:"prometheusRulesExcludedFromEnforce,omitempty"` - // PrometheusRule objects to be selected for rule evaluation. An empty + // ruleSelector defines the prometheusRule objects to be selected for rule evaluation. An empty // label selector matches all objects. A null label selector matches no // objects. // +optional RuleSelector *metav1.LabelSelector `json:"ruleSelector,omitempty"` - // Namespaces to match for PrometheusRule discovery. An empty label selector + // ruleNamespaceSelector defines the namespaces to match for PrometheusRule discovery. An empty label selector // matches all namespaces. A null label selector matches the current // namespace only. // +optional RuleNamespaceSelector *metav1.LabelSelector `json:"ruleNamespaceSelector,omitempty"` - // QuerySpec defines the configuration of the Promethus query service. + // query defines the configuration of the Prometheus query service. // +optional Query *QuerySpec `json:"query,omitempty"` - // Defines the settings related to Alertmanager. + // alerting defines the settings related to Alertmanager. // +optional Alerting *AlertingSpec `json:"alerting,omitempty"` - // AdditionalAlertRelabelConfigs specifies a key of a Secret containing + // additionalAlertRelabelConfigs defines a key of a Secret containing // additional Prometheus alert relabel configurations. The alert relabel // configurations are appended to the configuration generated by the // Prometheus Operator. They must be formatted according to the official @@ -1149,7 +1207,7 @@ type PrometheusSpec struct { // Prometheus after the upgrade. // +optional AdditionalAlertRelabelConfigs *v1.SecretKeySelector `json:"additionalAlertRelabelConfigs,omitempty"` - // AdditionalAlertManagerConfigs specifies a key of a Secret containing + // additionalAlertManagerConfigs defines a key of a Secret containing // additional Prometheus Alertmanager configurations. The Alertmanager // configurations are appended to the configuration generated by the // Prometheus Operator. They must be formatted according to the official @@ -1166,11 +1224,11 @@ type PrometheusSpec struct { // +optional AdditionalAlertManagerConfigs *v1.SecretKeySelector `json:"additionalAlertManagerConfigs,omitempty"` - // Defines the list of remote read configurations. + // remoteRead defines the list of remote read configurations. // +optional RemoteRead []RemoteReadSpec `json:"remoteRead,omitempty"` - // Defines the configuration of the optional Thanos sidecar. + // thanos defines the configuration of the optional Thanos sidecar. // // +optional Thanos *ThanosSpec `json:"thanos,omitempty"` @@ -1186,30 +1244,33 @@ type PrometheusSpec struct { // Alternatively, the location can be set to a standard I/O stream, e.g. // `/dev/stdout`, to log query information to the default Prometheus log // stream. + // +optional QueryLogFile string `json:"queryLogFile,omitempty"` - // AllowOverlappingBlocks enables vertical compaction and vertical query + // allowOverlappingBlocks enables vertical compaction and vertical query // merge in Prometheus. // // Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are enabled by default. + // +optional AllowOverlappingBlocks bool `json:"allowOverlappingBlocks,omitempty"` - // Exemplars related settings that are runtime reloadable. + // exemplars related settings that are runtime reloadable. // It requires to enable the `exemplar-storage` feature flag to be effective. // +optional Exemplars *Exemplars `json:"exemplars,omitempty"` - // Interval between rule evaluations. + // evaluationInterval defines the interval between rule evaluations. // Default: "30s" // +kubebuilder:default:="30s" + // +optional EvaluationInterval Duration `json:"evaluationInterval,omitempty"` - // Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + // ruleQueryOffset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. // It requires Prometheus >= v2.53.0. // +optional RuleQueryOffset *Duration `json:"ruleQueryOffset,omitempty"` - // Enables access to the Prometheus web admin API. + // enableAdminAPI defines access to the Prometheus web admin API. // // WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, // shutdown Prometheus, and more. Enabling this should be done with care and the @@ -1218,6 +1279,7 @@ type PrometheusSpec struct { // // For more information: // https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis + // +optional EnableAdminAPI bool `json:"enableAdminAPI,omitempty"` } @@ -1229,12 +1291,13 @@ var ( ) type RetainConfig struct { + // retentionPeriod defines the retentionPeriod for shard retention policy. // +required RetentionPeriod Duration `json:"retentionPeriod"` } type ShardRetentionPolicy struct { - // Defines the retention policy when the Prometheus shards are scaled down. + // whenScaled defines the retention policy when the Prometheus shards are scaled down. // * `Delete`, the operator will delete the pods from the scaled-down shard(s). // * `Retain`, the operator will keep the pods from the scaled-down shard(s), so the data can still be queried. // @@ -1242,45 +1305,45 @@ type ShardRetentionPolicy struct { // +kubebuilder:validation:Enum=Retain;Delete // +optional WhenScaled *WhenScaledRetentionType `json:"whenScaled,omitempty"` - // Defines the config for retention when the retention policy is set to `Retain`. + // retain defines the config for retention when the retention policy is set to `Retain`. // This field is ineffective as of now. // +optional Retain *RetainConfig `json:"retain,omitempty"` } type PrometheusTracingConfig struct { - // Client used to export the traces. Supported values are `http` or `grpc`. + // clientType defines the client used to export the traces. Supported values are `http` or `grpc`. // +kubebuilder:validation:Enum=http;grpc // +optional ClientType *string `json:"clientType"` - // Endpoint to send the traces to. Should be provided in format :. + // endpoint to send the traces to. Should be provided in format :. // +kubebuilder:validation:MinLength:=1 // +required Endpoint string `json:"endpoint"` - // Sets the probability a given trace will be sampled. Must be a float from 0 through 1. + // samplingFraction defines the probability a given trace will be sampled. Must be a float from 0 through 1. // +optional SamplingFraction *resource.Quantity `json:"samplingFraction"` - // If disabled, the client will use a secure connection. + // insecure if disabled, the client will use a secure connection. // +optional Insecure *bool `json:"insecure"` - // Key-value pairs to be used as headers associated with gRPC or HTTP requests. + // headers defines the key-value pairs to be used as headers associated with gRPC or HTTP requests. // +optional Headers map[string]string `json:"headers"` - // Compression key for supported compression types. The only supported value is `gzip`. + // compression key for supported compression types. The only supported value is `gzip`. // +kubebuilder:validation:Enum=gzip // +optional Compression *string `json:"compression"` - // Maximum time the exporter will wait for each batch export. + // timeout defines the maximum time the exporter will wait for each batch export. // +optional Timeout *Duration `json:"timeout"` - // TLS Config to use when sending traces. + // tlsConfig to use when sending traces. // +optional TLSConfig *TLSConfig `json:"tlsConfig"` } @@ -1290,40 +1353,48 @@ type PrometheusTracingConfig struct { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type PrometheusStatus struct { - // Represents whether any actions on the underlying managed objects are + // paused defines whether any actions on the underlying managed objects are // being performed. Only delete actions will be performed. + // +optional Paused bool `json:"paused"` - // Total number of non-terminated pods targeted by this Prometheus deployment + // replicas defines the total number of non-terminated pods targeted by this Prometheus deployment // (their labels match the selector). + // +optional Replicas int32 `json:"replicas"` - // Total number of non-terminated pods targeted by this Prometheus deployment + // updatedReplicas defines the total number of non-terminated pods targeted by this Prometheus deployment // that have the desired version spec. + // +optional UpdatedReplicas int32 `json:"updatedReplicas"` - // Total number of available pods (ready for at least minReadySeconds) + // availableReplicas defines the total number of available pods (ready for at least minReadySeconds) // targeted by this Prometheus deployment. + // +optional AvailableReplicas int32 `json:"availableReplicas"` - // Total number of unavailable pods targeted by this Prometheus deployment. + // unavailableReplicas defines the total number of unavailable pods targeted by this Prometheus deployment. + // +optional UnavailableReplicas int32 `json:"unavailableReplicas"` - // The current state of the Prometheus deployment. + // conditions defines the current state of the Prometheus deployment. // +listType=map // +listMapKey=type // +optional Conditions []Condition `json:"conditions,omitempty"` - // The list has one entry per shard. Each entry provides a summary of the shard status. + // shardStatuses defines the list has one entry per shard. Each entry provides a summary of the shard status. // +listType=map // +listMapKey=shardID // +optional ShardStatuses []ShardStatus `json:"shardStatuses,omitempty"` - // Shards is the most recently observed number of shards. + // shards defines the most recently observed number of shards. + // +optional Shards int32 `json:"shards,omitempty"` - // The selector used to match the pods targeted by this Prometheus resource. + // selector used to match the pods targeted by this Prometheus resource. + // +optional Selector string `json:"selector,omitempty"` } // AlertingSpec defines parameters for alerting configuration of Prometheus servers. // +k8s:openapi-gen=true type AlertingSpec struct { - // Alertmanager endpoints where Prometheus should send alerts to. + // alertmanagers endpoints where Prometheus should send alerts to. + // +required Alertmanagers []AlertmanagerEndpoints `json:"alertmanagers"` } @@ -1337,39 +1408,43 @@ type AlertingSpec struct { // // +k8s:openapi-gen=true type StorageSpec struct { - // Deprecated: subPath usage will be removed in a future release. + // disableMountSubPath deprecated: subPath usage will be removed in a future release. + // +optional DisableMountSubPath bool `json:"disableMountSubPath,omitempty"` - // EmptyDirVolumeSource to be used by the StatefulSet. + // emptyDir to be used by the StatefulSet. // If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. // More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir + // +optional EmptyDir *v1.EmptyDirVolumeSource `json:"emptyDir,omitempty"` - // EphemeralVolumeSource to be used by the StatefulSet. + // ephemeral to be used by the StatefulSet. // This is a beta field in k8s 1.21 and GA in 1.15. // For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. // More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes + // +optional Ephemeral *v1.EphemeralVolumeSource `json:"ephemeral,omitempty"` - // Defines the PVC spec to be used by the Prometheus StatefulSets. + // volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. // The easiest way to use a volume that cannot be automatically provisioned // is to use a label selector alongside manually created PersistentVolumes. + // +optional VolumeClaimTemplate EmbeddedPersistentVolumeClaim `json:"volumeClaimTemplate,omitempty"` } // QuerySpec defines the query command line flags when starting Prometheus. // +k8s:openapi-gen=true type QuerySpec struct { - // The delta difference allowed for retrieving metrics during expression evaluations. + // lookbackDelta defines the delta difference allowed for retrieving metrics during expression evaluations. // +optional LookbackDelta *string `json:"lookbackDelta,omitempty"` - // Number of concurrent queries that can be run at once. + // maxConcurrency defines the number of concurrent queries that can be run at once. // +kubebuilder:validation:Minimum:=1 // +optional MaxConcurrency *int32 `json:"maxConcurrency,omitempty"` - // Maximum number of samples a single query can load into memory. Note that + // maxSamples defines the maximum number of samples a single query can load into memory. Note that // queries will fail if they would load more samples than this into memory, // so this also limits the number of samples a query can return. // +optional MaxSamples *int32 `json:"maxSamples,omitempty"` - // Maximum time a query may take before being aborted. + // timeout defines the maximum time a query may take before being aborted. // +optional Timeout *Duration `json:"timeout,omitempty"` } @@ -1377,13 +1452,13 @@ type QuerySpec struct { // PrometheusWebSpec defines the configuration of the Prometheus web server. // +k8s:openapi-gen=true type PrometheusWebSpec struct { + // +optional WebConfigFileFields `json:",inline"` - - // The prometheus web page title. + // pageTitle defines the prometheus web page title. // +optional PageTitle *string `json:"pageTitle,omitempty"` - // Defines the maximum number of simultaneous connections + // maxConnections defines the maximum number of simultaneous connections // A zero value means that Prometheus doesn't accept any incoming connection. // +kubebuilder:validation:Minimum:=0 // +optional @@ -1393,7 +1468,7 @@ type PrometheusWebSpec struct { // ThanosSpec defines the configuration of the Thanos sidecar. // +k8s:openapi-gen=true type ThanosSpec struct { - // Container image name for Thanos. If specified, it takes precedence over + // image defines the container image name for Thanos. If specified, it takes precedence over // the `spec.thanos.baseImage`, `spec.thanos.tag` and `spec.thanos.sha` // fields. // @@ -1407,7 +1482,7 @@ type ThanosSpec struct { // +optional Image *string `json:"image,omitempty"` - // Version of Thanos being deployed. The operator uses this information + // version of Thanos being deployed. The operator uses this information // to generate the Prometheus StatefulSet + configuration files. // // If not specified, the operator assumes the latest upstream release of @@ -1416,28 +1491,28 @@ type ThanosSpec struct { // // +optional Version *string `json:"version,omitempty"` - + // tag is deprecated: use 'image' instead. The image's tag can be specified as as part of the image name. // +optional - // Deprecated: use 'image' instead. The image's tag can be specified as as part of the image name. Tag *string `json:"tag,omitempty"` + // sha is deprecated: use 'image' instead. The image digest can be specified as part of the image name. // +optional - // Deprecated: use 'image' instead. The image digest can be specified as part of the image name. SHA *string `json:"sha,omitempty"` + // baseImage is deprecated: use 'image' instead. // +optional - // Deprecated: use 'image' instead. BaseImage *string `json:"baseImage,omitempty"` - // Defines the resources requests and limits of the Thanos sidecar. + // resources defines the resources requests and limits of the Thanos sidecar. + // +optional Resources v1.ResourceRequirements `json:"resources,omitempty"` - // Defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. + // objectStorageConfig defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. // // More info: https://thanos.io/tip/thanos/storage.md/ // // objectStorageConfigFile takes precedence over this field. // +optional ObjectStorageConfig *v1.SecretKeySelector `json:"objectStorageConfig,omitempty"` - // Defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. + // objectStorageConfigFile defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. // // More info: https://thanos.io/tip/thanos/storage.md/ // @@ -1445,22 +1520,25 @@ type ThanosSpec struct { // +optional ObjectStorageConfigFile *string `json:"objectStorageConfigFile,omitempty"` - // Deprecated: use `grpcListenLocal` and `httpListenLocal` instead. + // listenLocal is deprecated: use `grpcListenLocal` and `httpListenLocal` instead. + // +optional ListenLocal bool `json:"listenLocal,omitempty"` - // When true, the Thanos sidecar listens on the loopback interface instead + // grpcListenLocal defines when true, the Thanos sidecar listens on the loopback interface instead // of the Pod IP's address for the gRPC endpoints. // // It has no effect if `listenLocal` is true. + // +optional GRPCListenLocal bool `json:"grpcListenLocal,omitempty"` - // When true, the Thanos sidecar listens on the loopback interface instead + // httpListenLocal when true, the Thanos sidecar listens on the loopback interface instead // of the Pod IP's address for the HTTP endpoints. // // It has no effect if `listenLocal` is true. + // +optional HTTPListenLocal bool `json:"httpListenLocal,omitempty"` - // Defines the tracing configuration for the Thanos sidecar. + // tracingConfig defines the tracing configuration for the Thanos sidecar. // // `tracingConfigFile` takes precedence over this field. // @@ -1471,7 +1549,7 @@ type ThanosSpec struct { // // +optional TracingConfig *v1.SecretKeySelector `json:"tracingConfig,omitempty"` - // Defines the tracing configuration file for the Thanos sidecar. + // tracingConfigFile defines the tracing configuration file for the Thanos sidecar. // // This field takes precedence over `tracingConfig`. // @@ -1479,29 +1557,33 @@ type ThanosSpec struct { // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. + // +optional TracingConfigFile string `json:"tracingConfigFile,omitempty"` - // Configures the TLS parameters for the gRPC server providing the StoreAPI. + // grpcServerTlsConfig defines the TLS parameters for the gRPC server providing the StoreAPI. // // Note: Currently only the `caFile`, `certFile`, and `keyFile` fields are supported. // // +optional GRPCServerTLSConfig *TLSConfig `json:"grpcServerTlsConfig,omitempty"` - // Log level for the Thanos sidecar. + // logLevel for the Thanos sidecar. // +kubebuilder:validation:Enum="";debug;info;warn;error + // +optional LogLevel string `json:"logLevel,omitempty"` - // Log format for the Thanos sidecar. + // logFormat for the Thanos sidecar. // +kubebuilder:validation:Enum="";logfmt;json + // +optional LogFormat string `json:"logFormat,omitempty"` - // Defines the start of time range limit served by the Thanos sidecar's StoreAPI. + // minTime defines the start of time range limit served by the Thanos sidecar's StoreAPI. // The field's value should be a constant time in RFC3339 format or a time // duration relative to current time, such as -1d or 2h45m. Valid duration // units are ms, s, m, h, d, w, y. + // +optional MinTime string `json:"minTime,omitempty"` - // BlockDuration controls the size of TSDB blocks produced by Prometheus. + // blockSize controls the size of TSDB blocks produced by Prometheus. // The default value is 2h to match the upstream Prometheus defaults. // // WARNING: Changing the block duration can impact the performance and @@ -1511,23 +1593,27 @@ type ThanosSpec struct { // example, 30s * 120 = 1h. // // +kubebuilder:default:="2h" + // +optional BlockDuration Duration `json:"blockSize,omitempty"` - // ReadyTimeout is the maximum time that the Thanos sidecar will wait for + // readyTimeout defines the maximum time that the Thanos sidecar will wait for // Prometheus to start. + // +optional ReadyTimeout Duration `json:"readyTimeout,omitempty"` - // How often to retrieve the Prometheus configuration. + // getConfigInterval defines how often to retrieve the Prometheus configuration. + // +optional GetConfigInterval Duration `json:"getConfigInterval,omitempty"` - // Maximum time to wait when retrieving the Prometheus configuration. + // getConfigTimeout defines the maximum time to wait when retrieving the Prometheus configuration. + // +optional GetConfigTimeout Duration `json:"getConfigTimeout,omitempty"` - // VolumeMounts allows configuration of additional VolumeMounts for Thanos. + // volumeMounts allows configuration of additional VolumeMounts for Thanos. // VolumeMounts specified will be appended to other VolumeMounts in the // 'thanos-sidecar' container. // +optional VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // AdditionalArgs allows setting additional arguments for the Thanos container. + // additionalArgs allows setting additional arguments for the Thanos container. // The arguments are passed as-is to the Thanos container which may cause issues // if they are invalid or not supported the given Thanos version. // In case of an argument conflict (e.g. an argument which is already set by the @@ -1541,20 +1627,20 @@ type ThanosSpec struct { // to a remote endpoint. // +k8s:openapi-gen=true type RemoteWriteSpec struct { - // The URL of the endpoint to send samples to. + // url defines the URL of the endpoint to send samples to. // +kubebuilder:validation:MinLength=1 // +required URL string `json:"url"` - // The name of the remote write queue, it must be unique if specified. The + // name of the remote write queue, it must be unique if specified. The // name is used in metrics and logging in order to differentiate queues. // // It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. // - //+optional + // +optional Name *string `json:"name,omitempty"` - // The Remote Write message's version to use when writing to the endpoint. + // messageVersion defines the Remote Write message's version to use when writing to the endpoint. // // `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. // `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -1570,7 +1656,7 @@ type RemoteWriteSpec struct { // +optional MessageVersion *RemoteWriteMessageVersion `json:"messageVersion,omitempty"` - // Enables sending of exemplars over remote write. Note that + // sendExemplars enables sending of exemplars over remote write. Note that // exemplar-storage itself must be enabled using the `spec.enableFeatures` // option for exemplars to be scraped in the first place. // @@ -1579,7 +1665,7 @@ type RemoteWriteSpec struct { // +optional SendExemplars *bool `json:"sendExemplars,omitempty"` - // Enables sending of native histograms, also known as sparse histograms + // sendNativeHistograms enables sending of native histograms, also known as sparse histograms // over remote write. // // It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. @@ -1587,11 +1673,11 @@ type RemoteWriteSpec struct { // +optional SendNativeHistograms *bool `json:"sendNativeHistograms,omitempty"` - // Timeout for requests to the remote write endpoint. + // remoteTimeout defines the timeout for requests to the remote write endpoint. // +optional RemoteTimeout *Duration `json:"remoteTimeout,omitempty"` - // Custom HTTP headers to be sent along with each remote write request. + // headers defines the custom HTTP headers to be sent along with each remote write request. // Be aware that headers that are set by Prometheus itself can't be overwritten. // // It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. @@ -1599,11 +1685,11 @@ type RemoteWriteSpec struct { // +optional Headers map[string]string `json:"headers,omitempty"` - // The list of remote write relabel configurations. + // writeRelabelConfigs defines the list of remote write relabel configurations. // +optional WriteRelabelConfigs []RelabelConfig `json:"writeRelabelConfigs,omitempty"` - // OAuth2 configuration for the URL. + // oauth2 configuration for the URL. // // It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. // @@ -1611,19 +1697,20 @@ type RemoteWriteSpec struct { // +optional OAuth2 *OAuth2 `json:"oauth2,omitempty"` - // BasicAuth configuration for the URL. + // basicAuth configuration for the URL. // // Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. // // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // File from which to read bearer token for the URL. + // bearerTokenFile defines the file from which to read bearer token for the URL. // // Deprecated: this will be removed in a future release. Prefer using `authorization`. + // +optional BearerTokenFile string `json:"bearerTokenFile,omitempty"` - // Authorization section for the URL. + // authorization section for the URL. // // It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. // @@ -1632,7 +1719,7 @@ type RemoteWriteSpec struct { // +optional Authorization *Authorization `json:"authorization,omitempty"` - // Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + // sigv4 defines the AWS's Signature Verification 4 for the URL. // // It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. // @@ -1641,7 +1728,7 @@ type RemoteWriteSpec struct { // +optional Sigv4 *Sigv4 `json:"sigv4,omitempty"` - // AzureAD for the URL. + // azureAd for the URL. // // It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. // @@ -1650,13 +1737,14 @@ type RemoteWriteSpec struct { // +optional AzureAD *AzureAD `json:"azureAd,omitempty"` + // bearerToken is deprecated: this will be removed in a future release. // *Warning: this field shouldn't be used because the token value appears // in clear-text. Prefer using `authorization`.* // - // Deprecated: this will be removed in a future release. + // +optional BearerToken string `json:"bearerToken,omitempty"` - // TLS Config to use for the URL. + // tlsConfig to use for the URL. // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` @@ -1664,35 +1752,37 @@ type RemoteWriteSpec struct { // +optional ProxyConfig `json:",inline"` - // Configure whether HTTP requests follow HTTP 3xx redirects. + // followRedirects defines whether HTTP requests follow HTTP 3xx redirects. // // It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. // // +optional FollowRedirects *bool `json:"followRedirects,omitempty"` - // QueueConfig allows tuning of the remote write queue parameters. + // queueConfig allows tuning of the remote write queue parameters. // +optional QueueConfig *QueueConfig `json:"queueConfig,omitempty"` - // MetadataConfig configures the sending of series metadata to the remote storage. + // metadataConfig defines how to send a series metadata to the remote storage. // +optional MetadataConfig *MetadataConfig `json:"metadataConfig,omitempty"` - // Whether to enable HTTP2. + // enableHTTP2 defines whether to enable HTTP2. // +optional EnableHttp2 *bool `json:"enableHTTP2,omitempty"` + // roundRobinDNS controls the DNS resolution behavior for remote-write connections. // When enabled: - // - The remote-write mechanism will resolve the hostname via DNS. - // - It will randomly select one of the resolved IP addresses and connect to it. + // - The remote-write mechanism will resolve the hostname via DNS. + // - It will randomly select one of the resolved IP addresses and connect to it. // // When disabled (default behavior): - // - The Go standard library will handle hostname resolution. - // - It will attempt connections to each resolved IP address sequentially. + // - The Go standard library will handle hostname resolution. + // - It will attempt connections to each resolved IP address sequentially. // // Note: The connection timeout applies to the entire resolution and connection process. - // If disabled, the timeout is distributed across all connection attempts. + // + // If disabled, the timeout is distributed across all connection attempts. // // It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. // @@ -1714,77 +1804,91 @@ const ( // This object is referenced in the RemoteWriteSpec object. // +k8s:openapi-gen=true type QueueConfig struct { - // Capacity is the number of samples to buffer per shard before we start + // capacity defines the number of samples to buffer per shard before we start // dropping them. + // +optional Capacity int `json:"capacity,omitempty"` - // MinShards is the minimum number of shards, i.e. amount of concurrency. + // minShards defines the minimum number of shards, i.e. amount of concurrency. + // +optional MinShards int `json:"minShards,omitempty"` - // MaxShards is the maximum number of shards, i.e. amount of concurrency. + // maxShards defines the maximum number of shards, i.e. amount of concurrency. + // +optional MaxShards int `json:"maxShards,omitempty"` - // MaxSamplesPerSend is the maximum number of samples per send. + // maxSamplesPerSend defines the maximum number of samples per send. + // +optional MaxSamplesPerSend int `json:"maxSamplesPerSend,omitempty"` - // BatchSendDeadline is the maximum time a sample will wait in buffer. + // batchSendDeadline defines the maximum time a sample will wait in buffer. // +optional BatchSendDeadline *Duration `json:"batchSendDeadline,omitempty"` - // MaxRetries is the maximum number of times to retry a batch on recoverable errors. + // maxRetries defines the maximum number of times to retry a batch on recoverable errors. + // +optional MaxRetries int `json:"maxRetries,omitempty"` - // MinBackoff is the initial retry delay. Gets doubled for every retry. + // minBackoff defines the initial retry delay. Gets doubled for every retry. // +optional MinBackoff *Duration `json:"minBackoff,omitempty"` - // MaxBackoff is the maximum retry delay. + // maxBackoff defines the maximum retry delay. // +optional MaxBackoff *Duration `json:"maxBackoff,omitempty"` - // Retry upon receiving a 429 status code from the remote-write storage. + // retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. + // +optional RetryOnRateLimit bool `json:"retryOnRateLimit,omitempty"` - // SampleAgeLimit drops samples older than the limit. + // sampleAgeLimit drops samples older than the limit. // It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. // // +optional SampleAgeLimit *Duration `json:"sampleAgeLimit,omitempty"` } -// Sigv4 optionally configures AWS's Signature Verification 4 signing process to +// Sigv4 defines AWS's Signature Verification 4 signing process to // sign requests. // +k8s:openapi-gen=true type Sigv4 struct { - // Region is the AWS region. If blank, the region from the default credentials chain used. + // region defines the AWS region. If blank, the region from the default credentials chain used. + // +optional Region string `json:"region,omitempty"` - // AccessKey is the AWS API key. If not specified, the environment variable + // accessKey defines the AWS API key. If not specified, the environment variable // `AWS_ACCESS_KEY_ID` is used. // +optional AccessKey *v1.SecretKeySelector `json:"accessKey,omitempty"` - // SecretKey is the AWS API secret. If not specified, the environment + // secretKey defines the AWS API secret. If not specified, the environment // variable `AWS_SECRET_ACCESS_KEY` is used. // +optional SecretKey *v1.SecretKeySelector `json:"secretKey,omitempty"` - // Profile is the named AWS profile used to authenticate. + // profile defines the named AWS profile used to authenticate. + // +optional Profile string `json:"profile,omitempty"` - // RoleArn is the named AWS profile used to authenticate. + // roleArn defines the named AWS profile used to authenticate. + // +optional RoleArn string `json:"roleArn,omitempty"` + // useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + // It requires Prometheus >= v2.54.0. + // + // +optional + UseFIPSSTSEndpoint *bool `json:"useFIPSSTSEndpoint,omitempty"` } // AzureAD defines the configuration for remote write's azuread parameters. // +k8s:openapi-gen=true type AzureAD struct { - // The Azure Cloud. Options are 'AzurePublic', 'AzureChina', or 'AzureGovernment'. + // cloud defines the Azure Cloud. Options are 'AzurePublic', 'AzureChina', or 'AzureGovernment'. // +kubebuilder:validation:Enum=AzureChina;AzureGovernment;AzurePublic // +optional Cloud *string `json:"cloud,omitempty"` - // ManagedIdentity defines the Azure User-assigned Managed identity. + // managedIdentity defines the Azure User-assigned Managed identity. // Cannot be set at the same time as `oauth` or `sdk`. // +optional ManagedIdentity *ManagedIdentity `json:"managedIdentity,omitempty"` - // OAuth defines the oauth config that is being used to authenticate. + // oauth defines the oauth config that is being used to authenticate. // Cannot be set at the same time as `managedIdentity` or `sdk`. // // It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. // // +optional OAuth *AzureOAuth `json:"oauth,omitempty"` - // SDK defines the Azure SDK config that is being used to authenticate. + // sdk defines the Azure SDK config that is being used to authenticate. // See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication // Cannot be set at the same time as `oauth` or `managedIdentity`. // @@ -1796,14 +1900,14 @@ type AzureAD struct { // AzureOAuth defines the Azure OAuth settings. // +k8s:openapi-gen=true type AzureOAuth struct { - // `clientID` is the clientId of the Azure Active Directory application that is being used to authenticate. + // clientId defines the clientId of the Azure Active Directory application that is being used to authenticate. // +required // +kubebuilder:validation:MinLength=1 ClientID string `json:"clientId"` - // `clientSecret` specifies a key of a Secret containing the client secret of the Azure Active Directory application that is being used to authenticate. + // clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory application that is being used to authenticate. // +required ClientSecret v1.SecretKeySelector `json:"clientSecret"` - // `tenantId` is the tenant ID of the Azure Active Directory application that is being used to authenticate. + // tenantId is the tenant ID of the Azure Active Directory application that is being used to authenticate. // +required // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern:=^[0-9a-zA-Z-.]+$ @@ -1813,14 +1917,14 @@ type AzureOAuth struct { // ManagedIdentity defines the Azure User-assigned Managed identity. // +k8s:openapi-gen=true type ManagedIdentity struct { - // The client id + // clientId defines defines the Azure User-assigned Managed identity. // +required ClientID string `json:"clientId"` } // AzureSDK is used to store azure SDK config values. type AzureSDK struct { - // `tenantId` is the tenant ID of the azure active directory application that is being used to authenticate. + // tenantId defines the tenant ID of the azure active directory application that is being used to authenticate. // +optional // +kubebuilder:validation:Pattern:=^[0-9a-zA-Z-.]+$ TenantID *string `json:"tenantId,omitempty"` @@ -1830,37 +1934,40 @@ type AzureSDK struct { // from a remote endpoint. // +k8s:openapi-gen=true type RemoteReadSpec struct { - // The URL of the endpoint to query from. + // url defines the URL of the endpoint to query from. + // +required URL string `json:"url"` - // The name of the remote read queue, it must be unique if specified. The + // name of the remote read queue, it must be unique if specified. The // name is used in metrics and logging in order to differentiate read // configurations. // // It requires Prometheus >= v2.15.0. // + // +optional Name string `json:"name,omitempty"` - // An optional list of equality matchers which have to be present + // requiredMatchers defines an optional list of equality matchers which have to be present // in a selector to query the remote read endpoint. // +optional RequiredMatchers map[string]string `json:"requiredMatchers,omitempty"` - // Timeout for requests to the remote read endpoint. + // remoteTimeout defines the timeout for requests to the remote read endpoint. // +optional RemoteTimeout *Duration `json:"remoteTimeout,omitempty"` - // Custom HTTP headers to be sent along with each remote read request. + // headers defines the custom HTTP headers to be sent along with each remote read request. // Be aware that headers that are set by Prometheus itself can't be overwritten. // Only valid in Prometheus versions 2.26.0 and newer. // +optional Headers map[string]string `json:"headers,omitempty"` - // Whether reads should be made for queries for time ranges that + // readRecent defines whether reads should be made for queries for time ranges that // the local storage should have complete data for. + // +optional ReadRecent bool `json:"readRecent,omitempty"` - // OAuth2 configuration for the URL. + // oauth2 configuration for the URL. // // It requires Prometheus >= v2.27.0. // @@ -1868,17 +1975,18 @@ type RemoteReadSpec struct { // // +optional OAuth2 *OAuth2 `json:"oauth2,omitempty"` - // BasicAuth configuration for the URL. + // basicAuth configuration for the URL. // // Cannot be set at the same time as `authorization`, or `oauth2`. // // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // File from which to read the bearer token for the URL. + // bearerTokenFile defines the file from which to read the bearer token for the URL. // // Deprecated: this will be removed in a future release. Prefer using `authorization`. + // +optional BearerTokenFile string `json:"bearerTokenFile,omitempty"` - // Authorization section for the URL. + // authorization section for the URL. // // It requires Prometheus >= v2.26.0. // @@ -1887,13 +1995,14 @@ type RemoteReadSpec struct { // +optional Authorization *Authorization `json:"authorization,omitempty"` + // bearerToken is deprecated: this will be removed in a future release. // *Warning: this field shouldn't be used because the token value appears // in clear-text. Prefer using `authorization`.* // - // Deprecated: this will be removed in a future release. + // +optional BearerToken string `json:"bearerToken,omitempty"` - // TLS Config to use for the URL. + // tlsConfig to use for the URL. // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` @@ -1901,14 +2010,14 @@ type RemoteReadSpec struct { // +optional ProxyConfig `json:",inline"` - // Configure whether HTTP requests follow HTTP 3xx redirects. + // followRedirects defines whether HTTP requests follow HTTP 3xx redirects. // // It requires Prometheus >= v2.26.0. // // +optional FollowRedirects *bool `json:"followRedirects,omitempty"` - // Whether to use the external labels as selectors for the remote read endpoint. + // filterExternalLabels defines whether to use the external labels as selectors for the remote read endpoint. // // It requires Prometheus >= v2.34.0. // @@ -1923,41 +2032,45 @@ type RemoteReadSpec struct { // // +k8s:openapi-gen=true type RelabelConfig struct { - // The source labels select values from existing labels. Their content is + // sourceLabels defines the source labels select values from existing labels. Their content is // concatenated using the configured Separator and matched against the // configured regular expression. // // +optional SourceLabels []LabelName `json:"sourceLabels,omitempty"` - // Separator is the string between concatenated SourceLabels. + // separator defines the string between concatenated SourceLabels. + // +optional Separator *string `json:"separator,omitempty"` - // Label to which the resulting string is written in a replacement. + // targetLabel defines the label to which the resulting string is written in a replacement. // // It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, // `KeepEqual` and `DropEqual` actions. // // Regex capture groups are available. + // +optional TargetLabel string `json:"targetLabel,omitempty"` - // Regular expression against which the extracted value is matched. + // regex defines the regular expression against which the extracted value is matched. + // +optional Regex string `json:"regex,omitempty"` - // Modulus to take of the hash of the source label values. + // modulus to take of the hash of the source label values. // // Only applicable when the action is `HashMod`. + // +optional Modulus uint64 `json:"modulus,omitempty"` - // Replacement value against which a Replace action is performed if the + // replacement value against which a Replace action is performed if the // regular expression matches. // // Regex capture groups are available. // - //+optional + // +optional Replacement *string `json:"replacement,omitempty"` - // Action to perform based on the regex matching. + // action to perform based on the regex matching. // // `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. // `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1966,6 +2079,7 @@ type RelabelConfig struct { // // +kubebuilder:validation:Enum=replace;Replace;keep;Keep;drop;Drop;hashmod;HashMod;labelmap;LabelMap;labeldrop;LabelDrop;labelkeep;LabelKeep;lowercase;Lowercase;uppercase;Uppercase;keepequal;KeepEqual;dropequal;DropEqual // +kubebuilder:default=replace + // +optional Action string `json:"action,omitempty"` } @@ -1975,11 +2089,12 @@ type RelabelConfig struct { // // +k8s:openapi-gen=true type APIServerConfig struct { - // Kubernetes API address consisting of a hostname or IP address followed + // host defines the Kubernetes API address consisting of a hostname or IP address followed // by an optional port number. + // +required Host string `json:"host"` - // BasicAuth configuration for the API server. + // basicAuth configuration for the API server. // // Cannot be set at the same time as `authorization`, `bearerToken`, or // `bearerTokenFile`. @@ -1987,19 +2102,20 @@ type APIServerConfig struct { // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // File to read bearer token for accessing apiserver. + // bearerTokenFile defines the file to read bearer token for accessing apiserver. // // Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. // // Deprecated: this will be removed in a future release. Prefer using `authorization`. + // +optional BearerTokenFile string `json:"bearerTokenFile,omitempty"` - // TLS Config to use for the API server. + // tlsConfig to use for the API server. // // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // Authorization section for the API server. + // authorization section for the API server. // // Cannot be set at the same time as `basicAuth`, `bearerToken`, or // `bearerTokenFile`. @@ -2007,10 +2123,11 @@ type APIServerConfig struct { // +optional Authorization *Authorization `json:"authorization,omitempty"` - // *Warning: this field shouldn't be used because the token value appears + // bearerToken is deprecated: this will be removed in a future release. + // *Warning: this field shouldn't be used because the token value appears // in clear-text. Prefer using `authorization`.* // - // Deprecated: this will be removed in a future release. + // +optional BearerToken string `json:"bearerToken,omitempty"` // Optional ProxyConfig. @@ -2030,7 +2147,7 @@ const ( // containing Alertmanager IPs to fire alerts against. // +k8s:openapi-gen=true type AlertmanagerEndpoints struct { - // Namespace of the Endpoints object. + // namespace of the Endpoints object. // // If not set, the object will be discovered in the namespace of the // Prometheus object. @@ -2039,48 +2156,52 @@ type AlertmanagerEndpoints struct { // +optional Namespace *string `json:"namespace,omitempty"` - // Name of the Endpoints object in the namespace. + // name of the Endpoints object in the namespace. // // +kubebuilder:validation:MinLength:=1 // +required Name string `json:"name"` - // Port on which the Alertmanager API is exposed. + // port on which the Alertmanager API is exposed. + // +required Port intstr.IntOrString `json:"port"` - // Scheme to use when firing alerts. + // scheme to use when firing alerts. + // +optional Scheme string `json:"scheme,omitempty"` - // Prefix for the HTTP path alerts are pushed to. + // pathPrefix defines the prefix for the HTTP path alerts are pushed to. + // +optional PathPrefix string `json:"pathPrefix,omitempty"` - // TLS Config to use for Alertmanager. + // tlsConfig to use for Alertmanager. // // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // BasicAuth configuration for Alertmanager. + // basicAuth configuration for Alertmanager. // // Cannot be set at the same time as `bearerTokenFile`, `authorization` or `sigv4`. // // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // File to read bearer token for Alertmanager. + // bearerTokenFile defines the file to read bearer token for Alertmanager. // // Cannot be set at the same time as `basicAuth`, `authorization`, or `sigv4`. // // Deprecated: this will be removed in a future release. Prefer using `authorization`. + // +optional BearerTokenFile string `json:"bearerTokenFile,omitempty"` - // Authorization section for Alertmanager. + // authorization section for Alertmanager. // // Cannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`. // // +optional Authorization *SafeAuthorization `json:"authorization,omitempty"` - // Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + // sigv4 defines AWS's Signature Verification 4 for the URL. // // It requires Prometheus >= v2.48.0. // @@ -2090,31 +2211,32 @@ type AlertmanagerEndpoints struct { Sigv4 *Sigv4 `json:"sigv4,omitempty"` // ProxyConfig + // +optional ProxyConfig `json:",inline"` - // Version of the Alertmanager API that Prometheus uses to send alerts. + // apiVersion defines the version of the Alertmanager API that Prometheus uses to send alerts. // It can be "V1" or "V2". // The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. // // +optional APIVersion *AlertmanagerAPIVersion `json:"apiVersion,omitempty"` - // Timeout is a per-target Alertmanager timeout when pushing alerts. + // timeout defines a per-target Alertmanager timeout when pushing alerts. // // +optional Timeout *Duration `json:"timeout,omitempty"` - // Whether to enable HTTP2. + // enableHttp2 defines whether to enable HTTP2. // // +optional EnableHttp2 *bool `json:"enableHttp2,omitempty"` - // Relabel configuration applied to the discovered Alertmanagers. + // relabelings defines the relabel configuration applied to the discovered Alertmanagers. // // +optional RelabelConfigs []RelabelConfig `json:"relabelings,omitempty"` - // Relabeling configs applied before sending alerts to a specific Alertmanager. + // alertRelabelings defines the relabeling configs applied before sending alerts to a specific Alertmanager. // It requires Prometheus >= v2.51.0. // // +optional @@ -2123,26 +2245,30 @@ type AlertmanagerEndpoints struct { // +k8s:openapi-gen=true type Rules struct { - // Defines the parameters of the Prometheus rules' engine. + // alert defines the parameters of the Prometheus rules' engine. // // Any update to these parameters trigger a restart of the pods. + // +optional Alert RulesAlert `json:"alert,omitempty"` } // +k8s:openapi-gen=true type RulesAlert struct { - // Max time to tolerate prometheus outage for restoring 'for' state of + // forOutageTolerance defines the max time to tolerate prometheus outage for restoring 'for' state of // alert. + // +optional ForOutageTolerance string `json:"forOutageTolerance,omitempty"` - // Minimum duration between alert and restored 'for' state. + // forGracePeriod defines the minimum duration between alert and restored 'for' state. // // This is maintained only for alerts with a configured 'for' time greater // than the grace period. + // +optional ForGracePeriod string `json:"forGracePeriod,omitempty"` - // Minimum amount of time to wait before resending an alert to + // resendDelay defines the minimum amount of time to wait before resending an alert to // Alertmanager. + // +optional ResendDelay string `json:"resendDelay,omitempty"` } @@ -2150,13 +2276,15 @@ type RulesAlert struct { // // +k8s:openapi-gen=true type MetadataConfig struct { - // Defines whether metric metadata is sent to the remote storage or not. + // send defines whether metric metadata is sent to the remote storage or not. + // +optional Send bool `json:"send,omitempty"` - // Defines how frequently metric metadata is sent to the remote storage. + // sendInterval defines how frequently metric metadata is sent to the remote storage. + // +optional SendInterval Duration `json:"sendInterval,omitempty"` - // MaxSamplesPerSend is the maximum number of metadata samples per send. + // maxSamplesPerSend defines the maximum number of metadata samples per send. // // It requires Prometheus >= v2.29.0. // @@ -2166,23 +2294,27 @@ type MetadataConfig struct { } type ShardStatus struct { - // Identifier of the shard. + // shardID defines the identifier of the shard. // +required ShardID string `json:"shardID"` - // Total number of pods targeted by this shard. + // replicas defines the total number of pods targeted by this shard. + // +required Replicas int32 `json:"replicas"` - // Total number of non-terminated pods targeted by this shard + // updatedReplicas defines the total number of non-terminated pods targeted by this shard // that have the desired spec. + // +required UpdatedReplicas int32 `json:"updatedReplicas"` - // Total number of available pods (ready for at least minReadySeconds) + // availableReplicas defines the total number of available pods (ready for at least minReadySeconds) // targeted by this shard. + // +required AvailableReplicas int32 `json:"availableReplicas"` - // Total number of unavailable pods targeted by this shard. + // unavailableReplicas defines the Total number of unavailable pods targeted by this shard. + // +required UnavailableReplicas int32 `json:"unavailableReplicas"` } type TSDBSpec struct { - // Configures how old an out-of-order/out-of-bounds sample can be with + // outOfOrderTimeWindow defines how old an out-of-order/out-of-bounds sample can be with // respect to the TSDB max time. // // An out-of-order/out-of-bounds sample is ingested into the TSDB as long as @@ -2197,7 +2329,7 @@ type TSDBSpec struct { } type Exemplars struct { - // Maximum number of exemplars stored in memory for all series. + // maxSize defines the maximum number of exemplars stored in memory for all series. // // exemplar-storage itself must be enabled using the `spec.enableFeature` // option for exemplars to be scraped in the first place. @@ -2215,14 +2347,16 @@ type Exemplars struct { // // +k8s:openapi-gen=true type SafeAuthorization struct { - // Defines the authentication type. The value is case-insensitive. + // type defines the authentication type. The value is case-insensitive. // // "Basic" is not a supported value. // // Default: "Bearer" + // +optional Type string `json:"type,omitempty"` - // Selects a key of a Secret in the namespace that contains the credentials for authentication. + // credentials defines a key of a Secret in the namespace that contains the credentials for authentication. + // +optional Credentials *v1.SecretKeySelector `json:"credentials,omitempty"` } @@ -2233,20 +2367,22 @@ func (c *SafeAuthorization) Validate() error { } if strings.ToLower(strings.TrimSpace(c.Type)) == "basic" { - return &AuthorizationValidationError{`Authorization type cannot be set to "basic", use "basic_auth" instead`} + return errors.New("authorization type cannot be set to \"basic\", use \"basicAuth\" instead") } if c.Credentials == nil { - return &AuthorizationValidationError{"Authorization credentials are required"} + return errors.New("authorization credentials are required") } return nil } type Authorization struct { + // +optional SafeAuthorization `json:",inline"` - // File to read a secret from, mutually exclusive with `credentials`. + // credentialsFile defines the file to read a secret from, mutually exclusive with `credentials`. + // +optional CredentialsFile string `json:"credentialsFile,omitempty"` } @@ -2257,35 +2393,24 @@ func (c *Authorization) Validate() error { } if c.Credentials != nil && c.CredentialsFile != "" { - return &AuthorizationValidationError{"Authorization can not specify both Credentials and CredentialsFile"} + return errors.New("authorization can not specify both \"credentials\" and \"credentialsFile\"") } if strings.ToLower(strings.TrimSpace(c.Type)) == "basic" { - return &AuthorizationValidationError{"Authorization type cannot be set to \"basic\", use \"basic_auth\" instead"} + return errors.New("authorization type cannot be set to \"basic\", use \"basicAuth\" instead") } return nil } -// AuthorizationValidationError is returned by Authorization.Validate() -// on semantically invalid configurations. -// +k8s:openapi-gen=false -type AuthorizationValidationError struct { - err string -} - -func (e *AuthorizationValidationError) Error() string { - return e.err -} - type ScrapeClass struct { - // Name of the scrape class. + // name of the scrape class. // // +kubebuilder:validation:MinLength=1 // +required Name string `json:"name"` - // Default indicates that the scrape applies to all scrape objects that + // default defines that the scrape applies to all scrape objects that // don't configure an explicit scrape class name. // // Only one scrape class can be set as the default. @@ -2293,14 +2418,14 @@ type ScrapeClass struct { // +optional Default *bool `json:"default,omitempty"` - // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. // It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol // // It requires Prometheus >= v3.0.0. // +optional FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` - // TLSConfig defines the TLS settings to use for the scrape. When the + // tlsConfig defines the TLS settings to use for the scrape. When the // scrape objects define their own CA, certificate and/or key, they take // precedence over the corresponding scrape class fields. // @@ -2309,12 +2434,12 @@ type ScrapeClass struct { // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // Authorization section for the ScrapeClass. + // authorization section for the ScrapeClass. // It will only apply if the scrape resource doesn't specify any Authorization. // +optional Authorization *Authorization `json:"authorization,omitempty"` - // Relabelings configures the relabeling rules to apply to all scrape targets. + // relabelings defines the relabeling rules to apply to all scrape targets. // // The Operator automatically adds relabelings for a few standard Kubernetes fields // like `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. @@ -2326,7 +2451,7 @@ type ScrapeClass struct { // +optional Relabelings []RelabelConfig `json:"relabelings,omitempty"` - // MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. + // metricRelabelings defines the relabeling rules to apply to all samples before ingestion. // // The Operator adds the scrape class metric relabelings defined here. // Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. @@ -2337,7 +2462,7 @@ type ScrapeClass struct { // +optional MetricRelabelings []RelabelConfig `json:"metricRelabelings,omitempty"` - // AttachMetadata configures additional metadata to the discovered targets. + // attachMetadata defines additional metadata to the discovered targets. // When the scrape object defines its own configuration, it takes // precedence over the scrape class configuration. // @@ -2349,8 +2474,9 @@ type ScrapeClass struct { // Supported values are: // * `NoUTF8EscapingWithSuffixes` // * `UnderscoreEscapingWithSuffixes` +// * `UnderscoreEscapingWithoutSuffixes` // * `NoTranslation` -// +kubebuilder:validation:Enum=NoUTF8EscapingWithSuffixes;UnderscoreEscapingWithSuffixes;NoTranslation +// +kubebuilder:validation:Enum=NoUTF8EscapingWithSuffixes;UnderscoreEscapingWithSuffixes;NoTranslation;UnderscoreEscapingWithoutSuffixes type TranslationStrategyOption string const ( @@ -2358,20 +2484,22 @@ const ( UnderscoreEscapingWithSuffixes TranslationStrategyOption = "UnderscoreEscapingWithSuffixes" // It requires Prometheus >= v3.4.0. NoTranslation TranslationStrategyOption = "NoTranslation" + // It requires Prometheus >= v3.6.0. + UnderscoreEscapingWithoutSuffixes TranslationStrategyOption = "UnderscoreEscapingWithoutSuffixes" ) // OTLPConfig is the configuration for writing to the OTLP endpoint. // // +k8s:openapi-gen=true type OTLPConfig struct { - // Promote all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. + // promoteAllResourceAttributes promotes all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. // // Cannot be true when `promoteResourceAttributes` is defined. // It requires Prometheus >= v3.5.0. // +optional PromoteAllResourceAttributes *bool `json:"promoteAllResourceAttributes,omitempty"` - // List of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. + // ignoreResourceAttributes defines the list of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. // // It requires `promoteAllResourceAttributes` to be true. // It requires Prometheus >= v3.5.0. @@ -2381,7 +2509,7 @@ type OTLPConfig struct { // +optional IgnoreResourceAttributes []string `json:"ignoreResourceAttributes,omitempty"` - // List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + // promoteResourceAttributes defines the list of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. // Cannot be defined when `promoteAllResourceAttributes` is true. // // +kubebuilder:validation:MinItems=1 @@ -2390,23 +2518,29 @@ type OTLPConfig struct { // +optional PromoteResourceAttributes []string `json:"promoteResourceAttributes,omitempty"` - // Configures how the OTLP receiver endpoint translates the incoming metrics. + // translationStrategy defines how the OTLP receiver endpoint translates the incoming metrics. // // It requires Prometheus >= v3.0.0. // +optional TranslationStrategy *TranslationStrategyOption `json:"translationStrategy,omitempty"` - // Enables adding `service.name`, `service.namespace` and `service.instance.id` + // keepIdentifyingResourceAttributes enables adding `service.name`, `service.namespace` and `service.instance.id` // resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. // // It requires Prometheus >= v3.1.0. // +optional KeepIdentifyingResourceAttributes *bool `json:"keepIdentifyingResourceAttributes,omitempty"` - // Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. + // convertHistogramsToNHCB defines optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. // It requires Prometheus >= v3.4.0. // +optional ConvertHistogramsToNHCB *bool `json:"convertHistogramsToNHCB,omitempty"` + + // promoteScopeMetadata controls whether to promote OpenTelemetry scope metadata (i.e. name, version, schema URL, and attributes) to metric labels. + // As per the OpenTelemetry specification, the aforementioned scope metadata should be identifying, i.e. made into metric labels. + // It requires Prometheus >= v3.6.0. + // +optional + PromoteScopeMetadata *bool `json:"promoteScopeMetadata,omitempty"` } // Validate semantically validates the given OTLPConfig section. diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go index 28d5d1549..1534ee4ba 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go @@ -29,15 +29,28 @@ const ( // +genclient // +k8s:openapi-gen=true // +kubebuilder:resource:categories="prometheus-operator",shortName="promrule" +// +kubebuilder:subresource:status // The `PrometheusRule` custom resource definition (CRD) defines [alerting](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) and [recording](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) rules to be evaluated by `Prometheus` or `ThanosRuler` objects. // // `Prometheus` and `ThanosRuler` objects select `PrometheusRule` objects using label and namespace selectors. type PrometheusRule struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of desired alerting rule definitions for Prometheus. + // spec defines the specification of desired alerting rule definitions for Prometheus. + // +required Spec PrometheusRuleSpec `json:"spec"` + // status defines the status subresource. It is under active development and is updated only when the + // "StatusForConfigurationResources" feature gate is enabled. + // + // Most recent observed status of the PrometheusRule. Read-only. + // More info: + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional + Status ConfigResourceStatus `json:"status,omitempty,omitzero"` } // DeepCopyObject implements the runtime.Object interface. @@ -48,9 +61,10 @@ func (f *PrometheusRule) DeepCopyObject() runtime.Object { // PrometheusRuleSpec contains specification parameters for a Rule. // +k8s:openapi-gen=true type PrometheusRuleSpec struct { - // Content of Prometheus rule file + // groups defines the content of Prometheus rule file // +listType=map // +listMapKey=name + // +optional Groups []RuleGroup `json:"groups,omitempty"` } @@ -60,34 +74,38 @@ type PrometheusRuleSpec struct { // RuleGroup is a list of sequentially evaluated recording and alerting rules. // +k8s:openapi-gen=true type RuleGroup struct { - // Name of the rule group. + // name defines the name of the rule group. // +kubebuilder:validation:MinLength=1 + // +required Name string `json:"name"` - // Labels to add or overwrite before storing the result for its rules. + // labels define the labels to add or overwrite before storing the result for its rules. // The labels defined at the rule level take precedence. // // It requires Prometheus >= 3.0.0. // The field is ignored for Thanos Ruler. // +optional Labels map[string]string `json:"labels,omitempty"` - // Interval determines how often rules in the group are evaluated. + // interval defines how often rules in the group are evaluated. // +optional Interval *Duration `json:"interval,omitempty"` - // Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + // query_offset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. // // It requires Prometheus >= v2.53.0. // It is not supported for ThanosRuler. // +optional + //nolint:kubeapilinter // The json tag doesn't meet the conventions to be compatible with Prometheus format. QueryOffset *Duration `json:"query_offset,omitempty"` - // List of alerting and recording rules. + // rules defines the list of alerting and recording rules. // +optional Rules []Rule `json:"rules,omitempty"` - // PartialResponseStrategy is only used by ThanosRuler and will + // partial_response_strategy is only used by ThanosRuler and will // be ignored by Prometheus instances. // More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response // +kubebuilder:validation:Pattern="^(?i)(abort|warn)?$" + // +optional + //nolint:kubeapilinter // The json tag doesn't meet the conventions to be compatible with Prometheus format. PartialResponseStrategy string `json:"partial_response_strategy,omitempty"` - // Limit the number of alerts an alerting rule and series a recording + // limit defines the number of alerts an alerting rule and series a recording // rule can produce. // Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24. // +optional @@ -97,36 +115,45 @@ type RuleGroup struct { // Rule describes an alerting or recording rule // See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules) rule // +k8s:openapi-gen=true +// +kubebuilder:validation:OneOf=Record,Alert type Rule struct { - // Name of the time series to output to. Must be a valid metric name. + // record defines the name of the time series to output to. Must be a valid metric name. // Only one of `record` and `alert` must be set. + // +optional Record string `json:"record,omitempty"` - // Name of the alert. Must be a valid label value. + // alert defines the name of the alert. Must be a valid label value. // Only one of `record` and `alert` must be set. + // +optional Alert string `json:"alert,omitempty"` - // PromQL expression to evaluate. + // expr defines the PromQL expression to evaluate. + // +required Expr intstr.IntOrString `json:"expr"` - // Alerts are considered firing once they have been returned for this long. + // for defines how alerts are considered firing once they have been returned for this long. // +optional For *Duration `json:"for,omitempty"` - // KeepFiringFor defines how long an alert will continue firing after the condition that triggered it has cleared. + // keep_firing_for defines how long an alert will continue firing after the condition that triggered it has cleared. // +optional + //nolint:kubeapilinter // The json tag doesn't meet the conventions to be compatible with Prometheus format. KeepFiringFor *NonEmptyDuration `json:"keep_firing_for,omitempty"` - // Labels to add or overwrite. + // labels defines labels to add or overwrite. + // +optional Labels map[string]string `json:"labels,omitempty"` - // Annotations to add to each alert. + // annotations defines annotations to add to each alert. // Only valid for alerting rules. + // +optional Annotations map[string]string `json:"annotations,omitempty"` } // PrometheusRuleList is a list of PrometheusRules. // +k8s:openapi-gen=true type PrometheusRuleList struct { + // TypeMeta defines the versioned schema of this representation of an object. metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. + // +optional metav1.ListMeta `json:"metadata,omitempty"` // List of Rules + // +required Items []PrometheusRule `json:"items"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go index 250c4cdde..90bcd7997 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go @@ -39,19 +39,23 @@ const ( // // `Prometheus` and `PrometheusAgent` objects select `ServiceMonitor` objects using label and namespace selectors. type ServiceMonitor struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of desired Service selection for target discovery by + // spec defines the specification of desired Service selection for target discovery by // Prometheus. + // +required Spec ServiceMonitorSpec `json:"spec"` - // This Status subresource is under active development and is updated only when the + // status defines the status subresource. It is under active development and is updated only when the // "StatusForConfigurationResources" feature gate is enabled. // // Most recent observed status of the ServiceMonitor. Read-only. // More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +optional - Status ConfigResourceStatus `json:"status,omitempty"` + Status ConfigResourceStatus `json:"status,omitempty,omitzero"` } // DeepCopyObject implements the runtime.Object interface. @@ -59,10 +63,14 @@ func (l *ServiceMonitor) DeepCopyObject() runtime.Object { return l.DeepCopy() } +func (l *ServiceMonitor) Bindings() []WorkloadBinding { + return l.Status.Bindings +} + // ServiceMonitorSpec defines the specification parameters for a ServiceMonitor. // +k8s:openapi-gen=true type ServiceMonitorSpec struct { - // `jobLabel` selects the label from the associated Kubernetes `Service` + // jobLabel selects the label from the associated Kubernetes `Service` // object which will be used as the `job` label for all metrics. // // For example if `jobLabel` is set to `foo` and the Kubernetes `Service` @@ -72,28 +80,31 @@ type ServiceMonitorSpec struct { // If the value of this field is empty or if the label doesn't exist for // the given Service, the `job` label of the metrics defaults to the name // of the associated Kubernetes `Service`. + // +optional JobLabel string `json:"jobLabel,omitempty"` - // `targetLabels` defines the labels which are transferred from the + // targetLabels defines the labels which are transferred from the // associated Kubernetes `Service` object onto the ingested metrics. // // +optional TargetLabels []string `json:"targetLabels,omitempty"` - // `podTargetLabels` defines the labels which are transferred from the + // podTargetLabels defines the labels which are transferred from the // associated Kubernetes `Pod` object onto the ingested metrics. // // +optional PodTargetLabels []string `json:"podTargetLabels,omitempty"` - // List of endpoints part of this ServiceMonitor. + // endpoints defines the list of endpoints part of this ServiceMonitor. // Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. // In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. + // +required Endpoints []Endpoint `json:"endpoints"` - // Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. + // selector defines the label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. + // +required Selector metav1.LabelSelector `json:"selector"` - // Mechanism used to select the endpoints to scrape. + // selectorMechanism defines the mechanism used to select the endpoints to scrape. // By default, the selection process relies on relabel configurations to filter the discovered targets. // Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. // Which strategy is best for your use case needs to be carefully evaluated. @@ -103,17 +114,18 @@ type ServiceMonitorSpec struct { // +optional SelectorMechanism *SelectorMechanism `json:"selectorMechanism,omitempty"` - // `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. + // namespaceSelector defines in which namespace(s) Prometheus should discover the services. // By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. + // +optional NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` - // `sampleLimit` defines a per-scrape limit on the number of scraped samples + // sampleLimit defines a per-scrape limit on the number of scraped samples // that will be accepted. // // +optional SampleLimit *uint64 `json:"sampleLimit,omitempty"` - // `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + // scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the // protocols supported by Prometheus in order of preference (from most to least preferred). // // If unset, Prometheus uses its default value. @@ -124,40 +136,41 @@ type ServiceMonitorSpec struct { // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` - // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. // // It requires Prometheus >= v3.0.0. // +optional FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` - // `targetLimit` defines a limit on the number of scraped targets that will + // targetLimit defines a limit on the number of scraped targets that will // be accepted. // // +optional TargetLimit *uint64 `json:"targetLimit,omitempty"` - // Per-scrape limit on number of labels that will be accepted for a sample. + // labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // // +optional LabelLimit *uint64 `json:"labelLimit,omitempty"` - // Per-scrape limit on length of labels name that will be accepted for a sample. + // labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // // +optional LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"` - // Per-scrape limit on length of labels value that will be accepted for a sample. + // labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. // // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + // +optional NativeHistogramConfig `json:",inline"` - // Per-scrape limit on the number of targets dropped by relabeling + // keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // // It requires Prometheus >= v2.47.0. @@ -165,7 +178,7 @@ type ServiceMonitorSpec struct { // +optional KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"` - // `attachMetadata` defines additional metadata which is added to the + // attachMetadata defines additional metadata which is added to the // discovered targets. // // It requires Prometheus >= v2.37.0. @@ -173,28 +186,39 @@ type ServiceMonitorSpec struct { // +optional AttachMetadata *AttachMetadata `json:"attachMetadata,omitempty"` - // The scrape class to apply. + // scrapeClass defines the scrape class to apply. // +optional // +kubebuilder:validation:MinLength=1 ScrapeClassName *string `json:"scrapeClass,omitempty"` - // When defined, bodySizeLimit specifies a job level limit on the size + // bodySizeLimit when defined, bodySizeLimit specifies a job level limit on the size // of uncompressed response body that will be accepted by Prometheus. // // It requires Prometheus >= v2.28.0. // // +optional BodySizeLimit *ByteSize `json:"bodySizeLimit,omitempty"` + + // serviceDiscoveryRole defines the service discovery role used to discover targets. + // + // If set, the value should be either "Endpoints" or "EndpointSlice". + // Otherwise it defaults to the value defined in the + // Prometheus/PrometheusAgent resource. + // + // +optional + ServiceDiscoveryRole *ServiceDiscoveryRole `json:"serviceDiscoveryRole,omitempty"` } // ServiceMonitorList is a list of ServiceMonitors. // +k8s:openapi-gen=true type ServiceMonitorList struct { + // TypeMeta defines the versioned schema of this representation of an object metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. + // +optional metav1.ListMeta `json:"metadata,omitempty"` // List of ServiceMonitors + // +required Items []ServiceMonitor `json:"items"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go index aaeea88d6..434664c23 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go @@ -44,25 +44,32 @@ const ( // // The resource defines via label and namespace selectors which `PrometheusRule` objects should be associated to the deployed Thanos Ruler instances. type ThanosRuler struct { - metav1.TypeMeta `json:",inline"` + // TypeMeta defines the versioned schema of this representation of an object. + metav1.TypeMeta `json:",inline"` + // metadata defines ObjectMeta as the metadata that all persisted resources. + // +optional metav1.ObjectMeta `json:"metadata,omitempty"` - // Specification of the desired behavior of the ThanosRuler cluster. More info: + // spec defines the specification of the desired behavior of the ThanosRuler cluster. More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +required Spec ThanosRulerSpec `json:"spec"` - // Most recent observed status of the ThanosRuler cluster. Read-only. + // status defines the most recent observed status of the ThanosRuler cluster. Read-only. // More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + // +optional Status ThanosRulerStatus `json:"status,omitempty"` } // ThanosRulerList is a list of ThanosRulers. // +k8s:openapi-gen=true type ThanosRulerList struct { + // TypeMeta defines the versioned schema of this representation of an object. metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + // metadata defines ListMeta as metadata for collection responses. + // +optional metav1.ListMeta `json:"metadata,omitempty"` // List of Prometheuses + // +required Items []ThanosRuler `json:"items"` } @@ -70,11 +77,11 @@ type ThanosRulerList struct { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type ThanosRulerSpec struct { - // Version of Thanos to be deployed. + // version of Thanos to be deployed. // +optional Version *string `json:"version,omitempty"` - // PodMetadata configures labels and annotations which are propagated to the ThanosRuler pods. + // podMetadata defines labels and annotations which are propagated to the ThanosRuler pods. // // The following items are reserved and cannot be overridden: // * "app.kubernetes.io/name" label, set to "thanos-ruler". @@ -85,70 +92,75 @@ type ThanosRulerSpec struct { // +optional PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` - // Thanos container image URL. + // image defines Thanos container image URL. + // +optional Image string `json:"image,omitempty"` - // Image pull policy for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. + // imagePullPolicy defines for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. // See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. // +kubebuilder:validation:Enum="";Always;Never;IfNotPresent + // +optional ImagePullPolicy v1.PullPolicy `json:"imagePullPolicy,omitempty"` - // An optional list of references to secrets in the same namespace + // imagePullSecrets defines an optional list of references to secrets in the same namespace // to use for pulling thanos images from registries // see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod // +optional ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` - // When a ThanosRuler deployment is paused, no actions except for deletion + // paused defines when a ThanosRuler deployment is paused, no actions except for deletion // will be performed on the underlying objects. + // +optional Paused bool `json:"paused,omitempty"` - // Number of thanos ruler instances to deploy. + // replicas defines the number of thanos ruler instances to deploy. // +optional Replicas *int32 `json:"replicas,omitempty"` - // Define which Nodes the Pods are scheduled on. + // nodeSelector defines which Nodes the Pods are scheduled on. // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` - // Resources defines the resource requirements for single Pods. + // resources defines the resource requirements for single Pods. // If not provided, no requests/limits will be set + // +optional Resources v1.ResourceRequirements `json:"resources,omitempty"` - // If specified, the pod's scheduling constraints. + // affinity defines when specified, the pod's scheduling constraints. // +optional Affinity *v1.Affinity `json:"affinity,omitempty"` - // If specified, the pod's tolerations. + // tolerations defines when specified, the pod's tolerations. // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` - // If specified, the pod's topology spread constraints. + // topologySpreadConstraints defines the pod's topology spread constraints. // +optional TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` - // SecurityContext holds pod-level security attributes and common container settings. + // securityContext defines the pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. // +optional SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` - // Defines the DNS policy for the pods. + // dnsPolicy defines the DNS policy for the pods. // // +optional DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` - // Defines the DNS configuration for the pods. + // dnsConfig defines Defines the DNS configuration for the pods. // // +optional DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` - // Indicates whether information about services should be injected into pod's environment variables + // enableServiceLinks defines whether information about services should be injected into pod's environment variables // +optional EnableServiceLinks *bool `json:"enableServiceLinks,omitempty"` - // Priority class assigned to the Pods + // priorityClassName defines the priority class assigned to the Pods + // +optional PriorityClassName string `json:"priorityClassName,omitempty"` - // The name of the service name used by the underlying StatefulSet(s) as the governing service. + // serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. // If defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels. // If empty, the operator will create and manage a headless service named `thanos-ruler-operated` for ThanosRuler resources. // When deploying multiple ThanosRuler resources in the same namespace, it is recommended to specify a different value for each. @@ -157,27 +169,26 @@ type ThanosRulerSpec struct { // +kubebuilder:validation:MinLength=1 ServiceName *string `json:"serviceName,omitempty"` - // ServiceAccountName is the name of the ServiceAccount to use to run the + // serviceAccountName defines the name of the ServiceAccount to use to run the // Thanos Ruler Pods. + // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` - // Storage spec to specify how storage shall be used. + // storage defines the specification of how storage shall be used. // +optional Storage *StorageSpec `json:"storage,omitempty"` - // Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will + // volumes defines how configuration of additional volumes on the output StatefulSet definition. Volumes specified will // be appended to other volumes that are generated as a result of StorageSpec objects. // +optional Volumes []v1.Volume `json:"volumes,omitempty"` - // VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + // volumeMounts defines how the configuration of additional VolumeMounts on the output StatefulSet definition. // VolumeMounts specified will be appended to other VolumeMounts in the ruler container, // that are generated as a result of StorageSpec objects. // +optional VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // Configures object storage. - // - // The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + // objectStorageConfig defines the configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage // // The operator performs no validation of the configuration. // @@ -185,7 +196,7 @@ type ThanosRulerSpec struct { // // +optional ObjectStorageConfig *v1.SecretKeySelector `json:"objectStorageConfig,omitempty"` - // Configures the path of the object storage configuration file. + // objectStorageConfigFile defines the path of the object storage configuration file. // // The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage // @@ -196,11 +207,12 @@ type ThanosRulerSpec struct { // +optional ObjectStorageConfigFile *string `json:"objectStorageConfigFile,omitempty"` - // ListenLocal makes the Thanos ruler listen on loopback, so that it + // listenLocal defines the Thanos ruler listen on loopback, so that it // does not bind against the Pod IP. + // +optional ListenLocal bool `json:"listenLocal,omitempty"` - // Configures the list of Thanos Query endpoints from which to query metrics. + // queryEndpoints defines the list of Thanos Query endpoints from which to query metrics. // // For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. // @@ -209,7 +221,7 @@ type ThanosRulerSpec struct { // +optional QueryEndpoints []string `json:"queryEndpoints,omitempty"` - // Configures the list of Thanos Query endpoints from which to query metrics. + // queryConfig defines the list of Thanos Query endpoints from which to query metrics. // // The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api // @@ -222,7 +234,7 @@ type ThanosRulerSpec struct { // +optional QueryConfig *v1.SecretKeySelector `json:"queryConfig,omitempty"` - // Configures the list of Alertmanager endpoints to send alerts to. + // alertmanagersUrl defines the list of Alertmanager endpoints to send alerts to. // // For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. // @@ -230,7 +242,7 @@ type ThanosRulerSpec struct { // // +optional AlertManagersURL []string `json:"alertmanagersUrl,omitempty"` - // Configures the list of Alertmanager endpoints to send alerts to. + // alertmanagersConfig defines the list of Alertmanager endpoints to send alerts to. // // The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. // @@ -243,79 +255,84 @@ type ThanosRulerSpec struct { // +optional AlertManagersConfig *v1.SecretKeySelector `json:"alertmanagersConfig,omitempty"` - // PrometheusRule objects to be selected for rule evaluation. An empty + // ruleSelector defines the PrometheusRule objects to be selected for rule evaluation. An empty // label selector matches all objects. A null label selector matches no // objects. // // +optional RuleSelector *metav1.LabelSelector `json:"ruleSelector,omitempty"` - // Namespaces to be selected for Rules discovery. If unspecified, only + // ruleNamespaceSelector defines the namespaces to be selected for Rules discovery. If unspecified, only // the same namespace as the ThanosRuler object is in is used. // // +optional RuleNamespaceSelector *metav1.LabelSelector `json:"ruleNamespaceSelector,omitempty"` - // EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + // enforcedNamespaceLabel enforces adding a namespace label of origin for each alert // and metric that is user created. The label value will always be the namespace of the object that is // being created. + // +optional EnforcedNamespaceLabel string `json:"enforcedNamespaceLabel,omitempty"` - // List of references to PrometheusRule objects + // excludedFromEnforcement defines the list of references to PrometheusRule objects // to be excluded from enforcing a namespace label of origin. // Applies only if enforcedNamespaceLabel set to true. // +optional ExcludedFromEnforcement []ObjectReference `json:"excludedFromEnforcement,omitempty"` - // PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing + // prometheusRulesExcludedFromEnforce defines a list of Prometheus rules to be excluded from enforcing // of adding namespace labels. Works only if enforcedNamespaceLabel set to true. // Make sure both ruleNamespace and ruleName are set for each pair // Deprecated: use excludedFromEnforcement instead. // +optional PrometheusRulesExcludedFromEnforce []PrometheusRuleExcludeConfig `json:"prometheusRulesExcludedFromEnforce,omitempty"` - // Log level for ThanosRuler to be configured with. + // logLevel for ThanosRuler to be configured with. // +kubebuilder:validation:Enum="";debug;info;warn;error + // +optional LogLevel string `json:"logLevel,omitempty"` - // Log format for ThanosRuler to be configured with. + // logFormat for ThanosRuler to be configured with. // +kubebuilder:validation:Enum="";logfmt;json + // +optional LogFormat string `json:"logFormat,omitempty"` - // Port name used for the pods and governing service. + // portName defines the port name used for the pods and governing service. // Defaults to `web`. // +kubebuilder:default:="web" + // +optional PortName string `json:"portName,omitempty"` - // Interval between consecutive evaluations. + // evaluationInterval defines the interval between consecutive evaluations. // +kubebuilder:default:="15s" + // +optional EvaluationInterval Duration `json:"evaluationInterval,omitempty"` - // Minimum amount of time to wait before resending an alert to Alertmanager. + // resendDelay defines the minimum amount of time to wait before resending an alert to Alertmanager. // +optional ResendDelay *Duration `json:"resendDelay,omitempty"` - // Max time to tolerate prometheus outage for restoring "for" state of alert. + // ruleOutageTolerance defines the max time to tolerate prometheus outage for restoring "for" state of alert. // It requires Thanos >= v0.30.0. // +optional RuleOutageTolerance *Duration `json:"ruleOutageTolerance,omitempty"` - // The default rule group's query offset duration to use. + // ruleQueryOffset defines the default rule group's query offset duration to use. // It requires Thanos >= v0.38.0. // +optional RuleQueryOffset *Duration `json:"ruleQueryOffset,omitempty"` - // How many rules can be evaluated concurrently. + // ruleConcurrentEval defines how many rules can be evaluated concurrently. // It requires Thanos >= v0.37.0. // +kubebuilder:validation:Minimum=1 // // +optional RuleConcurrentEval *int32 `json:"ruleConcurrentEval,omitempty"` - // Minimum duration between alert and restored "for" state. + // ruleGracePeriod defines the minimum duration between alert and restored "for" state. // This is maintained only for alerts with configured "for" time greater than grace period. // It requires Thanos >= v0.30.0. // // +optional RuleGracePeriod *Duration `json:"ruleGracePeriod,omitempty"` - // Time duration ThanosRuler shall retain data for. Default is '24h', and + // retention defines the time duration ThanosRuler shall retain data for. Default is '24h', and // must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds // seconds minutes hours days weeks years). // @@ -323,9 +340,10 @@ type ThanosRulerSpec struct { // operates in stateless mode. // // +kubebuilder:default:="24h" + // +optional Retention Duration `json:"retention,omitempty"` - // Containers allows injecting additional containers or modifying operator generated + // containers allows injecting additional containers or modifying operator generated // containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or // to change the behavior of an operator generated container. Containers described here modify // an operator generated container if they share the same name and modifications are done via a @@ -334,7 +352,7 @@ type ThanosRulerSpec struct { // so, you accept that this behaviour may break at any time without notice. // +optional Containers []v1.Container `json:"containers,omitempty"` - // InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + // initContainers allows adding initContainers to the pod definition. Those can be used to e.g. // fetch secrets for injection into the ThanosRuler configuration from external sources. Any // errors during the execution of an initContainer will lead to a restart of the Pod. // More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ @@ -344,7 +362,7 @@ type ThanosRulerSpec struct { // +optional InitContainers []v1.Container `json:"initContainers,omitempty"` - // Configures tracing. + // tracingConfig defines the tracing configuration. // // The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration // @@ -355,9 +373,9 @@ type ThanosRulerSpec struct { // // `tracingConfigFile` takes precedence over this field. // - //+optional + // +optional TracingConfig *v1.SecretKeySelector `json:"tracingConfig,omitempty"` - // Configures the path of the tracing configuration file. + // tracingConfigFile defines the path of the tracing configuration file. // // The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration // @@ -368,10 +386,10 @@ type ThanosRulerSpec struct { // // This field takes precedence over `tracingConfig`. // - //+optional + // +optional TracingConfigFile string `json:"tracingConfigFile,omitempty"` - // Configures the external label pairs of the ThanosRuler resource. + // labels defines the external label pairs of the ThanosRuler resource. // // A default replica label `thanos_ruler_replica` will be always added as a // label with the value of the pod's name. @@ -379,7 +397,7 @@ type ThanosRulerSpec struct { // +optional Labels map[string]string `json:"labels,omitempty"` - // Configures the label names which should be dropped in Thanos Ruler + // alertDropLabels defines the label names which should be dropped in Thanos Ruler // alerts. // // The replica label `thanos_ruler_replica` will always be dropped from the alerts. @@ -387,26 +405,29 @@ type ThanosRulerSpec struct { // +optional AlertDropLabels []string `json:"alertDropLabels,omitempty"` - // The external URL the Thanos Ruler instances will be available under. This is + // externalPrefix defines the Thanos Ruler instances will be available under. This is // necessary to generate correct URLs. This is necessary if Thanos Ruler is not // served from root of a DNS name. + // +optional ExternalPrefix string `json:"externalPrefix,omitempty"` - // The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path. + // routePrefix defines the route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path. + // +optional RoutePrefix string `json:"routePrefix,omitempty"` - // GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads + // grpcServerTlsConfig defines the gRPC server from which Thanos Querier reads // recorded rule data. // Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. // Maps to the '--grpc-server-tls-*' CLI args. // +optional GRPCServerTLSConfig *TLSConfig `json:"grpcServerTlsConfig,omitempty"` - // The external Query URL the Thanos Ruler will set in the 'Source' field + // alertQueryUrl defines how Thanos Ruler will set in the 'Source' field // of all alerts. // Maps to the '--alert.query-url' CLI arg. + // +optional AlertQueryURL string `json:"alertQueryUrl,omitempty"` - // Minimum number of seconds for which a newly created pod should be ready + // minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready // without any of its container crashing for it to be considered available. // // If unset, pods will be considered available as soon as they are ready. @@ -415,7 +436,7 @@ type ThanosRulerSpec struct { // +optional MinReadySeconds *int32 `json:"minReadySeconds,omitempty"` - // Configures alert relabeling in Thanos Ruler. + // alertRelabelConfigs defines the alert relabeling in Thanos Ruler. // // Alert relabel configuration must have the form as specified in the // official Prometheus documentation: @@ -427,7 +448,7 @@ type ThanosRulerSpec struct { // // +optional AlertRelabelConfigs *v1.SecretKeySelector `json:"alertRelabelConfigs,omitempty"` - // Configures the path to the alert relabeling configuration file. + // alertRelabelConfigFile defines the path to the alert relabeling configuration file. // // Alert relabel configuration must have the form as specified in the // official Prometheus documentation: @@ -440,12 +461,13 @@ type ThanosRulerSpec struct { // +optional AlertRelabelConfigFile *string `json:"alertRelabelConfigFile,omitempty"` - // Pods' hostAliases configuration + // hostAliases defines pods' hostAliases configuration // +listType=map // +listMapKey=ip + // +optional HostAliases []HostAlias `json:"hostAliases,omitempty"` - // AdditionalArgs allows setting additional arguments for the ThanosRuler container. + // additionalArgs defines how to add additional arguments for the ThanosRuler container. // It is intended for e.g. activating hidden flags which are not supported by // the dedicated configuration options yet. The arguments are passed as-is to the // ThanosRuler container which may cause issues if they are invalid or not supported @@ -456,11 +478,11 @@ type ThanosRulerSpec struct { // +optional AdditionalArgs []Argument `json:"additionalArgs,omitempty"` - // Defines the configuration of the ThanosRuler web server. + // web defines the configuration of the ThanosRuler web server. // +optional Web *ThanosRulerWebSpec `json:"web,omitempty"` - // Defines the list of remote write configurations. + // remoteWrite defines the list of remote write configurations. // // When the list isn't empty, the ruler is configured with stateless mode. // @@ -469,7 +491,7 @@ type ThanosRulerSpec struct { // +optional RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` - // Optional duration in seconds the pod needs to terminate gracefully. + // terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. // Value must be non-negative integer. The value zero indicates stop immediately via // the kill signal (no opportunity to shut down) which may lead to data corruption. // @@ -479,7 +501,7 @@ type ThanosRulerSpec struct { // +optional TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` - // Enable access to Thanos Ruler feature flags. By default, no features are enabled. + // enableFeatures defines how to setup Thanos Ruler feature flags. By default, no features are enabled. // // Enabling features which are disabled by default is entirely outside the // scope of what the maintainers will support and by doing so, you accept @@ -492,7 +514,7 @@ type ThanosRulerSpec struct { // +optional EnableFeatures []EnableFeature `json:"enableFeatures,omitempty"` - // HostUsers supports the user space in Kubernetes. + // hostUsers supports the user space in Kubernetes. // // More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ // @@ -507,6 +529,7 @@ type ThanosRulerSpec struct { // ThanosRulerWebSpec defines the configuration of the ThanosRuler web server. // +k8s:openapi-gen=true type ThanosRulerWebSpec struct { + // +optional WebConfigFileFields `json:",inline"` } @@ -515,21 +538,26 @@ type ThanosRulerWebSpec struct { // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type ThanosRulerStatus struct { - // Represents whether any actions on the underlying managed objects are + // paused defines whether any actions on the underlying managed objects are // being performed. Only delete actions will be performed. + // +optional Paused bool `json:"paused"` - // Total number of non-terminated pods targeted by this ThanosRuler deployment + // replicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment // (their labels match the selector). + // +optional Replicas int32 `json:"replicas"` - // Total number of non-terminated pods targeted by this ThanosRuler deployment + // updatedReplicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment // that have the desired version spec. + // +optional UpdatedReplicas int32 `json:"updatedReplicas"` - // Total number of available pods (ready for at least minReadySeconds) + // availableReplicas defines the total number of available pods (ready for at least minReadySeconds) // targeted by this ThanosRuler deployment. + // +optional AvailableReplicas int32 `json:"availableReplicas"` - // Total number of unavailable pods targeted by this ThanosRuler deployment. + // unavailableReplicas defines the total number of unavailable pods targeted by this ThanosRuler deployment. + // +optional UnavailableReplicas int32 `json:"unavailableReplicas"` - // The current state of the ThanosRuler object. + // conditions defines the current state of the ThanosRuler object. // +listType=map // +listMapKey=type // +optional diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go index 09182a883..eb110df7e 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go @@ -72,11 +72,11 @@ type GoDuration string // HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the // pod's hosts file. type HostAlias struct { - // IP address of the host file entry. - // +kubebuilder:validation:Required + // ip defines the IP address of the host file entry. + // +required IP string `json:"ip"` - // Hostnames for the above IP address. - // +kubebuilder:validation:Required + // hostnames defines hostnames for the above IP address. + // +required Hostnames []string `json:"hostnames"` } @@ -84,31 +84,33 @@ type HostAlias struct { // PrometheusRule names and their namespaces to be ignored while enforcing // namespace label for alerts and metrics. type PrometheusRuleExcludeConfig struct { - // Namespace of the excluded PrometheusRule object. + // ruleNamespace defines the namespace of the excluded PrometheusRule object. + // +required RuleNamespace string `json:"ruleNamespace"` - // Name of the excluded PrometheusRule object. + // ruleName defines the name of the excluded PrometheusRule object. + // +required RuleName string `json:"ruleName"` } type ProxyConfig struct { - // `proxyURL` defines the HTTP proxy server to use. + // proxyUrl defines the HTTP proxy server to use. // // +kubebuilder:validation:Pattern:="^(http|https|socks5)://.+$" // +optional ProxyURL *string `json:"proxyUrl,omitempty"` - // `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + // noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names // that should be excluded from proxying. IP and domain names can // contain port numbers. // // It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. // +optional NoProxy *string `json:"noProxy,omitempty"` - // Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + // proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). // // It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. // +optional ProxyFromEnvironment *bool `json:"proxyFromEnvironment,omitempty"` - // ProxyConnectHeader optionally specifies headers to send to + // proxyConnectHeader optionally specifies headers to send to // proxies during CONNECT requests. // // It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -168,21 +170,21 @@ func (pc *ProxyConfig) Validate() error { // ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object. type ObjectReference struct { - // Group of the referent. When not specified, it defaults to `monitoring.coreos.com` + // group of the referent. When not specified, it defaults to `monitoring.coreos.com` // +optional // +kubebuilder:default:="monitoring.coreos.com" // +kubebuilder:validation:Enum=monitoring.coreos.com Group string `json:"group"` - // Resource of the referent. - // +kubebuilder:validation:Required + // resource of the referent. + // +required // +kubebuilder:validation:Enum=prometheusrules;servicemonitors;podmonitors;probes;scrapeconfigs Resource string `json:"resource"` - // Namespace of the referent. + // namespace of the referent. // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - // +kubebuilder:validation:Required + // +required // +kubebuilder:validation:MinLength=1 Namespace string `json:"namespace"` - // Name of the referent. When not set, all resources in the namespace are matched. + // name of the referent. When not set, all resources in the namespace are matched. // +optional Name string `json:"name,omitempty"` } @@ -219,6 +221,12 @@ func (obj *ObjectReference) getGroup() string { // request by Prometheus to a malicious target. Denying the above would prevent the // attack, users can instead use the BearerTokenSecret field. type ArbitraryFSAccessThroughSMsConfig struct { + // deny prevents service monitors from accessing arbitrary files on the file system. + // When true, service monitors cannot use file-based configurations like BearerTokenFile + // that could potentially access sensitive files. When false (default), such access is allowed. + // Setting this to true enhances security by preventing potential credential theft attacks. + // + // +optional Deny bool `json:"deny,omitempty"` } @@ -226,26 +234,27 @@ type ArbitraryFSAccessThroughSMsConfig struct { // Prometheus, Alertmanager or ThanosRuler resource. // +k8s:deepcopy-gen=true type Condition struct { - // Type of the condition being reported. + // type of the condition being reported. // +required Type ConditionType `json:"type"` - // Status of the condition. + // status of the condition. // +required Status ConditionStatus `json:"status"` // lastTransitionTime is the time of the last update to the current status property. // +required LastTransitionTime metav1.Time `json:"lastTransitionTime"` - // Reason for the condition's last transition. + // reason for the condition's last transition. // +optional Reason string `json:"reason,omitempty"` - // Human-readable message indicating details for the condition's last transition. + // message defines human-readable message indicating details for the condition's last transition. // +optional Message string `json:"message,omitempty"` - // ObservedGeneration represents the .metadata.generation that the + // observedGeneration defines the .metadata.generation that the // condition was set based upon. For instance, if `.metadata.generation` is // currently 12, but the `.status.conditions[].observedGeneration` is 9, the // condition is out of date with respect to the current state of the // instance. + // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` } @@ -290,25 +299,24 @@ const ( // EmbeddedPersistentVolumeClaim is an embedded version of k8s.io/api/core/v1.PersistentVolumeClaim. // It contains TypeMeta and a reduced ObjectMeta. type EmbeddedPersistentVolumeClaim struct { + // TypeMeta defines the versioned schema of this representation of an object. metav1.TypeMeta `json:",inline"` - - // EmbeddedMetadata contains metadata relevant to an EmbeddedResource. + // metadata defines EmbeddedMetadata contains metadata relevant to an EmbeddedResource. + // +optional EmbeddedObjectMetadata `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - - // Defines the desired characteristics of a volume requested by a pod author. + // spec defines the specification of the characteristics of a volume requested by a pod author. // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims // +optional Spec v1.PersistentVolumeClaimSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` - + // status is deprecated: this field is never set. // +optional - // Deprecated: this field is never set. Status v1.PersistentVolumeClaimStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` } // EmbeddedObjectMetadata contains a subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta // Only fields which are relevant to embedded resources are included. type EmbeddedObjectMetadata struct { - // Name must be unique within a namespace. Is required when creating resources, although + // name must be unique within a namespace. Is required when creating resources, although // some resources may allow a client to request the generation of an appropriate name // automatically. Name is primarily intended for creation idempotence and configuration // definition. @@ -317,14 +325,14 @@ type EmbeddedObjectMetadata struct { // +optional Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` - // Map of string keys and values that can be used to organize and categorize + // labels define the map of string keys and values that can be used to organize and categorize // (scope and select) objects. May match selectors of replication controllers // and services. // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ // +optional Labels map[string]string `json:"labels,omitempty" protobuf:"bytes,11,rep,name=labels"` - // Annotations is an unstructured key value map stored with a resource that may be + // annotations defines an unstructured key value map stored with a resource that may be // set by external tools to store and retrieve arbitrary metadata. They are not // queryable and should be preserved when modifying objects. // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -335,56 +343,65 @@ type EmbeddedObjectMetadata struct { // WebConfigFileFields defines the file content for --web.config.file flag. // +k8s:deepcopy-gen=true type WebConfigFileFields struct { - // Defines the TLS parameters for HTTPS. + // tlsConfig defines the TLS parameters for HTTPS. + // +optional TLSConfig *WebTLSConfig `json:"tlsConfig,omitempty"` - // Defines HTTP parameters for web server. + // httpConfig defines HTTP parameters for web server. + // +optional HTTPConfig *WebHTTPConfig `json:"httpConfig,omitempty"` } // WebHTTPConfig defines HTTP parameters for web server. // +k8s:openapi-gen=true type WebHTTPConfig struct { - // Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + // http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. // When TLSConfig is not configured, HTTP/2 will be disabled. // Whenever the value of the field changes, a rolling update will be triggered. + // +optional HTTP2 *bool `json:"http2,omitempty"` - // List of headers that can be added to HTTP responses. + // headers defines a list of headers that can be added to HTTP responses. + // +optional Headers *WebHTTPHeaders `json:"headers,omitempty"` } // WebHTTPHeaders defines the list of headers that can be added to HTTP responses. // +k8s:openapi-gen=true type WebHTTPHeaders struct { - // Set the Content-Security-Policy header to HTTP responses. + // contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. // Unset if blank. + // +optional ContentSecurityPolicy string `json:"contentSecurityPolicy,omitempty"` - // Set the X-Frame-Options header to HTTP responses. + // xFrameOptions defines the X-Frame-Options header to HTTP responses. // Unset if blank. Accepted values are deny and sameorigin. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options - //+kubebuilder:validation:Enum="";Deny;SameOrigin + // +kubebuilder:validation:Enum="";Deny;SameOrigin + // +optional XFrameOptions string `json:"xFrameOptions,omitempty"` - // Set the X-Content-Type-Options header to HTTP responses. + // xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. // Unset if blank. Accepted value is nosniff. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options - //+kubebuilder:validation:Enum="";NoSniff + // +kubebuilder:validation:Enum="";NoSniff + // +optional XContentTypeOptions string `json:"xContentTypeOptions,omitempty"` - // Set the X-XSS-Protection header to all responses. + // xXSSProtection defines the X-XSS-Protection header to all responses. // Unset if blank. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection + // +optional XXSSProtection string `json:"xXSSProtection,omitempty"` - // Set the Strict-Transport-Security header to HTTP responses. + // strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. // Unset if blank. // Please make sure that you use this with care as this header might force // browsers to load Prometheus and the other applications hosted on the same // domain and subdomains over HTTPS. // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + // +optional StrictTransportSecurity string `json:"strictTransportSecurity,omitempty"` } // WebTLSConfig defines the TLS parameters for HTTPS. // +k8s:openapi-gen=true type WebTLSConfig struct { - // Secret or ConfigMap containing the TLS certificate for the web server. + // cert defines the Secret or ConfigMap containing the TLS certificate for the web server. // // Either `keySecret` or `keyFile` must be defined. // @@ -392,7 +409,7 @@ type WebTLSConfig struct { // // +optional Cert SecretOrConfigMap `json:"cert,omitempty"` - // Path to the TLS certificate file in the container for the web server. + // certFile defines the path to the TLS certificate file in the container for the web server. // // Either `keySecret` or `keyFile` must be defined. // @@ -401,7 +418,7 @@ type WebTLSConfig struct { // +optional CertFile *string `json:"certFile,omitempty"` - // Secret containing the TLS private key for the web server. + // keySecret defines the secret containing the TLS private key for the web server. // // Either `cert` or `certFile` must be defined. // @@ -409,7 +426,7 @@ type WebTLSConfig struct { // // +optional KeySecret v1.SecretKeySelector `json:"keySecret,omitempty"` - // Path to the TLS private key file in the container for the web server. + // keyFile defines the path to the TLS private key file in the container for the web server. // // If defined, either `cert` or `certFile` must be defined. // @@ -418,21 +435,22 @@ type WebTLSConfig struct { // +optional KeyFile *string `json:"keyFile,omitempty"` - // Secret or ConfigMap containing the CA certificate for client certificate + // client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate // authentication to the server. // // It is mutually exclusive with `clientCAFile`. // // +optional + //nolint:kubeapilinter // The json tag doesn't meet the conventions to be compatible with Prometheus format. ClientCA SecretOrConfigMap `json:"client_ca,omitempty"` - // Path to the CA certificate file for client certificate authentication to + // clientCAFile defines the path to the CA certificate file for client certificate authentication to // the server. // // It is mutually exclusive with `client_ca`. // // +optional ClientCAFile *string `json:"clientCAFile,omitempty"` - // The server policy for client TLS authentication. + // clientAuthType defines the server policy for client TLS authentication. // // For more detail on clientAuth options: // https://golang.org/pkg/crypto/tls/#ClientAuthType @@ -440,16 +458,16 @@ type WebTLSConfig struct { // +optional ClientAuthType *string `json:"clientAuthType,omitempty"` - // Minimum TLS version that is acceptable. + // minVersion defines the minimum TLS version that is acceptable. // // +optional MinVersion *string `json:"minVersion,omitempty"` - // Maximum TLS version that is acceptable. + // maxVersion defines the Maximum TLS version that is acceptable. // // +optional MaxVersion *string `json:"maxVersion,omitempty"` - // List of supported cipher suites for TLS versions up to TLS 1.2. + // cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. // // If not defined, the Go default cipher suites are used. // Available cipher suites are documented in the Go documentation: @@ -458,7 +476,7 @@ type WebTLSConfig struct { // +optional CipherSuites []string `json:"cipherSuites,omitempty"` - // Controls whether the server selects the client's most preferred cipher + // preferServerCipherSuites defines whether the server selects the client's most preferred cipher // suite, or the server's most preferred cipher suite. // // If true then the server's preference, as expressed in @@ -467,7 +485,7 @@ type WebTLSConfig struct { // +optional PreferServerCipherSuites *bool `json:"preferServerCipherSuites,omitempty"` - // Elliptic curves that will be used in an ECDHE handshake, in preference + // curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference // order. // // Available curves are documented in the Go documentation: @@ -519,10 +537,9 @@ func (c *WebTLSConfig) Validate() error { return nil } -// LabelName is a valid Prometheus label name which may only contain ASCII -// letters, numbers, as well as underscores. -// -// +kubebuilder:validation:Pattern:="^[a-zA-Z_][a-zA-Z0-9_]*$" +// LabelName is a valid Prometheus label name. +// For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. +// For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type LabelName string // Endpoint defines an endpoint serving Prometheus metrics to be scraped by @@ -530,23 +547,25 @@ type LabelName string // // +k8s:openapi-gen=true type Endpoint struct { - // Name of the Service port which this endpoint refers to. + // port defines the name of the Service port which this endpoint refers to. // // It takes precedence over `targetPort`. + // +optional Port string `json:"port,omitempty"` - // Name or number of the target port of the `Pod` object behind the + // targetPort defines the name or number of the target port of the `Pod` object behind the // Service. The port must be specified with the container's port property. // // +optional TargetPort *intstr.IntOrString `json:"targetPort,omitempty"` - // HTTP path from which to scrape for metrics. + // path defines the HTTP path from which to scrape for metrics. // // If empty, Prometheus uses the default value (e.g. `/metrics`). + // +optional Path string `json:"path,omitempty"` - // HTTP scheme to use for scraping. + // scheme defines the HTTP scheme to use for scraping. // // `http` and `https` are the expected values unless you rewrite the // `__scheme__` label via relabeling. @@ -554,34 +573,39 @@ type Endpoint struct { // If empty, Prometheus uses the default value `http`. // // +kubebuilder:validation:Enum=http;https + // +optional Scheme string `json:"scheme,omitempty"` // params define optional HTTP URL parameters. + // +optional Params map[string][]string `json:"params,omitempty"` - // Interval at which Prometheus scrapes the metrics from the target. + // interval at which Prometheus scrapes the metrics from the target. // // If empty, Prometheus uses the global scrape interval. + // +optional Interval Duration `json:"interval,omitempty"` - // Timeout after which Prometheus considers the scrape to be failed. + // scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. // // If empty, Prometheus uses the global scrape timeout unless it is less // than the target's scrape interval value in which the latter is used. // The value cannot be greater than the scrape interval otherwise the operator will reject the resource. + // +optional ScrapeTimeout Duration `json:"scrapeTimeout,omitempty"` - // TLS configuration to use when scraping the target. + // tlsConfig defines the TLS configuration to use when scraping the target. // // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` - // File to read bearer token for scraping the target. + // bearerTokenFile defines the file to read bearer token for scraping the target. // // Deprecated: use `authorization` instead. + // +optional BearerTokenFile string `json:"bearerTokenFile,omitempty"` - // `bearerTokenSecret` specifies a key of a Secret containing the bearer + // bearerTokenSecret defines a key of a Secret containing the bearer // token for scraping targets. The secret needs to be in the same namespace // as the ServiceMonitor object and readable by the Prometheus Operator. // @@ -590,7 +614,7 @@ type Endpoint struct { // Deprecated: use `authorization` instead. BearerTokenSecret *v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"` - // `authorization` configures the Authorization header credentials to use when + // authorization configures the Authorization header credentials to use when // scraping the target. // // Cannot be set at the same time as `basicAuth`, or `oauth2`. @@ -598,17 +622,18 @@ type Endpoint struct { // +optional Authorization *SafeAuthorization `json:"authorization,omitempty"` - // When true, `honorLabels` preserves the metric's labels when they collide + // honorLabels defines when true the metric's labels when they collide // with the target's labels. + // +optional HonorLabels bool `json:"honorLabels,omitempty"` - // `honorTimestamps` controls whether Prometheus preserves the timestamps + // honorTimestamps defines whether Prometheus preserves the timestamps // when exposed by the target. // // +optional HonorTimestamps *bool `json:"honorTimestamps,omitempty"` - // `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + // trackTimestampsStaleness defines whether Prometheus tracks staleness of // the metrics that have an explicit timestamp present in scraped data. // Has no effect if `honorTimestamps` is false. // @@ -617,7 +642,7 @@ type Endpoint struct { // +optional TrackTimestampsStaleness *bool `json:"trackTimestampsStaleness,omitempty"` - // `basicAuth` configures the Basic Authentication credentials to use when + // basicAuth defines the Basic Authentication credentials to use when // scraping the target. // // Cannot be set at the same time as `authorization`, or `oauth2`. @@ -625,7 +650,7 @@ type Endpoint struct { // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` - // `oauth2` configures the OAuth2 settings to use when scraping the target. + // oauth2 defines the OAuth2 settings to use when scraping the target. // // It requires Prometheus >= 2.27.0. // @@ -634,13 +659,13 @@ type Endpoint struct { // +optional OAuth2 *OAuth2 `json:"oauth2,omitempty"` - // `metricRelabelings` configures the relabeling rules to apply to the + // metricRelabelings defines the relabeling rules to apply to the // samples before ingestion. // // +optional MetricRelabelConfigs []RelabelConfig `json:"metricRelabelings,omitempty"` - // `relabelings` configures the relabeling rules to apply the target's + // relabelings defines the relabeling rules to apply the target's // metadata labels. // // The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -655,18 +680,18 @@ type Endpoint struct { // +optional ProxyConfig `json:",inline"` - // `followRedirects` defines whether the scrape requests should follow HTTP + // followRedirects defines whether the scrape requests should follow HTTP // 3xx redirects. // // +optional FollowRedirects *bool `json:"followRedirects,omitempty"` - // `enableHttp2` can be used to disable HTTP2 when scraping the target. + // enableHttp2 can be used to disable HTTP2 when scraping the target. // // +optional EnableHttp2 *bool `json:"enableHttp2,omitempty"` - // When true, the pods which are not running (e.g. either in Failed or + // filterRunning when true, the pods which are not running (e.g. either in Failed or // Succeeded state) are dropped during the target discovery. // // If unset, the filtering is enabled. @@ -678,7 +703,7 @@ type Endpoint struct { } type AttachMetadata struct { - // When set to true, Prometheus attaches node metadata to the discovered + // node when set to true, Prometheus attaches node metadata to the discovered // targets. // // The Prometheus service account must have the `list` and `watch` @@ -692,31 +717,34 @@ type AttachMetadata struct { // // +k8s:openapi-gen=true type OAuth2 struct { - // `clientId` specifies a key of a Secret or ConfigMap containing the + // clientId defines a key of a Secret or ConfigMap containing the // OAuth2 client's ID. + // +required ClientID SecretOrConfigMap `json:"clientId"` - // `clientSecret` specifies a key of a Secret containing the OAuth2 + // clientSecret defines a key of a Secret containing the OAuth2 // client's secret. + // +required ClientSecret v1.SecretKeySelector `json:"clientSecret"` - // `tokenURL` configures the URL to fetch the token from. + // tokenUrl defines the URL to fetch the token from. // // +kubebuilder:validation:MinLength=1 + // +required TokenURL string `json:"tokenUrl"` - // `scopes` defines the OAuth2 scopes used for the token request. + // scopes defines the OAuth2 scopes used for the token request. // // +optional. Scopes []string `json:"scopes,omitempty"` - // `endpointParams` configures the HTTP parameters to append to the token + // endpointParams configures the HTTP parameters to append to the token // URL. // // +optional EndpointParams map[string]string `json:"endpointParams,omitempty"` - // TLS configuration to use when connecting to the OAuth2 server. + // tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. // It requires Prometheus >= v2.43.0. // // +optional @@ -729,33 +757,25 @@ type OAuth2 struct { ProxyConfig `json:",inline"` } -type OAuth2ValidationError struct { - err string -} - -func (e *OAuth2ValidationError) Error() string { - return e.err -} - func (o *OAuth2) Validate() error { + if o == nil { + return nil + } + if o.TokenURL == "" { - return &OAuth2ValidationError{err: "OAuth2 token url must be specified"} + return errors.New("OAuth2 tokenURL must be specified") } if o.ClientID == (SecretOrConfigMap{}) { - return &OAuth2ValidationError{err: "OAuth2 client id must be specified"} + return errors.New("OAuth2 clientID must be specified") } if err := o.ClientID.Validate(); err != nil { - return &OAuth2ValidationError{ - err: fmt.Sprintf("invalid OAuth2 client id: %s", err.Error()), - } + return fmt.Errorf("invalid OAuth2 clientID: %w", err) } if err := o.TLSConfig.Validate(); err != nil { - return &OAuth2ValidationError{ - err: fmt.Sprintf("invalid OAuth2 tlsConfig: %s", err.Error()), - } + return fmt.Errorf("invalid OAuth2 tlsConfig: %w", err) } return nil @@ -765,20 +785,24 @@ func (o *OAuth2) Validate() error { // // +k8s:openapi-gen=true type BasicAuth struct { - // `username` specifies a key of a Secret containing the username for + // username defines a key of a Secret containing the username for // authentication. + // +optional Username v1.SecretKeySelector `json:"username,omitempty"` - // `password` specifies a key of a Secret containing the password for + // password defines a key of a Secret containing the password for // authentication. + // +optional Password v1.SecretKeySelector `json:"password,omitempty"` } // SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive. type SecretOrConfigMap struct { - // Secret containing data to use for the targets. + // secret defines the Secret containing data to use for the targets. + // +optional Secret *v1.SecretKeySelector `json:"secret,omitempty"` - // ConfigMap containing data to use for the targets. + // configMap defines the ConfigMap containing data to use for the targets. + // +optional ConfigMap *v1.ConfigMapKeySelector `json:"configMap,omitempty"` } @@ -823,30 +847,33 @@ const ( // SafeTLSConfig specifies safe TLS configuration parameters. // +k8s:openapi-gen=true type SafeTLSConfig struct { - // Certificate authority used when verifying server certificates. + // ca defines the Certificate authority used when verifying server certificates. + // +optional CA SecretOrConfigMap `json:"ca,omitempty"` - // Client certificate to present when doing client-authentication. + // cert defines the Client certificate to present when doing client-authentication. + // +optional Cert SecretOrConfigMap `json:"cert,omitempty"` - // Secret containing the client key file for the targets. + // keySecret defines the Secret containing the client key file for the targets. + // +optional KeySecret *v1.SecretKeySelector `json:"keySecret,omitempty"` - // Used to verify the hostname for the targets. + // serverName is used to verify the hostname for the targets. // +optional ServerName *string `json:"serverName,omitempty"` - // Disable target certificate validation. + // insecureSkipVerify defines how to disable target certificate validation. // +optional InsecureSkipVerify *bool `json:"insecureSkipVerify,omitempty"` - // Minimum acceptable TLS version. + // minVersion defines the minimum acceptable TLS version. // // It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. // +optional MinVersion *TLSVersion `json:"minVersion,omitempty"` - // Maximum acceptable TLS version. + // maxVersion defines the maximum acceptable TLS version. // // It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. // +optional @@ -889,12 +916,16 @@ func (c *SafeTLSConfig) Validate() error { // TLSConfig extends the safe TLS configuration with file parameters. // +k8s:openapi-gen=true type TLSConfig struct { + // +optional SafeTLSConfig `json:",inline"` - // Path to the CA cert in the Prometheus container to use for the targets. + // caFile defines the path to the CA cert in the Prometheus container to use for the targets. + // +optional CAFile string `json:"caFile,omitempty"` - // Path to the client cert file in the Prometheus container for the targets. + // certFile defines the path to the client cert file in the Prometheus container for the targets. + // +optional CertFile string `json:"certFile,omitempty"` - // Path to the client key file in the Prometheus container for the targets. + // keyFile defines the path to the client key file in the Prometheus container for the targets. + // +optional KeyFile string `json:"keyFile,omitempty"` } @@ -951,10 +982,12 @@ func (c *TLSConfig) Validate() error { // selected from the current namespace. // +k8s:openapi-gen=true type NamespaceSelector struct { - // Boolean describing whether all namespaces are selected in contrast to a + // any defines the boolean describing whether all namespaces are selected in contrast to a // list restricting them. + // +optional Any bool `json:"any,omitempty"` - // List of namespace names to select from. + // matchNames defines the list of namespace names to select from. + // +optional MatchNames []string `json:"matchNames,omitempty"` // TODO(fabxc): this should embed metav1.LabelSelector eventually. @@ -965,10 +998,12 @@ type NamespaceSelector struct { // Argument as part of the AdditionalArgs list. // +k8s:openapi-gen=true type Argument struct { - // Name of the argument, e.g. "scrape.discovery-reload-interval". + // name of the argument, e.g. "scrape.discovery-reload-interval". // +kubebuilder:validation:MinLength=1 + // +required Name string `json:"name"` - // Argument value, e.g. 30s. Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) + // value defines the argument value, e.g. 30s. Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) + // +optional Value string `json:"value,omitempty"` } @@ -985,7 +1020,7 @@ const ( // NativeHistogramConfig extends the native histogram configuration settings. // +k8s:openapi-gen=true type NativeHistogramConfig struct { - // Whether to scrape a classic histogram that is also exposed as a native histogram. + // scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. // It requires Prometheus >= v2.45.0. // // Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. @@ -993,21 +1028,21 @@ type NativeHistogramConfig struct { // +optional ScrapeClassicHistograms *bool `json:"scrapeClassicHistograms,omitempty"` - // If there are more than this many buckets in a native histogram, + // nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, // buckets will be merged to stay within the limit. // It requires Prometheus >= v2.45.0. // // +optional NativeHistogramBucketLimit *uint64 `json:"nativeHistogramBucketLimit,omitempty"` - // If the growth factor of one bucket to the next is smaller than this, + // nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, // buckets will be merged to increase the factor sufficiently. // It requires Prometheus >= v2.50.0. // // +optional NativeHistogramMinBucketFactor *resource.Quantity `json:"nativeHistogramMinBucketFactor,omitempty"` - // Whether to convert all scraped classic histograms into a native histogram with custom buckets. + // convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. // It requires Prometheus >= v3.0.0. // // +optional @@ -1022,12 +1057,17 @@ const ( SelectorMechanismRole SelectorMechanism = "RoleSelector" ) -// ConfigResourceStatus is the most recent observed status of the Configuration Resource (ServiceMonitor, PodMonitor and Probes). Read-only. +// ConfigResourceStatus is the most recent observed status of the Configuration Resource (ServiceMonitor, PodMonitor, Probes, ScrapeConfig, PrometheusRule or AlertmanagerConfig). Read-only. // More info: // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status // +k8s:openapi-gen=true type ConfigResourceStatus struct { - // The list of workload resources (Prometheus or PrometheusAgent) which select the configuration resource. + // bindings defines the list of workload resources (Prometheus, PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration resource. + // +listType=map + // +listMapKey=group + // +listMapKey=resource + // +listMapKey=name + // +listMapKey=namespace // +optional Bindings []WorkloadBinding `json:"bindings,omitempty"` } @@ -1035,52 +1075,53 @@ type ConfigResourceStatus struct { // WorkloadBinding is a link between a configuration resource and a workload resource. // +k8s:openapi-gen=true type WorkloadBinding struct { - // The group of the referenced resource. + // group defines the group of the referenced resource. // +kubebuilder:validation:Enum=monitoring.coreos.com // +required Group string `json:"group"` - // The type of resource being referenced (e.g. Prometheus or PrometheusAgent). - // +kubebuilder:validation:Enum=prometheuses;prometheusagents + // resource defines the type of resource being referenced (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + // +kubebuilder:validation:Enum=prometheuses;prometheusagents;thanosrulers;alertmanagers // +required Resource string `json:"resource"` - // The name of the referenced object. + // name defines the name of the referenced object. // +kubebuilder:validation:MinLength=1 // +required Name string `json:"name"` - // The namespace of the referenced object. + // namespace defines the namespace of the referenced object. // +kubebuilder:validation:MinLength=1 // +required Namespace string `json:"namespace"` - // The current state of the configuration resource when bound to the referenced Prometheus object. + // conditions defines the current state of the configuration resource when bound to the referenced Workload object. // +listType=map // +listMapKey=type // +optional Conditions []ConfigResourceCondition `json:"conditions,omitempty"` } -// ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, Alertmanager, or ThanosRuler. +// ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, Alertmanager or ThanosRuler. // +k8s:deepcopy-gen=true type ConfigResourceCondition struct { - // Type of the condition being reported. + // type of the condition being reported. // Currently, only "Accepted" is supported. // +kubebuilder:validation:Enum=Accepted // +required Type ConditionType `json:"type"` - // Status of the condition. + // status of the condition. // +required Status ConditionStatus `json:"status"` - // LastTransitionTime is the time of the last update to the current status property. + // lastTransitionTime defines the time of the last update to the current status property. // +required LastTransitionTime metav1.Time `json:"lastTransitionTime"` - // Reason for the condition's last transition. + // reason for the condition's last transition. // +optional Reason string `json:"reason,omitempty"` - // Human-readable message indicating details for the condition's last transition. + // message defines the human-readable message indicating details for the condition's last transition. // +optional Message string `json:"message,omitempty"` - // ObservedGeneration represents the .metadata.generation that the + // observedGeneration defines the .metadata.generation that the // condition was set based upon. For instance, if `.metadata.generation` is // currently 12, but the `.status.conditions[].observedGeneration` is 9, the // condition is out of date with respect to the current state of the object. + // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` } diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go index a54a9eb7e..eb0acd741 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go @@ -240,7 +240,7 @@ func (in *AlertmanagerGlobalConfig) DeepCopyInto(out *AlertmanagerGlobalConfig) } if in.PagerdutyURL != nil { in, out := &in.PagerdutyURL, &out.PagerdutyURL - *out = new(string) + *out = new(URL) **out = **in } if in.TelegramConfig != nil { @@ -661,21 +661,6 @@ func (in *Authorization) DeepCopy() *Authorization { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AuthorizationValidationError) DeepCopyInto(out *AuthorizationValidationError) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationValidationError. -func (in *AuthorizationValidationError) DeepCopy() *AuthorizationValidationError { - if in == nil { - return nil - } - out := new(AuthorizationValidationError) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AzureAD) DeepCopyInto(out *AzureAD) { *out = *in @@ -1702,6 +1687,11 @@ func (in *HTTPConfig) DeepCopyInto(out *HTTPConfig) { *out = new(bool) **out = **in } + if in.EnableHTTP2 != nil { + in, out := &in.EnableHTTP2, &out.EnableHTTP2 + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPConfig. @@ -1874,21 +1864,6 @@ func (in *OAuth2) DeepCopy() *OAuth2 { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OAuth2ValidationError) DeepCopyInto(out *OAuth2ValidationError) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ValidationError. -func (in *OAuth2ValidationError) DeepCopy() *OAuth2ValidationError { - if in == nil { - return nil - } - out := new(OAuth2ValidationError) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OTLPConfig) DeepCopyInto(out *OTLPConfig) { *out = *in @@ -1922,6 +1897,11 @@ func (in *OTLPConfig) DeepCopyInto(out *OTLPConfig) { *out = new(bool) **out = **in } + if in.PromoteScopeMetadata != nil { + in, out := &in.PromoteScopeMetadata, &out.PromoteScopeMetadata + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OTLPConfig. @@ -2035,12 +2015,6 @@ func (in *PodMetricsEndpoint) DeepCopyInto(out *PodMetricsEndpoint) { (*out)[key] = outVal } } - if in.TLSConfig != nil { - in, out := &in.TLSConfig, &out.TLSConfig - *out = new(SafeTLSConfig) - (*in).DeepCopyInto(*out) - } - in.BearerTokenSecret.DeepCopyInto(&out.BearerTokenSecret) if in.HonorTimestamps != nil { in, out := &in.HonorTimestamps, &out.HonorTimestamps *out = new(bool) @@ -2051,21 +2025,6 @@ func (in *PodMetricsEndpoint) DeepCopyInto(out *PodMetricsEndpoint) { *out = new(bool) **out = **in } - if in.BasicAuth != nil { - in, out := &in.BasicAuth, &out.BasicAuth - *out = new(BasicAuth) - (*in).DeepCopyInto(*out) - } - if in.OAuth2 != nil { - in, out := &in.OAuth2, &out.OAuth2 - *out = new(OAuth2) - (*in).DeepCopyInto(*out) - } - if in.Authorization != nil { - in, out := &in.Authorization, &out.Authorization - *out = new(SafeAuthorization) - (*in).DeepCopyInto(*out) - } if in.MetricRelabelConfigs != nil { in, out := &in.MetricRelabelConfigs, &out.MetricRelabelConfigs *out = make([]RelabelConfig, len(*in)) @@ -2080,22 +2039,12 @@ func (in *PodMetricsEndpoint) DeepCopyInto(out *PodMetricsEndpoint) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.ProxyConfig.DeepCopyInto(&out.ProxyConfig) - if in.FollowRedirects != nil { - in, out := &in.FollowRedirects, &out.FollowRedirects - *out = new(bool) - **out = **in - } - if in.EnableHttp2 != nil { - in, out := &in.EnableHttp2, &out.EnableHttp2 - *out = new(bool) - **out = **in - } if in.FilterRunning != nil { in, out := &in.FilterRunning, &out.FilterRunning *out = new(bool) **out = **in } + in.HTTPConfig.DeepCopyInto(&out.HTTPConfig) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodMetricsEndpoint. @@ -2114,6 +2063,7 @@ func (in *PodMonitor) DeepCopyInto(out *PodMonitor) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodMonitor. @@ -2246,6 +2196,7 @@ func (in *Probe) DeepCopyInto(out *Probe) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Probe. @@ -2483,21 +2434,6 @@ func (in *ProbeTargets) DeepCopy() *ProbeTargets { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ProbeTargetsValidationError) DeepCopyInto(out *ProbeTargetsValidationError) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProbeTargetsValidationError. -func (in *ProbeTargetsValidationError) DeepCopy() *ProbeTargetsValidationError { - if in == nil { - return nil - } - out := new(ProbeTargetsValidationError) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProberSpec) DeepCopyInto(out *ProberSpec) { *out = *in @@ -2563,6 +2499,7 @@ func (in *PrometheusRule) DeepCopyInto(out *PrometheusRule) { out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusRule. @@ -3560,6 +3497,11 @@ func (in *ServiceMonitorSpec) DeepCopyInto(out *ServiceMonitorSpec) { *out = new(ByteSize) **out = **in } + if in.ServiceDiscoveryRole != nil { + in, out := &in.ServiceDiscoveryRole, &out.ServiceDiscoveryRole + *out = new(ServiceDiscoveryRole) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceMonitorSpec. @@ -3625,6 +3567,11 @@ func (in *Sigv4) DeepCopyInto(out *Sigv4) { *out = new(corev1.SecretKeySelector) (*in).DeepCopyInto(*out) } + if in.UseFIPSSTSEndpoint != nil { + in, out := &in.UseFIPSSTSEndpoint, &out.UseFIPSSTSEndpoint + *out = new(bool) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Sigv4. diff --git a/vendor/k8s.io/utils/net/multi_listen.go b/vendor/k8s.io/utils/net/multi_listen.go index 7cb7795be..e5d508055 100644 --- a/vendor/k8s.io/utils/net/multi_listen.go +++ b/vendor/k8s.io/utils/net/multi_listen.go @@ -21,6 +21,7 @@ import ( "fmt" "net" "sync" + "sync/atomic" ) // connErrPair pairs conn and error which is returned by accept on sub-listeners. @@ -38,6 +39,7 @@ type multiListener struct { connCh chan connErrPair // stopCh communicates from parent to child listeners. stopCh chan struct{} + closed atomic.Bool } // compile time check to ensure *multiListener implements net.Listener @@ -150,10 +152,8 @@ func (ml *multiListener) Accept() (net.Conn, error) { // the go-routines to exit. func (ml *multiListener) Close() error { // Make sure this can be called repeatedly without explosions. - select { - case <-ml.stopCh: + if !ml.closed.CompareAndSwap(false, true) { return fmt.Errorf("use of closed network connection") - default: } // Tell all sub-listeners to stop. diff --git a/vendor/modules.txt b/vendor/modules.txt index ce15ba6fc..d9458ed8d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -232,7 +232,7 @@ github.com/pkg/errors # github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 ## explicit github.com/pmezard/go-difflib/difflib -# github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0 +# github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.86.0 ## explicit; go 1.24.0 github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1 @@ -362,7 +362,7 @@ go.uber.org/zap/internal/exit go.uber.org/zap/internal/pool go.uber.org/zap/internal/stacktrace go.uber.org/zap/zapcore -# go.yaml.in/yaml/v2 v2.4.2 +# go.yaml.in/yaml/v2 v2.4.3 ## explicit; go 1.15 go.yaml.in/yaml/v2 # go.yaml.in/yaml/v3 v3.0.4 @@ -1166,7 +1166,7 @@ k8s.io/kube-openapi/pkg/validation/errors k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson -# k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 +# k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 ## explicit; go 1.18 k8s.io/utils/buffer k8s.io/utils/clock @@ -1240,7 +1240,7 @@ sigs.k8s.io/controller-runtime/pkg/webhook/admission/metrics sigs.k8s.io/controller-runtime/pkg/webhook/conversion sigs.k8s.io/controller-runtime/pkg/webhook/conversion/metrics sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics -# sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 +# sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 ## explicit; go 1.23 sigs.k8s.io/json sigs.k8s.io/json/internal/golang/encoding/json diff --git a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/decode.go b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/decode.go index d538ac119..3fe528bbf 100644 --- a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/decode.go +++ b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/decode.go @@ -52,8 +52,8 @@ import ( // - bool, for JSON booleans // - float64, for JSON numbers // - string, for JSON strings -// - []interface{}, for JSON arrays -// - map[string]interface{}, for JSON objects +// - []any, for JSON arrays +// - map[string]any, for JSON objects // - nil for JSON null // // To unmarshal a JSON array into a slice, Unmarshal resets the slice length @@ -117,9 +117,6 @@ func Unmarshal(data []byte, v any, opts ...UnmarshalOpt) error { // The input can be assumed to be a valid encoding of // a JSON value. UnmarshalJSON must copy the JSON data // if it wishes to retain the data after returning. -// -// By convention, to approximate the behavior of [Unmarshal] itself, -// Unmarshalers implement UnmarshalJSON([]byte("null")) as a no-op. type Unmarshaler interface { UnmarshalJSON([]byte) error } @@ -132,7 +129,7 @@ type UnmarshalTypeError struct { Type reflect.Type // type of Go value it could not be assigned to Offset int64 // error occurred after reading Offset bytes Struct string // name of the struct type containing the field - Field string // the full path from root node to the field + Field string // the full path from root node to the field, include embedded struct } func (e *UnmarshalTypeError) Error() string { @@ -281,7 +278,11 @@ func (d *decodeState) addErrorContext(err error) error { switch err := err.(type) { case *UnmarshalTypeError: err.Struct = d.errorContext.Struct.Name() - err.Field = strings.Join(d.errorContext.FieldStack, ".") + fieldStack := d.errorContext.FieldStack + if err.Field != "" { + fieldStack = append(fieldStack, err.Field) + } + err.Field = strings.Join(fieldStack, ".") } } return err @@ -492,9 +493,9 @@ func indirect(v reflect.Value, decodingNull bool) (Unmarshaler, encoding.TextUnm } // Prevent infinite loop if v is an interface pointing to its own address: - // var v interface{} + // var v any // v = &v - if v.Elem().Kind() == reflect.Interface && v.Elem().Elem() == v { + if v.Elem().Kind() == reflect.Interface && v.Elem().Elem().Equal(v) { v = v.Elem() break } @@ -784,7 +785,10 @@ func (d *decodeState) object(v reflect.Value) error { } subv = v destring = f.quoted - for _, i := range f.index { + if d.errorContext == nil { + d.errorContext = new(errorContext) + } + for i, ind := range f.index { if subv.Kind() == reflect.Pointer { if subv.IsNil() { // If a struct embeds a pointer to an unexported type, @@ -804,13 +808,16 @@ func (d *decodeState) object(v reflect.Value) error { } subv = subv.Elem() } - subv = subv.Field(i) - } - if d.errorContext == nil { - d.errorContext = new(errorContext) + if i < len(f.index)-1 { + d.errorContext.FieldStack = append( + d.errorContext.FieldStack, + subv.Type().Field(ind).Name, + ) + } + subv = subv.Field(ind) } - d.errorContext.FieldStack = append(d.errorContext.FieldStack, f.name) d.errorContext.Struct = t + d.errorContext.FieldStack = append(d.errorContext.FieldStack, f.name) d.appendStrictFieldStackKey(f.name) } else if d.disallowUnknownFields { d.saveStrictError(d.newFieldError(unknownStrictErrType, string(key))) @@ -1118,7 +1125,7 @@ func (d *decodeState) literalStore(item []byte, v reflect.Value, fromQuoted bool // in an empty interface. They are not strictly necessary, // but they avoid the weight of reflection in this common case. -// valueInterface is like value but returns interface{} +// valueInterface is like value but returns any. func (d *decodeState) valueInterface() (val any) { switch d.opcode { default: @@ -1135,7 +1142,7 @@ func (d *decodeState) valueInterface() (val any) { return } -// arrayInterface is like array but returns []interface{}. +// arrayInterface is like array but returns []any. func (d *decodeState) arrayInterface() []any { origStrictFieldStackLen := len(d.strictFieldStack) defer func() { @@ -1170,7 +1177,7 @@ func (d *decodeState) arrayInterface() []any { return v } -// objectInterface is like object but returns map[string]interface{}. +// objectInterface is like object but returns map[string]any. func (d *decodeState) objectInterface() map[string]any { origStrictFieldStackLen := len(d.strictFieldStack) defer func() { diff --git a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/encode.go b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/encode.go index eb73bff58..4e3a1a2f1 100644 --- a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/encode.go +++ b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/encode.go @@ -71,8 +71,8 @@ import ( // // The "omitempty" option specifies that the field should be omitted // from the encoding if the field has an empty value, defined as -// false, 0, a nil pointer, a nil interface value, and any empty array, -// slice, map, or string. +// false, 0, a nil pointer, a nil interface value, and any array, +// slice, map, or string of length zero. // // As a special case, if the field tag is "-", the field is always omitted. // Note that a field with name "-" can still be generated using the tag "-,". @@ -98,6 +98,17 @@ import ( // // Field appears in JSON as key "-". // Field int `json:"-,"` // +// The "omitzero" option specifies that the field should be omitted +// from the encoding if the field has a zero value, according to rules: +// +// 1) If the field type has an "IsZero() bool" method, that will be used to +// determine whether the value is zero. +// +// 2) Otherwise, the value is zero if it is the zero value for its type. +// +// If both "omitempty" and "omitzero" are specified, the field will be omitted +// if the value is either empty or zero (or both). +// // The "string" option signals that a field is stored as JSON inside a // JSON-encoded string. It applies only to fields of string, floating point, // integer, or boolean types. This extra level of encoding is sometimes used @@ -690,7 +701,8 @@ FieldLoop: fv = fv.Field(i) } - if f.omitEmpty && isEmptyValue(fv) { + if (f.omitEmpty && isEmptyValue(fv)) || + (f.omitZero && (f.isZero == nil && fv.IsZero() || (f.isZero != nil && f.isZero(fv)))) { continue } e.WriteByte(next) @@ -808,7 +820,7 @@ func (se sliceEncoder) encode(e *encodeState, v reflect.Value, opts encOpts) { // Here we use a struct to memorize the pointer to the first element of the slice // and its length. ptr := struct { - ptr interface{} // always an unsafe.Pointer, but avoids a dependency on package unsafe + ptr any // always an unsafe.Pointer, but avoids a dependency on package unsafe len int }{v.UnsafePointer(), v.Len()} if _, ok := e.ptrSeen[ptr]; ok { @@ -1039,11 +1051,19 @@ type field struct { index []int typ reflect.Type omitEmpty bool + omitZero bool + isZero func(reflect.Value) bool quoted bool encoder encoderFunc } +type isZeroer interface { + IsZero() bool +} + +var isZeroerType = reflect.TypeFor[isZeroer]() + // typeFields returns a list of fields that JSON should recognize for the given type. // The algorithm is breadth-first search over the set of structs to include - the top struct // and then any reachable anonymous structs. @@ -1135,6 +1155,7 @@ func typeFields(t reflect.Type) structFields { index: index, typ: ft, omitEmpty: opts.Contains("omitempty"), + omitZero: opts.Contains("omitzero"), quoted: quoted, } field.nameBytes = []byte(field.name) @@ -1144,6 +1165,40 @@ func typeFields(t reflect.Type) structFields { field.nameEscHTML = `"` + string(nameEscBuf) + `":` field.nameNonEsc = `"` + field.name + `":` + if field.omitZero { + t := sf.Type + // Provide a function that uses a type's IsZero method. + switch { + case t.Kind() == reflect.Interface && t.Implements(isZeroerType): + field.isZero = func(v reflect.Value) bool { + // Avoid panics calling IsZero on a nil interface or + // non-nil interface with nil pointer. + return v.IsNil() || + (v.Elem().Kind() == reflect.Pointer && v.Elem().IsNil()) || + v.Interface().(isZeroer).IsZero() + } + case t.Kind() == reflect.Pointer && t.Implements(isZeroerType): + field.isZero = func(v reflect.Value) bool { + // Avoid panics calling IsZero on nil pointer. + return v.IsNil() || v.Interface().(isZeroer).IsZero() + } + case t.Implements(isZeroerType): + field.isZero = func(v reflect.Value) bool { + return v.Interface().(isZeroer).IsZero() + } + case reflect.PointerTo(t).Implements(isZeroerType): + field.isZero = func(v reflect.Value) bool { + if !v.CanAddr() { + // Temporarily box v so we can take the address. + v2 := reflect.New(v.Type()).Elem() + v2.Set(v) + v = v2 + } + return v.Addr().Interface().(isZeroer).IsZero() + } + } + } + fields = append(fields, field) if count[f.typ] > 1 { // If there were multiple instances, add a second, diff --git a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/stream.go b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/stream.go index 48fc4d945..cc2108b92 100644 --- a/vendor/sigs.k8s.io/json/internal/golang/encoding/json/stream.go +++ b/vendor/sigs.k8s.io/json/internal/golang/encoding/json/stream.go @@ -31,8 +31,8 @@ func NewDecoder(r io.Reader) *Decoder { return &Decoder{r: r} } -// UseNumber causes the Decoder to unmarshal a number into an interface{} as a -// [Number] instead of as a float64. +// UseNumber causes the Decoder to unmarshal a number into an +// interface value as a [Number] instead of as a float64. func (dec *Decoder) UseNumber() { dec.d.useNumber = true } // DisallowUnknownFields causes the Decoder to return an error when the destination