diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 138d630a67c5..c7d85eb74b0d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -21,7 +21,8 @@ jobs: - name: Set up Helm uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 with: - version: v3.12.0 + # renovate: github=helm/helm + version: v3.19.0 - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: @@ -29,6 +30,9 @@ jobs: - name: Set up chart-testing uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 + with: + # renovate: github=helm/chart-testing + version: v3.14.0 - name: Run chart-testing (list-changed) id: list-changed diff --git a/charts/kube-prometheus-stack/Chart.yaml b/charts/kube-prometheus-stack/Chart.yaml index 352150543dd5..398a8aa234a4 100644 --- a/charts/kube-prometheus-stack/Chart.yaml +++ b/charts/kube-prometheus-stack/Chart.yaml @@ -31,9 +31,9 @@ name: kube-prometheus-stack sources: - https://github.com/prometheus-community/helm-charts - https://github.com/prometheus-operator/kube-prometheus -version: 77.14.0 +version: 78.0.0 # renovate: github=prometheus-operator/prometheus-operator -appVersion: v0.85.0 +appVersion: v0.86.0 kubeVersion: ">=1.25.0-0" home: https://github.com/prometheus-operator/kube-prometheus keywords: diff --git a/charts/kube-prometheus-stack/UPGRADE.md b/charts/kube-prometheus-stack/UPGRADE.md index c5b10328440d..9bdb5b0f03f2 100644 --- a/charts/kube-prometheus-stack/UPGRADE.md +++ b/charts/kube-prometheus-stack/UPGRADE.md @@ -1,5 +1,24 @@ # Upgrade +## From 77.x to 78.x + +This version upgrades Prometheus-Operator to v0.86.0 +Since [68.4.0](https://github.com/prometheus-community/helm-charts/pull/5175) it is also possible to use `crds.upgradeJob.enabled` for upgrading the CRDs. +For traditional upgrades, please run these commands to update the CRDs before applying the upgrade. + +```console +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +``` + ## From 76.x to 77.x This version upgrades Prometheus-Operator to v0.85.0 diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml index a8260446abf5..1aadcc4828bf 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagerconfigs.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -45,17 +45,11 @@ spec: metadata: type: object spec: - description: |- - AlertmanagerConfigSpec is a specification of the desired behavior of the - Alertmanager configuration. - By default, the Alertmanager configuration only applies to alerts for which - the `namespace` label is equal to the namespace of the AlertmanagerConfig - resource (see the `.spec.alertmanagerConfigMatcherStrategy` field of the - Alertmanager CRD). + description: spec defines the specification of AlertmanagerConfigSpec properties: inhibitRules: description: |- - List of inhibition rules. The rules will only apply to alerts matching + inhibitRules defines the list of inhibition rules. The rules will only apply to alerts matching the resource's namespace. items: description: |- @@ -65,23 +59,24 @@ spec: properties: equal: description: |- - Labels that must have an equal value in the source and target alert for - the inhibition to take effect. + equal defines labels that must have an equal value in the source and target alert + for the inhibition to take effect. This ensures related alerts are properly grouped. items: type: string type: array sourceMatch: description: |- - Matchers for which one or more alerts have to exist for the inhibition - to take effect. The operator enforces that the alert matches the - resource's namespace. + sourceMatch defines matchers for which one or more alerts have to exist for the inhibition + to take effect. The operator enforces that the alert matches the resource's namespace. + These are the "trigger" alerts that cause other alerts to be inhibited. items: description: Matcher defines how to match on alert's labels. properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -89,16 +84,20 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name @@ -106,15 +105,17 @@ spec: type: array targetMatch: description: |- - Matchers that have to be fulfilled in the alerts to be muted. The - operator enforces that the alert matches the resource's namespace. + targetMatch defines matchers that have to be fulfilled in the alerts to be muted. + The operator enforces that the alert matches the resource's namespace. + When these conditions are met, matching alerts will be inhibited (silenced). items: description: Matcher defines how to match on alert's labels. properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -122,16 +123,20 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name @@ -140,40 +145,40 @@ spec: type: object type: array muteTimeIntervals: - description: List of MuteTimeInterval specifying when the routes should - be muted. + description: muteTimeIntervals defines the list of MuteTimeInterval + specifying when the routes should be muted. items: description: MuteTimeInterval specifies the periods in time when notifications will be muted properties: name: - description: Name of the time interval + description: name of the time interval type: string timeIntervals: - description: TimeIntervals is a list of TimeInterval + description: timeIntervals defines a list of TimeInterval items: description: TimeInterval describes intervals of time properties: daysOfMonth: - description: DaysOfMonth is a list of DayOfMonthRange + description: daysOfMonth defines a list of DayOfMonthRange items: description: DayOfMonthRange is an inclusive range of days of the month beginning at 1 properties: end: - description: End of the inclusive range + description: end of the inclusive range maximum: 31 minimum: -31 type: integer start: - description: Start of the inclusive range + description: start of the inclusive range maximum: 31 minimum: -31 type: integer type: object type: array months: - description: Months is a list of MonthRange + description: months defines a list of MonthRange items: description: |- MonthRange is an inclusive range of months of the year beginning in January @@ -182,24 +187,25 @@ spec: type: string type: array times: - description: Times is a list of TimeRange + description: times defines a list of TimeRange items: description: TimeRange defines a start and end time in 24hr format properties: endTime: - description: EndTime is the end time in 24hr format. + description: endTime defines the end time in 24hr + format. pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) type: string startTime: - description: StartTime is the start time in 24hr - format. + description: startTime defines the start time in + 24hr format. pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) type: string type: object type: array weekdays: - description: Weekdays is a list of WeekdayRange + description: weekdays defines a list of WeekdayRange items: description: |- WeekdayRange is an inclusive range of days of the week beginning on Sunday @@ -208,7 +214,7 @@ spec: type: string type: array years: - description: Years is a list of YearRange + description: years defines a list of YearRange items: description: YearRange is an inclusive range of years pattern: ^2\d{3}(?::2\d{3}|$) @@ -221,12 +227,12 @@ spec: type: object type: array receivers: - description: List of receivers. + description: receivers defines the list of receivers. items: description: Receiver defines one or more notification integrations. properties: discordConfigs: - description: List of Discord configurations. + description: discordConfigs defines the list of Slack configurations. items: description: |- DiscordConfig configures notifications via Discord. @@ -234,7 +240,7 @@ spec: properties: apiURL: description: |- - The secret's key that contains the Discord webhook URL. + apiURL defines the secret's key that contains the Discord webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -260,25 +266,27 @@ spec: type: object x-kubernetes-map-type: atomic avatarURL: - description: The avatar url of the message sender. + description: avatarURL defines the avatar url of the message + sender. pattern: ^https?://.+$ type: string content: - description: The template of the content's body. + description: content defines the template of the content's + body. minLength: 1 type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -303,7 +311,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -312,12 +320,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -343,7 +351,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -370,7 +378,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -396,30 +404,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -442,8 +455,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -470,7 +483,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -498,12 +511,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -539,7 +552,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -547,33 +560,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -596,8 +609,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -623,12 +636,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -651,8 +664,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -678,11 +691,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -708,7 +722,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -719,7 +733,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -729,13 +743,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -772,7 +786,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -780,31 +794,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -827,8 +842,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -854,12 +869,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -882,8 +897,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -909,11 +924,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -938,7 +954,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -949,7 +965,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -959,22 +975,26 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: The template of the message's body. + description: message defines the template of the message's + body. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean title: - description: The template of the message's title. + description: title defines the template of the message's + title. type: string username: - description: The username of the message sender. + description: username defines the username of the message + sender. minLength: 1 type: string required: @@ -982,16 +1002,18 @@ spec: type: object type: array emailConfigs: - description: List of Email configurations. + description: emailConfigs defines the list of Email configurations. items: description: EmailConfig configures notifications via Email. properties: authIdentity: - description: The identity to use for authentication. + description: |- + authIdentity defines the identity to use for SMTP authentication. + This is typically used with PLAIN authentication mechanism. type: string authPassword: description: |- - The secret's key that contains the password to use for authentication. + authPassword defines the secret's key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -1018,7 +1040,8 @@ spec: x-kubernetes-map-type: atomic authSecret: description: |- - The secret's key that contains the CRAM-MD5 secret. + authSecret defines the secret's key that contains the CRAM-MD5 secret. + This is used for CRAM-MD5 authentication mechanism. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -1044,24 +1067,32 @@ spec: type: object x-kubernetes-map-type: atomic authUsername: - description: The username to use for authentication. + description: |- + authUsername defines the username to use for SMTP authentication. + This is used for SMTP AUTH when the server requires authentication. type: string from: - description: The sender address. + description: |- + from defines the sender address for email notifications. + This appears as the "From" field in the email header. type: string headers: description: |- - Further headers email header key/value pairs. Overrides any headers - previously set by the notification implementation. + headers defines additional email header key/value pairs. + These override any headers previously set by the notification implementation. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -1069,36 +1100,46 @@ spec: type: object type: array hello: - description: The hostname to identify to the SMTP server. + description: |- + hello defines the hostname to identify to the SMTP server. + This is used in the SMTP HELO/EHLO command during the connection handshake. type: string html: - description: The HTML body of the email notification. + description: |- + html defines the HTML body of the email notification. + This allows for rich formatting in the email content. type: string requireTLS: description: |- - The SMTP TLS requirement. + requireTLS defines the SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean smarthost: - description: The SMTP host and port through which emails - are sent. E.g. example.com:25 + description: |- + smarthost defines the SMTP host and port through which emails are sent. + Format should be "hostname:port", e.g. "smtp.example.com:587". type: string text: - description: The text body of the email notification. + description: |- + text defines the plain text body of the email notification. + This provides a fallback for email clients that don't support HTML. type: string tlsConfig: - description: TLS configuration + description: |- + tlsConfig defines the TLS configuration for SMTP connections. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1121,8 +1162,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1147,12 +1188,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1175,8 +1216,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1201,11 +1242,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1230,7 +1272,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1241,7 +1283,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1251,17 +1293,20 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object to: - description: The email address to send notifications to. + description: |- + to defines the email address to send notifications to. + This is the recipient address for alert notifications. type: string type: object type: array msteamsConfigs: description: |- - List of MSTeams configurations. + msteamsConfigs defines the list of MSTeams configurations. It requires Alertmanager >= 0.26.0. items: description: |- @@ -1269,17 +1314,18 @@ spec: It requires Alertmanager >= 0.26.0. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Teams webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -1304,7 +1350,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1313,12 +1359,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1344,7 +1390,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1371,7 +1417,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -1397,30 +1443,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1443,8 +1494,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1471,7 +1522,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1499,12 +1550,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1540,7 +1591,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1548,33 +1599,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1597,8 +1648,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -1624,12 +1675,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1652,8 +1703,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -1679,11 +1730,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -1709,7 +1761,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1720,7 +1772,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1730,13 +1782,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -1773,7 +1825,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1781,31 +1833,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1828,8 +1881,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1855,12 +1908,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1883,8 +1936,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1910,11 +1963,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -1939,7 +1993,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1950,7 +2004,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1960,27 +2014,35 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean summary: description: |- - Message summary template. + summary defines the message summary template for Teams notifications. + This provides a brief overview that appears in Teams notification previews. It requires Alertmanager >= 0.27.0. type: string text: - description: Message body template. + description: |- + text defines the message body template for Teams notifications. + This contains the detailed content of the Teams message. type: string title: - description: Message title template. + description: |- + title defines the message title template for Teams notifications. + This appears as the main heading of the Teams message card. type: string webhookUrl: - description: MSTeams webhook URL. + description: |- + webhookUrl defines the MSTeams webhook URL for sending notifications. + This is the incoming webhook URL configured in your Teams channel. properties: key: description: The key of the secret to select from. Must @@ -2009,26 +2071,27 @@ spec: type: array msteamsv2Configs: description: |- - List of MSTeamsV2 configurations. + msteamsv2Configs defines the list of MSTeamsV2 configurations. It requires Alertmanager >= 0.28.0. items: description: |- - MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows + MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows. See https://prometheus.io/docs/alerting/latest/configuration/#msteamsv2_config It requires Alertmanager >= 0.28.0. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Teams webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -2053,7 +2116,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2062,12 +2125,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2093,7 +2156,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2120,7 +2183,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -2146,30 +2209,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2192,8 +2260,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2220,7 +2288,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -2248,12 +2316,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -2289,7 +2357,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2297,33 +2365,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2346,8 +2414,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -2373,12 +2441,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2401,8 +2469,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -2428,11 +2496,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -2458,7 +2527,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2469,7 +2538,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2479,13 +2548,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -2522,7 +2591,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2530,31 +2599,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2577,8 +2647,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2604,12 +2674,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2632,8 +2702,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2659,11 +2729,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -2688,7 +2759,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2699,7 +2770,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2709,24 +2780,31 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean text: - description: Message body template. + description: |- + text defines the message body template for adaptive card notifications. + This contains the detailed content displayed in the Teams adaptive card format. minLength: 1 type: string title: - description: Message title template. + description: |- + title defines the message title template for adaptive card notifications. + This appears as the main heading in the Teams adaptive card. minLength: 1 type: string webhookURL: - description: MSTeams incoming webhook URL. + description: |- + webhookURL defines the MSTeams incoming webhook URL for adaptive card notifications. + This webhook must support the newer adaptive cards format required by Teams flows. properties: key: description: The key of the secret to select from. Must @@ -2752,24 +2830,25 @@ spec: type: object type: array name: - description: Name of the receiver. Must be unique across all - items from the list. + description: name defines the name of the receiver. Must be + unique across all items from the list. minLength: 1 type: string opsgenieConfigs: - description: List of OpsGenie configurations. + description: opsgenieConfigs defines the list of OpsGenie configurations. items: description: |- OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config properties: actions: - description: Comma separated list of actions that will - be available for the alert. + description: |- + actions defines a comma separated list of actions that will be available for the alert. + These appear as action buttons in the OpsGenie interface. type: string apiKey: description: |- - The secret's key that contains the OpsGenie API key. + apiKey defines the secret's key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -2795,23 +2874,32 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The URL to send OpsGenie API requests to. + description: |- + apiURL defines the URL to send OpsGenie API requests to. + When not specified, defaults to the standard OpsGenie API endpoint. type: string description: - description: Description of the incident. + description: |- + description defines the detailed description of the incident. + This provides additional context beyond the message field. type: string details: - description: A set of arbitrary key/value pairs that provide - further detail about the incident. + description: |- + details defines a set of arbitrary key/value pairs that provide further detail about the incident. + These appear as additional fields in the OpsGenie alert. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -2819,21 +2907,23 @@ spec: type: object type: array entity: - description: Optional field that can be used to specify - which domain alert is related to. + description: |- + entity defines an optional field that can be used to specify which domain alert is related to. + This helps group related alerts together in OpsGenie. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for OpsGenie API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -2858,7 +2948,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2867,12 +2957,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2898,7 +2988,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2925,7 +3015,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -2951,30 +3041,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2997,8 +3092,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3025,7 +3120,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3053,12 +3148,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3094,7 +3189,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3102,33 +3197,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3151,8 +3246,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3178,12 +3273,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3206,8 +3301,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3233,11 +3328,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -3263,7 +3359,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3274,7 +3370,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3284,13 +3380,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -3327,7 +3423,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3335,31 +3431,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3382,8 +3479,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3409,12 +3506,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3437,8 +3534,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3464,11 +3561,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -3493,7 +3591,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3504,7 +3602,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3514,97 +3612,129 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Alert text limited to 130 characters. + description: |- + message defines the alert text limited to 130 characters. + This appears as the main alert title in OpsGenie. type: string note: - description: Additional alert note. + description: |- + note defines an additional alert note. + This provides supplementary information about the alert. type: string priority: - description: Priority level of alert. Possible values - are P1, P2, P3, P4, and P5. + description: |- + priority defines the priority level of alert. + Possible values are P1, P2, P3, P4, and P5, where P1 is highest priority. type: string responders: - description: List of responders responsible for notifications. + description: |- + responders defines the list of responders responsible for notifications. + These determine who gets notified when the alert is created. items: description: |- OpsGenieConfigResponder defines a responder to an incident. One of `id`, `name` or `username` has to be defined. properties: id: - description: ID of the responder. + description: |- + id defines the unique identifier of the responder. + This corresponds to the responder's ID within OpsGenie. type: string name: - description: Name of the responder. + description: |- + name defines the display name of the responder. + This is used when the responder is identified by name rather than ID. type: string type: - description: Type of responder. + description: |- + type defines the type of responder. + Valid values include "user", "team", "schedule", and "escalation". + This determines how OpsGenie interprets the other identifier fields. + enum: + - team + - teams + - user + - escalation + - schedule minLength: 1 type: string username: - description: Username of the responder. + description: |- + username defines the username of the responder. + This is typically used for user-type responders when identifying by username. type: string required: - type type: object type: array sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean source: - description: Backlink to the sender of the notification. + description: |- + source defines the backlink to the sender of the notification. + This helps identify where the alert originated from. type: string tags: - description: Comma separated list of tags attached to - the notifications. + description: |- + tags defines a comma separated list of tags attached to the notifications. + These help categorize and filter alerts within OpsGenie. type: string updateAlerts: description: |- - Whether to update message and description of the alert in OpsGenie if it already exists + updateAlerts defines Whether to update message and description of the alert in OpsGenie if it already exists By default, the alert is never updated in OpsGenie, the new message only appears in activity log. type: boolean type: object type: array pagerdutyConfigs: - description: List of PagerDuty configurations. + description: pagerdutyConfigs defines the List of PagerDuty + configurations. items: description: |- PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config properties: class: - description: The class/type of the event. + description: class defines the class/type of the event. type: string client: - description: Client identification. + description: client defines the client identification. type: string clientURL: - description: Backlink to the sender of notification. + description: clientURL defines the backlink to the sender + of notification. type: string component: - description: The part or component of the affected system - that is broken. + description: component defines the part or component of + the affected system that is broken. type: string description: - description: Description of the incident. + description: description of the incident. type: string details: - description: Arbitrary key/value pairs that provide further - detail about the incident. + description: details defines the arbitrary key/value pairs + that provide further detail about the incident. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -3612,20 +3742,20 @@ spec: type: object type: array group: - description: A cluster or grouping of sources. + description: group defines a cluster or grouping of sources. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -3650,7 +3780,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -3659,12 +3789,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -3690,7 +3820,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -3717,7 +3847,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -3743,30 +3873,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3789,8 +3924,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3817,7 +3952,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3845,12 +3980,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3886,7 +4021,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3894,33 +4029,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3943,8 +4078,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3970,12 +4105,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3998,8 +4133,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4025,11 +4160,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -4055,7 +4191,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4066,7 +4202,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4076,13 +4212,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -4119,7 +4255,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4127,31 +4263,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4174,8 +4311,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4201,12 +4338,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4229,8 +4366,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4256,11 +4393,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -4285,7 +4423,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4296,7 +4434,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4306,51 +4444,55 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object pagerDutyImageConfigs: - description: A list of image details to attach that provide - further detail about an incident. + description: pagerDutyImageConfigs defines a list of image + details to attach that provide further detail about + an incident. items: description: PagerDutyImageConfig attaches images to an incident properties: alt: - description: Alt is the optional alternative text + description: alt is the optional alternative text for the image. type: string href: - description: Optional URL; makes the image a clickable - link. + description: href defines the optional URL; makes + the image a clickable link. type: string src: - description: Src of the image being attached to + description: src of the image being attached to the incident type: string type: object type: array pagerDutyLinkConfigs: - description: A list of link details to attach that provide - further detail about an incident. + description: pagerDutyLinkConfigs defines a list of link + details to attach that provide further detail about + an incident. items: description: PagerDutyLinkConfig attaches text links to an incident properties: alt: - description: Text that describes the purpose of - the link, and can be used as the link's text. + description: alt defines the text that describes + the purpose of the link, and can be used as the + link's text. type: string href: - description: Href is the URL of the link to be attached + description: href defines the URL of the link to + be attached type: string type: object type: array routingKey: description: |- - The secret's key that contains the PagerDuty integration key (when using + routingKey defines the secret's key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -4377,11 +4519,12 @@ spec: type: object x-kubernetes-map-type: atomic sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean serviceKey: description: |- - The secret's key that contains the PagerDuty service key (when using + serviceKey defines the secret's key that contains the PagerDuty service key (when using integration type "Prometheus"). Either this field or `routingKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig @@ -4409,49 +4552,53 @@ spec: type: object x-kubernetes-map-type: atomic severity: - description: Severity of the incident. + description: severity of the incident. type: string source: - description: Unique location of the affected system. + description: source defines the unique location of the + affected system. type: string url: - description: The URL to send requests to. + description: url defines the URL to send requests to. type: string type: object type: array pushoverConfigs: - description: List of Pushover configurations. + description: pushoverConfigs defines the list of Pushover configurations. items: description: |- PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config properties: device: - description: The name of a device to send the notification - to + description: |- + device defines the name of a specific device to send the notification to. + If not specified, the notification is sent to all user's devices. type: string expire: description: |- - How long your notification will continue to be retried for, unless the user - acknowledges the notification. + expire defines how long your notification will continue to be retried for, + unless the user acknowledges the notification. Only applies to priority 2 notifications. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string html: - description: Whether notification message is HTML or plain - text. + description: |- + html defines whether notification message is HTML or plain text. + When true, the message can include HTML formatting tags. type: boolean httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Pushover API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -4476,7 +4623,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4485,12 +4632,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4516,7 +4663,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4543,7 +4690,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -4569,30 +4716,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4615,8 +4767,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4643,7 +4795,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4671,12 +4823,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4712,7 +4864,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4720,33 +4872,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4769,8 +4921,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4796,12 +4948,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4824,8 +4976,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4851,11 +5003,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -4881,7 +5034,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4892,7 +5045,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4902,13 +5055,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -4945,7 +5098,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4953,31 +5106,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5000,8 +5154,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5027,12 +5181,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5055,8 +5209,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5082,11 +5236,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -5111,7 +5266,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5122,7 +5277,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5132,37 +5287,45 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Notification message. + description: |- + message defines the notification message content. + This is the main body text of the Pushover notification. type: string priority: - description: Priority, see https://pushover.net/api#priority + description: |- + priority defines the notification priority level. + See https://pushover.net/api#priority for valid values and behavior. type: string retry: description: |- - How often the Pushover servers will send the same notification to the user. - Must be at least 30 seconds. + retry defines how often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. Only applies to priority 2 notifications. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean sound: - description: The name of one of the sounds supported by - device clients to override the user's default sound - choice + description: |- + sound defines the name of one of the sounds supported by device clients. + This overrides the user's default sound choice for this notification. type: string title: - description: Notification title. + description: |- + title defines the notification title displayed in the Pushover message. + This appears as the bold header text in the notification. type: string token: description: |- - The secret's key that contains the registered application's API token, see https://pushover.net/apps. + token defines the secret's key that contains the registered application's API token. + See https://pushover.net/apps for application registration. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. Either `token` or `tokenFile` is required. @@ -5190,25 +5353,30 @@ spec: x-kubernetes-map-type: atomic tokenFile: description: |- - The token file that contains the registered application's API token, see https://pushover.net/apps. + tokenFile defines the token file that contains the registered application's API token. + See https://pushover.net/apps for application registration. Either `token` or `tokenFile` is required. It requires Alertmanager >= v0.26.0. type: string ttl: - description: The time to live definition for the alert - notification + description: |- + ttl defines the time to live for the alert notification. + This determines how long the notification remains active before expiring. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string url: - description: A supplementary URL shown alongside the message. + description: |- + url defines a supplementary URL shown alongside the message. + This creates a clickable link within the Pushover notification. type: string urlTitle: - description: A title for supplementary URL, otherwise - just the URL is shown + description: |- + urlTitle defines a title for the supplementary URL. + If not specified, the raw URL is shown instead. type: string userKey: description: |- - The secret's key that contains the recipient user's user key. + userKey defines the secret's key that contains the recipient user's user key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. Either `userKey` or `userKeyFile` is required. @@ -5236,7 +5404,7 @@ spec: x-kubernetes-map-type: atomic userKeyFile: description: |- - The user key file that contains the recipient user's user key. + userKeyFile defines the user key file that contains the recipient user's user key. Either `userKey` or `userKeyFile` is required. It requires Alertmanager >= v0.26.0. type: string @@ -5244,7 +5412,7 @@ spec: type: array rocketchatConfigs: description: |- - List of RocketChat configurations. + rocketchatConfigs defines the list of RocketChat configurations. It requires Alertmanager >= 0.28.0. items: description: |- @@ -5252,22 +5420,29 @@ spec: It requires Alertmanager >= 0.28.0. properties: actions: - description: Actions to include in the message. + description: |- + actions defines interactive actions to include in the message. + These appear as buttons that users can click to trigger responses. items: description: RocketChatActionConfig defines actions for RocketChat messages. properties: msg: - description: The message to send when the button - is clicked. + description: |- + msg defines the message to send when the button is clicked. + This allows the button to post a predefined message to the channel. minLength: 1 type: string text: - description: The button text. + description: |- + text defines the button text displayed to users. + This is the label that appears on the interactive button. minLength: 1 type: string url: - description: The URL the button links to. + description: |- + url defines the URL the button links to when clicked. + This creates a clickable button that opens the specified URL. pattern: ^https?://.+$ type: string type: object @@ -5275,57 +5450,69 @@ spec: type: array apiURL: description: |- - The API URL for RocketChat. + apiURL defines the API URL for RocketChat. Defaults to https://open.rocket.chat/ if not specified. pattern: ^https?://.+$ type: string channel: - description: The channel to send alerts to. + description: |- + channel defines the channel to send alerts to. + This can be a channel name (e.g., "#alerts") or a direct message recipient. minLength: 1 type: string color: - description: The message color. + description: |- + color defines the message color displayed in RocketChat. + This appears as a colored bar alongside the message. minLength: 1 type: string emoji: - description: If provided, the avatar will be displayed - as an emoji. + description: |- + emoji defines the emoji to be displayed as an avatar. + If provided, this emoji will be used instead of the default avatar or iconURL. minLength: 1 type: string fields: - description: Additional fields for the message. + description: |- + fields defines additional fields for the message attachment. + These appear as structured key-value pairs within the message. items: description: RocketChatFieldConfig defines additional fields for RocketChat messages. properties: short: - description: Whether this field should be a short - field. + description: |- + short defines whether this field should be a short field. + When true, the field may be displayed inline with other short fields to save space. type: boolean title: - description: The title of this field. + description: |- + title defines the title of this field. + This appears as bold text labeling the field content. minLength: 1 type: string value: - description: The value of this field, displayed - underneath the title value. + description: |- + value defines the value of this field, displayed underneath the title. + This contains the actual data or content for the field. minLength: 1 type: string type: object minItems: 1 type: array httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for RocketChat API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -5350,7 +5537,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5359,12 +5546,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5390,7 +5577,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5417,7 +5604,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -5443,30 +5630,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5489,8 +5681,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5517,7 +5709,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5545,12 +5737,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5586,7 +5778,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5594,33 +5786,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5643,8 +5835,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -5670,12 +5862,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5698,8 +5890,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -5725,11 +5917,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -5755,7 +5948,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5766,7 +5959,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5776,13 +5969,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -5819,7 +6012,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5827,31 +6020,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5874,8 +6068,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5901,12 +6095,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5929,8 +6123,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5956,11 +6150,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -5985,7 +6180,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5996,7 +6191,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6006,47 +6201,65 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object iconURL: - description: Icon URL for the message. + description: |- + iconURL defines the icon URL for the message avatar. + This displays a custom image as the message sender's avatar. pattern: ^https?://.+$ type: string imageURL: - description: Image URL for the message. + description: |- + imageURL defines the image URL to display within the message. + This embeds an image directly in the message attachment. pattern: ^https?://.+$ type: string linkNames: - description: Whether to enable link names. + description: |- + linkNames defines whether to enable automatic linking of usernames and channels. + When true, @username and #channel references become clickable links. type: boolean sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean shortFields: - description: Whether to use short fields. + description: |- + shortFields defines whether to use short fields in the message layout. + When true, fields may be displayed side by side to save space. type: boolean text: - description: The message text to send, it is optional - because of attachments. + description: |- + text defines the message text to send. + This is optional because attachments can be used instead of or alongside text. minLength: 1 type: string thumbURL: - description: Thumbnail URL for the message. + description: |- + thumbURL defines the thumbnail URL for the message. + This displays a small thumbnail image alongside the message content. pattern: ^https?://.+$ type: string title: - description: The message title. + description: |- + title defines the message title displayed prominently in the message. + This appears as bold text at the top of the message attachment. minLength: 1 type: string titleLink: - description: The title link for the message. + description: |- + titleLink defines the URL that the title will link to when clicked. + This makes the message title clickable in the RocketChat interface. minLength: 1 type: string token: - description: The sender token. + description: |- + token defines the sender token for RocketChat authentication. + This is the personal access token or bot token used to authenticate API requests. properties: key: description: The key of the secret to select from. Must @@ -6070,7 +6283,9 @@ spec: type: object x-kubernetes-map-type: atomic tokenID: - description: The sender token ID. + description: |- + tokenID defines the sender token ID for RocketChat authentication. + This is the user ID associated with the token used for API requests. properties: key: description: The key of the secret to select from. Must @@ -6099,15 +6314,15 @@ spec: type: object type: array slackConfigs: - description: List of Slack configurations. + description: slackConfigs defines the list of Slack configurations. items: description: |- SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config properties: actions: - description: A list of Slack actions that are sent with - each notification. + description: actions defines a list of Slack actions that + are sent with each notification. items: description: |- SlackAction configures a single Slack action that is sent with each @@ -6117,37 +6332,64 @@ spec: properties: confirm: description: |- - SlackConfirmationField protect users from destructive actions or - particularly distinguished decisions by asking them to confirm their button - click one more time. - See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields - for more information. + confirm defines an optional confirmation dialog that appears before the action is executed. + When set, users must confirm their intent before the action proceeds. properties: dismissText: + description: |- + dismissText defines the label for the cancel button in the dialog. + When not specified, defaults to "Cancel". This button cancels the action. type: string okText: + description: |- + okText defines the label for the confirmation button in the dialog. + When not specified, defaults to "Okay". This button proceeds with the action. type: string text: + description: |- + text defines the main message displayed in the confirmation dialog. + This should be a clear question or statement asking the user to confirm their action. minLength: 1 type: string title: + description: |- + title defines the title text displayed at the top of the confirmation dialog. + When not specified, a default title will be used. type: string required: - text type: object name: + description: |- + name defines a unique identifier for the action within the message. + This value is sent back to your application when the action is triggered. type: string style: + description: |- + style defines the visual appearance of the action element. + Valid values include "default", "primary" (green), and "danger" (red). type: string text: + description: |- + text defines the user-visible label displayed on the action element. + For buttons, this is the button text. For select menus, this is the placeholder text. minLength: 1 type: string type: + description: |- + type defines the type of interactive component. + Common values include "button" for clickable buttons and "select" for dropdown menus. minLength: 1 type: string url: + description: |- + url defines the URL to open when the action is triggered. + Only applicable for button-type actions. When set, clicking the button opens this URL. type: string value: + description: |- + value defines the payload sent when the action is triggered. + This data is included in the callback sent to your application. type: string required: - text @@ -6156,7 +6398,7 @@ spec: type: array apiURL: description: |- - The secret's key that contains the Slack webhook URL. + apiURL defines the secret's key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -6182,18 +6424,25 @@ spec: type: object x-kubernetes-map-type: atomic callbackId: + description: callbackId defines an identifier for the + message used in interactive components. type: string channel: - description: The channel or user to send notifications - to. + description: channel defines the channel or user to send + notifications to. type: string color: + description: |- + color defines the color of the left border of the Slack message attachment. + Can be a hex color code (e.g., "#ff0000") or a predefined color name. type: string fallback: + description: fallback defines a plain-text summary of + the attachment for clients that don't support attachments. type: string fields: - description: A list of Slack fields that are sent with - each notification. + description: fields defines a list of Slack fields that + are sent with each notification. items: description: |- SlackField configures a single Slack field that is sent with each notification. @@ -6202,11 +6451,21 @@ spec: See https://api.slack.com/docs/message-attachments#fields for more information. properties: short: + description: |- + short determines whether this field can be displayed alongside other short fields. + When true, Slack may display this field side by side with other short fields. + When false or not specified, the field takes the full width of the message. type: boolean title: + description: |- + title defines the label or header text displayed for this field. + This appears as bold text above the field value in the Slack message. minLength: 1 type: string value: + description: |- + value defines the content or data displayed for this field. + This appears below the title and can contain plain text or Slack markdown. minLength: 1 type: string required: @@ -6215,19 +6474,21 @@ spec: type: object type: array footer: + description: footer defines small text displayed at the + bottom of the message attachment. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -6252,7 +6513,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6261,12 +6522,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6292,7 +6553,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6319,7 +6580,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -6345,30 +6606,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6391,8 +6657,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6419,7 +6685,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6447,12 +6713,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6488,7 +6754,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6496,33 +6762,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6545,8 +6811,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -6572,12 +6838,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6600,8 +6866,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -6627,11 +6893,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -6657,7 +6924,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6668,7 +6935,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6678,13 +6945,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -6721,7 +6988,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6729,31 +6996,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6776,8 +7044,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6803,12 +7071,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6831,8 +7099,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6858,11 +7126,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -6887,7 +7156,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6898,7 +7167,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6908,44 +7177,72 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object iconEmoji: + description: iconEmoji defines the emoji to use as the + bot's avatar (e.g., ":ghost:"). type: string iconURL: + description: iconURL defines the URL to an image to use + as the bot's avatar. type: string imageURL: + description: imageURL defines the URL to an image file + that will be displayed inside the message attachment. type: string linkNames: + description: |- + linkNames enables automatic linking of channel names and usernames in the message. + When true, @channel and @username will be converted to clickable links. type: boolean mrkdwnIn: + description: |- + mrkdwnIn defines which fields should be parsed as Slack markdown. + Valid values include "pretext", "text", and "fields". items: type: string type: array pretext: + description: pretext defines optional text that appears + above the message attachment block. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean shortFields: + description: |- + shortFields determines whether fields are displayed in a compact format. + When true, fields are shown side by side when possible. type: boolean text: + description: text defines the main text content of the + Slack message attachment. type: string thumbURL: + description: |- + thumbURL defines the URL to an image file that will be displayed as a thumbnail + on the right side of the message attachment. type: string title: + description: title defines the title text displayed in + the Slack message attachment. type: string titleLink: + description: titleLink defines the URL that the title + will link to when clicked. type: string username: + description: username defines the slack bot user name. type: string type: object type: array snsConfigs: - description: List of SNS configurations + description: snsConfigs defines the list of SNS configurations items: description: |- SNSConfig configures notifications via AWS SNS. @@ -6953,26 +7250,29 @@ spec: properties: apiURL: description: |- - The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + apiURL defines the SNS API URL, e.g. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used. type: string attributes: additionalProperties: type: string - description: SNS message attributes. + description: |- + attributes defines SNS message attributes as key-value pairs. + These provide additional metadata that can be used for message filtering and routing. type: object httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for SNS API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -6997,7 +7297,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7006,12 +7306,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7037,7 +7337,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7064,7 +7364,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -7090,30 +7390,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7136,8 +7441,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7164,7 +7469,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7192,12 +7497,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7233,7 +7538,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7241,33 +7546,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7290,8 +7595,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -7317,12 +7622,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7345,8 +7650,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -7372,11 +7677,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -7402,7 +7708,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7413,7 +7719,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7423,13 +7729,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -7466,7 +7772,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7474,31 +7780,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7521,8 +7828,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7548,12 +7855,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7576,8 +7883,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7603,11 +7910,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -7632,7 +7940,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7643,7 +7951,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7653,29 +7961,33 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: The message content of the SNS notification. + description: |- + message defines the message content of the SNS notification. + This is the actual notification text that will be sent to subscribers. type: string phoneNumber: description: |- - Phone number if message is delivered via SMS in E.164 format. + phoneNumber defines the phone number if message is delivered via SMS in E.164 format. If you don't specify this value, you must specify a value for the TopicARN or TargetARN. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean sigv4: - description: Configures AWS's Signature Verification 4 - signing process to sign requests. + description: |- + sigv4 configures AWS's Signature Verification 4 signing process to sign requests. + This includes AWS credentials and region configuration for authentication. properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -7700,20 +8012,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used - to authenticate. + description: profile defines the named AWS profile + used to authenticate. type: string region: - description: Region is the AWS region. If blank, the - region from the default credentials chain used. + description: region defines the AWS region. If blank, + the region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used - to authenticate. + description: roleArn defines the named AWS profile + used to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -7737,25 +8049,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object subject: - description: Subject line when the message is delivered - to email endpoints. + description: |- + subject defines the subject line when the message is delivered to email endpoints. + This field is only used when sending to email subscribers of an SNS topic. type: string targetARN: description: |- - The mobile platform endpoint ARN if message is delivered via mobile notifications. - If you don't specify this value, you must specify a value for the topic_arn or PhoneNumber. + targetARN defines the mobile platform endpoint ARN if message is delivered via mobile notifications. + If you don't specify this value, you must specify a value for the TopicARN or PhoneNumber. type: string topicARN: description: |- - SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + topicARN defines the SNS topic ARN, e.g. arn:aws:sns:us-east-2:698519295917:My-Topic. If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN. type: string type: object type: array telegramConfigs: - description: List of Telegram configurations. + description: telegramConfigs defines the list of Telegram configurations. items: description: |- TelegramConfig configures notifications via Telegram. @@ -7763,15 +8081,14 @@ spec: properties: apiURL: description: |- - The Telegram API URL i.e. https://api.telegram.org. - If not specified, default API URL will be used. + apiURL defines the Telegram API URL, e.g. https://api.telegram.org. + If not specified, the default Telegram API URL will be used. type: string botToken: description: |- - Telegram bot token. It is mutually exclusive with `botTokenFile`. + botToken defines the Telegram bot token. It is mutually exclusive with `botTokenFile`. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. - Either `botToken` or `botTokenFile` is required. properties: key: @@ -7797,30 +8114,35 @@ spec: x-kubernetes-map-type: atomic botTokenFile: description: |- - File to read the Telegram bot token from. It is mutually exclusive with `botToken`. + botTokenFile defines the file to read the Telegram bot token from. + It is mutually exclusive with `botToken`. Either `botToken` or `botTokenFile` is required. - It requires Alertmanager >= v0.26.0. type: string chatID: - description: The Telegram chat ID. + description: |- + chatID defines the Telegram chat ID where messages will be sent. + This can be a user ID, group ID, or channel ID (with @ prefix for public channels). format: int64 type: integer disableNotifications: - description: Disable telegram notifications + description: |- + disableNotifications controls whether Telegram notifications are sent silently. + When true, users will receive the message without notification sounds. type: boolean httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Telegram API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -7845,7 +8167,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7854,12 +8176,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7885,7 +8207,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7912,7 +8234,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -7938,30 +8260,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7984,8 +8311,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8012,7 +8339,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8040,12 +8367,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8081,7 +8408,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8089,33 +8416,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8138,8 +8465,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8165,12 +8492,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8193,8 +8520,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8220,11 +8547,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -8250,7 +8578,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8261,7 +8589,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8271,13 +8599,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -8314,7 +8642,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8322,31 +8650,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8369,8 +8698,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8396,12 +8725,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8424,8 +8753,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8451,11 +8780,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -8480,7 +8810,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8491,7 +8821,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8501,36 +8831,44 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Message template + description: |- + message defines the message template for the Telegram notification. + This is the content that will be sent to the specified chat. type: string messageThreadID: description: |- - The Telegram Group Topic ID. + messageThreadID defines the Telegram Group Topic ID for threaded messages. + This allows sending messages to specific topics within Telegram groups. It requires Alertmanager >= 0.26.0. format: int64 type: integer parseMode: - description: Parse mode for telegram message + description: |- + parseMode defines the parse mode for telegram message formatting. + Valid values are "MarkdownV2", "Markdown", and "HTML". + This determines how text formatting is interpreted in the message. enum: - MarkdownV2 - Markdown - HTML type: string sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean required: - chatID type: object type: array victoropsConfigs: - description: List of VictorOps configurations. + description: victoropsConfigs defines the list of VictorOps + configurations. items: description: |- VictorOpsConfig configures notifications via VictorOps. @@ -8538,7 +8876,7 @@ spec: properties: apiKey: description: |- - The secret's key that contains the API key to use when talking to the VictorOps API. + apiKey defines the secret's key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -8564,19 +8902,27 @@ spec: type: object x-kubernetes-map-type: atomic apiUrl: - description: The VictorOps API URL. + description: |- + apiUrl defines the VictorOps API URL. + When not specified, defaults to the standard VictorOps API endpoint. type: string customFields: - description: Additional custom fields for notification. + description: |- + customFields defines additional custom fields for notification. + These provide extra metadata that will be included with the VictorOps incident. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -8584,20 +8930,23 @@ spec: type: object type: array entityDisplayName: - description: Contains summary of the alerted problem. + description: |- + entityDisplayName contains a summary of the alerted problem. + This appears as the main title or identifier for the incident. type: string httpConfig: - description: The HTTP client's configuration. + description: httpConfig defines the HTTP client's configuration + for VictorOps API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -8622,7 +8971,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8631,12 +8980,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -8662,7 +9011,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -8689,7 +9038,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -8715,30 +9064,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8761,8 +9115,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8789,7 +9143,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8817,12 +9171,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8858,7 +9212,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8866,33 +9220,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8915,8 +9269,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8942,12 +9296,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8970,8 +9324,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8997,11 +9351,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -9027,7 +9382,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9038,7 +9393,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9048,13 +9403,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -9091,7 +9446,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9099,31 +9454,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9146,8 +9502,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9173,12 +9529,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9201,8 +9557,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9228,11 +9584,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -9257,7 +9614,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9268,7 +9625,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9278,58 +9635,61 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object messageType: - description: Describes the behavior of the alert (CRITICAL, - WARNING, INFO). + description: |- + messageType describes the behavior of the alert. + Valid values are "CRITICAL", "WARNING", and "INFO". type: string monitoringTool: - description: The monitoring tool the state message is - from. + description: |- + monitoringTool defines the monitoring tool the state message is from. + This helps identify the source system that generated the alert. type: string routingKey: - description: A key used to map the alert to a team. + description: |- + routingKey defines a key used to map the alert to a team. + This determines which VictorOps team will receive the alert notification. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean stateMessage: - description: Contains long explanation of the alerted - problem. + description: |- + stateMessage contains a long explanation of the alerted problem. + This provides detailed context about the incident. type: string type: object type: array webexConfigs: - description: List of Webex configurations. + description: webexConfigs defines the list of Webex configurations. items: description: |- WebexConfig configures notification via Cisco Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config properties: apiURL: - description: |- - The Webex Teams API URL i.e. https://webexapis.com/v1/messages - Provide if different from the default API URL. + description: apiURL defines the Webex Teams API URL i.e. + https://webexapis.com/v1/messages pattern: ^https?://.+$ type: string httpConfig: - description: |- - The HTTP client's configuration. - You must supply the bot token via the `httpConfig.authorization` field. + description: httpConfig defines the HTTP client's configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -9354,7 +9714,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9363,12 +9723,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -9394,7 +9754,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -9421,7 +9781,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -9447,30 +9807,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9493,8 +9858,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9521,7 +9886,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9549,12 +9914,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9590,7 +9955,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9598,33 +9963,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9647,8 +10012,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -9674,12 +10039,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9702,8 +10067,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -9729,11 +10094,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -9759,7 +10125,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9770,7 +10136,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9780,13 +10146,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -9823,7 +10189,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9831,31 +10197,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9878,8 +10245,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9905,12 +10272,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9933,8 +10300,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9960,11 +10327,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -9989,7 +10357,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10000,7 +10368,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10010,45 +10378,47 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Message template + description: message defines the message template type: string roomID: - description: ID of the Webex Teams room where to send - the messages. + description: roomID defines the ID of the Webex Teams + room where to send the messages. minLength: 1 type: string sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean required: - roomID type: object type: array webhookConfigs: - description: List of webhook configurations. + description: webhookConfigs defines the List of webhook configurations. items: description: |- WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -10073,7 +10443,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -10082,12 +10452,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -10113,7 +10483,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -10140,7 +10510,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -10166,30 +10536,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10212,8 +10587,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10240,7 +10615,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -10268,12 +10643,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -10309,7 +10684,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10317,33 +10692,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10366,8 +10741,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -10393,12 +10768,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10421,8 +10796,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -10448,11 +10823,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -10478,7 +10854,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10489,7 +10865,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10499,13 +10875,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -10542,7 +10918,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10550,31 +10926,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10597,8 +10974,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10624,12 +11001,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10652,8 +11029,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10679,11 +11056,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -10708,7 +11086,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10719,7 +11097,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10729,37 +11107,38 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object maxAlerts: - description: Maximum number of alerts to be sent per webhook - message. When 0, all alerts are included. + description: |- + maxAlerts defines the maximum number of alerts to be sent per webhook message. + When 0, all alerts are included in the webhook payload. format: int32 minimum: 0 type: integer sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean timeout: description: |- - The maximum time to wait for a webhook request to complete, before failing the - request and allowing it to be retried. + timeout defines the maximum time to wait for a webhook request to complete, + before failing the request and allowing it to be retried. It requires Alertmanager >= v0.28.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string url: description: |- - The URL to send HTTP POST requests to. `urlSecret` takes precedence over - `url`. One of `urlSecret` and `url` should be defined. + url defines the URL to send HTTP POST requests to. + urlSecret takes precedence over url. One of urlSecret and url should be defined. type: string urlSecret: description: |- - The secret's key that contains the webhook URL to send HTTP requests to. - `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` - should be defined. + urlSecret defines the secret's key that contains the webhook URL to send HTTP requests to. + urlSecret takes precedence over url. One of urlSecret and url should be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -10787,17 +11166,20 @@ spec: type: object type: array wechatConfigs: - description: List of WeChat configurations. + description: wechatConfigs defines the list of WeChat configurations. items: description: |- WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config properties: agentID: + description: |- + agentID defines the application agent ID within WeChat Work. + This identifies which WeChat Work application will send the notifications. type: string apiSecret: description: |- - The secret's key that contains the WeChat API key. + apiSecret defines the secret's key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -10823,23 +11205,28 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The WeChat API URL. + description: |- + apiURL defines the WeChat API URL. + When not specified, defaults to the standard WeChat Work API endpoint. type: string corpID: - description: The corp id for authentication. + description: |- + corpID defines the corp id for authentication. + This is the unique identifier for your WeChat Work organization. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for WeChat API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -10864,7 +11251,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -10873,12 +11260,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -10904,7 +11291,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -10931,7 +11318,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -10957,30 +11344,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11003,8 +11395,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11031,7 +11423,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -11059,12 +11451,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11100,7 +11492,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11108,33 +11500,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11157,8 +11549,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -11184,12 +11576,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11212,8 +11604,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -11239,11 +11631,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -11269,7 +11662,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11280,7 +11673,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11290,13 +11683,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -11333,7 +11726,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11341,31 +11734,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11388,8 +11782,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11415,12 +11809,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11443,8 +11837,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11470,11 +11864,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -11499,7 +11894,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11510,7 +11905,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11520,25 +11915,39 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: API request data as defined by the WeChat - API. + description: |- + message defines the API request data as defined by the WeChat API. + This contains the actual notification content to be sent. type: string messageType: + description: |- + messageType defines the type of message to send. + Valid values include "text", "markdown", and other WeChat Work supported message types. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean toParty: + description: |- + toParty defines the target department(s) to receive the notification. + Can be a single department ID or multiple department IDs separated by '|'. type: string toTag: + description: |- + toTag defines the target tag(s) to receive the notification. + Can be a single tag ID or multiple tag IDs separated by '|'. type: string toUser: + description: |- + toUser defines the target user(s) to receive the notification. + Can be a single user ID or multiple user IDs separated by '|'. type: string type: object type: array @@ -11548,25 +11957,25 @@ spec: type: array route: description: |- - The Alertmanager route definition for alerts matching the resource's + route defines the Alertmanager route definition for alerts matching the resource's namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route. properties: activeTimeIntervals: - description: ActiveTimeIntervals is a list of MuteTimeInterval + description: activeTimeIntervals is a list of MuteTimeInterval names when this route should be active. items: type: string type: array continue: description: |- - Boolean indicating whether an alert should continue matching subsequent + continue defines the boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator. type: boolean groupBy: description: |- - List of labels to group by. + groupBy defines the list of labels to group by. Labels must not be repeated (unique list). Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list. items: @@ -11574,19 +11983,19 @@ spec: type: array groupInterval: description: |- - How long to wait before sending an updated notification. + groupInterval defines how long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "5m" type: string groupWait: description: |- - How long to wait before sending the initial notification. + groupWait defines how long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "30s" type: string matchers: description: |- - List of matchers that the alert's labels should match. For the first + matchers defines the list of matchers that the alert's labels should match. For the first level route, the operator removes any existing equality and regexp matcher on the `namespace` label and adds a `namespace: ` matcher. @@ -11595,8 +12004,9 @@ spec: properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -11604,47 +12014,44 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name type: object type: array muteTimeIntervals: - description: |- - Note: this comment applies to the field definition above but appears - below otherwise it gets included in the generated manifest. - CRD schema doesn't support self-referential types for now (see - https://github.com/kubernetes/kubernetes/issues/62872). We have to use - an alternative type to circumvent the limitation. The downside is that - the Kube API can't validate the data beyond the fact that it is a valid - JSON representation. - MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, + description: muteTimeIntervals is a list of MuteTimeInterval names + that will mute this route when matched, items: type: string type: array receiver: description: |- - Name of the receiver for this route. If not empty, it should be listed in + receiver defines the name of the receiver for this route. If not empty, it should be listed in the `receivers` field. type: string repeatInterval: description: |- - How long to wait before repeating the last notification. + repeatInterval defines how long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "4h" type: string routes: - description: Child routes. + description: routes defines the child routes. items: x-kubernetes-preserve-unknown-fields: true type: array diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml index 7c2bf5c02ea5..d64fe7e413ef 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-alertmanagers.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -76,12 +76,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Alertmanager cluster. More info: + spec defines the specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'Alertmanager' container. + additionalArgs allows setting additional arguments for the 'Alertmanager' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Alertmanager container which may cause issues if they are invalid or not supported @@ -90,25 +90,25 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array additionalPeers: - description: AdditionalPeers allows injecting a set of additional + description: additionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. items: type: string type: array affinity: - description: If specified, the pod's scheduling constraints. + description: affinity defines the pod's scheduling constraints. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -676,8 +676,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1021,13 +1021,13 @@ spec: type: object alertmanagerConfigMatcherStrategy: description: |- - AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects + alertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects process incoming alerts. properties: type: default: OnNamespace description: |- - AlertmanagerConfigMatcherStrategyType defines the strategy used by + type defines the strategy used by AlertmanagerConfig objects to match alerts in the routes and inhibition rules. @@ -1040,7 +1040,7 @@ spec: type: object alertmanagerConfigNamespaceSelector: description: |- - Namespaces to be selected for AlertmanagerConfig discovery. If nil, only + alertmanagerConfigNamespaceSelector defines the namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. properties: matchExpressions: @@ -1087,8 +1087,8 @@ spec: type: object x-kubernetes-map-type: atomic alertmanagerConfigSelector: - description: AlertmanagerConfigs to be selected for to merge and configure - Alertmanager with. + description: alertmanagerConfigSelector defines the selector to be + used for to merge and configure Alertmanager with. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1135,7 +1135,7 @@ spec: x-kubernetes-map-type: atomic alertmanagerConfiguration: description: |- - alertmanagerConfiguration specifies the configuration of Alertmanager. + alertmanagerConfiguration defines the configuration of Alertmanager. If defined, it takes precedence over the `configSecret` field. @@ -1143,20 +1143,23 @@ spec: in a breaking way. properties: global: - description: Defines the global parameters of the Alertmanager + description: global defines the global parameters of the Alertmanager configuration. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the default HTTP configuration. properties: authorization: description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + authorization configures the Authorization header credentials used by + the client. + + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select from. Must @@ -1181,7 +1184,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1190,12 +1193,14 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. - This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. + basicAuth defines the Basic Authentication credentials used by the + client. + + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1221,7 +1226,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1248,10 +1253,14 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client - for authentication. - The secret needs to be in the same namespace as the Alertmanager - object and accessible by the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. + + Deprecated: use `authorization` instead. properties: key: description: The key of the secret to select from. Must @@ -1274,30 +1283,38 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the client - should follow HTTP 3xx redirects. + description: |- + followRedirects defines whether the client should follow HTTP 3xx + redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch a - token for the targets. + description: |- + oauth2 defines the OAuth2 settings used by the client. + + It requires Prometheus >= 2.27.0. + + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1320,8 +1337,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1347,7 +1364,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1375,12 +1392,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1415,7 +1432,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1423,33 +1440,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used - for the token request.' + description: scopes defines the OAuth2 scopes used + for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1472,8 +1489,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1499,12 +1516,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1527,8 +1544,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1554,11 +1571,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -1583,7 +1601,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1594,7 +1612,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1604,13 +1622,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch - the token from.' + description: tokenUrl defines the URL to fetch the + token from. minLength: 1 type: string required: @@ -1647,7 +1665,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1655,25 +1673,26 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server to + use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: tlsConfig defines the TLS configuration used + by the client. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1696,8 +1715,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1722,12 +1741,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1750,8 +1769,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1776,11 +1795,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1805,7 +1825,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1816,7 +1836,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1826,23 +1846,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object type: object jira: - description: The default configuration for Jira. + description: jira defines the default configuration for Jira. properties: apiURL: description: |- - The default Jira API URL. + apiURL defines the default Jira API URL. It requires Alertmanager >= v0.28.0. pattern: ^(http|https)://.+$ type: string type: object opsGenieApiKey: - description: The default OpsGenie API Key. + description: opsGenieApiKey defines the default OpsGenie API + Key. properties: key: description: The key of the secret to select from. Must @@ -1866,7 +1888,8 @@ spec: type: object x-kubernetes-map-type: atomic opsGenieApiUrl: - description: The default OpsGenie API URL. + description: opsGenieApiUrl defines the default OpsGenie API + URL. properties: key: description: The key of the secret to select from. Must @@ -1890,28 +1913,30 @@ spec: type: object x-kubernetes-map-type: atomic pagerdutyUrl: - description: The default Pagerduty URL. + description: pagerdutyUrl defines the default Pagerduty URL. + pattern: ^(http|https)://.+$ type: string resolveTimeout: description: |- - ResolveTimeout is the default value used by alertmanager if the alert does + resolveTimeout defines the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string rocketChat: - description: The default configuration for Rocket Chat. + description: rocketChat defines the default configuration + for Rocket Chat. properties: apiURL: description: |- - The default Rocket Chat API URL. + apiURL defines the default Rocket Chat API URL. It requires Alertmanager >= v0.28.0. pattern: ^(http|https)://.+$ type: string token: description: |- - The default Rocket Chat token. + token defines the default Rocket Chat token. It requires Alertmanager >= v0.28.0. properties: @@ -1938,7 +1963,7 @@ spec: x-kubernetes-map-type: atomic tokenID: description: |- - The default Rocket Chat Token ID. + tokenID defines the default Rocket Chat Token ID. It requires Alertmanager >= v0.28.0. properties: @@ -1965,7 +1990,7 @@ spec: x-kubernetes-map-type: atomic type: object slackApiUrl: - description: The default Slack API URL. + description: slackApiUrl defines the default Slack API URL. properties: key: description: The key of the secret to select from. Must @@ -1989,13 +2014,14 @@ spec: type: object x-kubernetes-map-type: atomic smtp: - description: Configures global SMTP parameters. + description: smtp defines global SMTP parameters. properties: authIdentity: - description: SMTP Auth using PLAIN + description: authIdentity represents SMTP Auth using PLAIN type: string authPassword: - description: SMTP Auth using LOGIN and PLAIN. + description: authPassword represents SMTP Auth using LOGIN + and PLAIN. properties: key: description: The key of the secret to select from. Must @@ -2019,7 +2045,7 @@ spec: type: object x-kubernetes-map-type: atomic authSecret: - description: SMTP Auth using CRAM-MD5. + description: authSecret represents SMTP Auth using CRAM-MD5. properties: key: description: The key of the secret to select from. Must @@ -2043,34 +2069,35 @@ spec: type: object x-kubernetes-map-type: atomic authUsername: - description: SMTP Auth using CRAM-MD5, LOGIN and PLAIN. - If empty, Alertmanager doesn't authenticate to the SMTP - server. + description: authUsername represents SMTP Auth using CRAM-MD5, + LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate + to the SMTP server. type: string from: - description: The default SMTP From header field. + description: from defines the default SMTP From header + field. type: string hello: - description: The default hostname to identify to the SMTP - server. + description: hello defines the default hostname to identify + to the SMTP server. type: string requireTLS: description: |- - The default SMTP TLS requirement. + requireTLS defines the default SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean smartHost: - description: The default SMTP smarthost used for sending - emails. + description: smartHost defines the default SMTP smarthost + used for sending emails. properties: host: - description: Defines the host's address, it can be - a DNS name or a literal IP address. + description: host defines the host's address, it can + be a DNS name or a literal IP address. minLength: 1 type: string port: - description: Defines the host's port, it can be a - literal port number or a port name. + description: port defines the host's port, it can + be a literal port number or a port name. minLength: 1 type: string required: @@ -2078,15 +2105,16 @@ spec: - port type: object tlsConfig: - description: The default TLS configuration for SMTP receivers + description: tlsConfig defines the default TLS configuration + for SMTP receivers properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2109,8 +2137,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2135,12 +2163,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2163,8 +2191,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2189,11 +2217,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2218,7 +2247,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2229,7 +2258,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2239,26 +2268,29 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object type: object telegram: - description: The default Telegram config + description: telegram defines the default Telegram config properties: apiURL: description: |- - The default Telegram API URL. + apiURL defines he default Telegram API URL. It requires Alertmanager >= v0.24.0. pattern: ^(http|https)://.+$ type: string type: object victorops: - description: The default configuration for VictorOps. + description: victorops defines the default configuration for + VictorOps. properties: apiKey: - description: The default VictorOps API Key. + description: apiKey defines the default VictorOps API + Key. properties: key: description: The key of the secret to select from. Must @@ -2282,30 +2314,33 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The default VictorOps API URL. + description: apiURL defines the default VictorOps API + URL. pattern: ^(http|https)://.+$ type: string type: object webex: - description: The default configuration for Jira. + description: webex defines the default configuration for Jira. properties: apiURL: description: |- - The default Webex API URL. + apiURL defines the is the default Webex API URL. It requires Alertmanager >= v0.25.0. pattern: ^(http|https)://.+$ type: string type: object wechat: - description: The default WeChat Config + description: wechat defines the default WeChat Config properties: apiCorpID: - description: The default WeChat API Corporate ID. + description: apiCorpID defines the default WeChat API + Corporate ID. minLength: 1 type: string apiSecret: - description: The default WeChat API Secret. + description: apiSecret defines the default WeChat API + Secret. properties: key: description: The key of the secret to select from. Must @@ -2330,7 +2365,7 @@ spec: x-kubernetes-map-type: atomic apiURL: description: |- - The default WeChat API URL. + apiURL defines he default WeChat API URL. The default value is "https://qyapi.weixin.qq.com/cgi-bin/" pattern: ^(http|https)://.+$ type: string @@ -2338,19 +2373,20 @@ spec: type: object name: description: |- - The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. + name defines the name of the AlertmanagerConfig custom resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules. minLength: 1 type: string templates: - description: Custom notification templates. + description: templates defines the custom notification templates. items: description: SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2373,7 +2409,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2401,53 +2438,56 @@ spec: type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials. type: boolean baseImage: description: |- - Base image that is used to deploy pods, without tag. + baseImage that is used to deploy pods, without tag. Deprecated: use 'image' instead. type: string clusterAdvertiseAddress: description: |- - ClusterAdvertiseAddress is the explicit address to advertise in cluster. + clusterAdvertiseAddress defines the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918 type: string clusterGossipInterval: - description: Interval between gossip attempts. + description: clusterGossipInterval defines the interval between gossip + attempts. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterLabel: description: |- - Defines the identifier that uniquely identifies the Alertmanager cluster. + clusterLabel defines the identifier that uniquely identifies the Alertmanager cluster. You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the `.spec.additionalPeers` field. type: string clusterPeerTimeout: - description: Timeout for cluster peering. + description: clusterPeerTimeout defines the timeout for cluster peering. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterPushpullInterval: - description: Interval between pushpull attempts. + description: clusterPushpullInterval defines the interval between + pushpull attempts. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterTLS: description: |- - Configures the mutual TLS configuration for the Alertmanager cluster's gossip protocol. + clusterTLS defines the mutual TLS configuration for the Alertmanager cluster's gossip protocol. It requires Alertmanager >= 0.24.0. properties: client: - description: Client-side configuration for mutual TLS. + description: client defines the client-side configuration for + mutual TLS. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2470,7 +2510,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2495,11 +2536,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2522,7 +2564,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2547,11 +2590,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2576,7 +2620,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2587,7 +2631,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2597,23 +2641,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object server: - description: Server-side configuration for mutual TLS. + description: server defines the server-side configuration for + mutual TLS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2636,7 +2682,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2662,7 +2709,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -2670,7 +2717,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -2680,14 +2727,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2710,7 +2757,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2736,21 +2784,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -2760,7 +2808,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -2768,7 +2816,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -2796,14 +2844,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -2816,7 +2866,7 @@ spec: type: object configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager + configMaps defines a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into `/etc/alertmanager/configmaps/` in the 'alertmanager' container. @@ -2825,7 +2875,7 @@ spec: type: array configSecret: description: |- - ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + configSecret defines the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to `alertmanager-`. @@ -2840,7 +2890,7 @@ spec: type: string containers: description: |- - Containers allows injecting additional containers. This is meant to + containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge @@ -2889,8 +2939,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -2948,6 +2999,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3008,8 +3096,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3036,8 +3124,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3708,7 +3797,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3762,10 +3851,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3777,6 +3866,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4276,11 +4418,11 @@ spec: type: object type: array dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -4289,7 +4431,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -4298,11 +4440,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -4313,7 +4455,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -4322,7 +4464,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -4331,7 +4473,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Alertmanager feature flags. By default, no features are enabled. + enableFeatures defines the Alertmanager's feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. @@ -4341,34 +4483,34 @@ spec: type: string type: array enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean externalUrl: description: |- - The external URL the Alertmanager instances will be available under. This is + externalUrl defines the URL used to access the Alertmanager web service. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. type: string forceEnableClusterMode: description: |- - ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. + forceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. type: boolean hostAliases: - description: Pods' hostAliases configuration + description: hostAliases Pods configuration items: description: |- HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -4380,7 +4522,7 @@ spec: x-kubernetes-list-type: map hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -4389,14 +4531,14 @@ spec: type: boolean image: description: |- - Image if specified has precedence over baseImage, tag and sha + image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured. type: string imagePullPolicy: description: |- - Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -4406,7 +4548,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to secrets in the same namespace + imagePullSecrets An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ items: @@ -4428,7 +4570,7 @@ spec: type: array initContainers: description: |- - InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + initContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator @@ -4478,8 +4620,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -4537,6 +4680,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -4597,8 +4777,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -4625,8 +4805,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -5297,7 +5478,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -5351,10 +5532,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -5366,6 +5547,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -5865,18 +6099,19 @@ spec: type: object type: array limits: - description: Defines the limits command line flags when starting Alertmanager. + description: limits defines the limits command line flags when starting + Alertmanager. properties: maxPerSilenceBytes: description: |- - The maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's + maxPerSilenceBytes defines the maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's `--silences.max-per-silence-bytes` flag. It requires Alertmanager >= v0.28.0. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string maxSilences: description: |- - The maximum number active and pending silences. This corresponds to the + maxSilences defines the maximum number active and pending silences. This corresponds to the Alertmanager's `--silences.max-silences` flag. It requires Alertmanager >= v0.28.0. format: int32 @@ -5885,19 +6120,19 @@ spec: type: object listenLocal: description: |- - ListenLocal makes the Alertmanager server listen on loopback, so that it + listenLocal defines the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication. type: boolean logFormat: - description: Log format for Alertmanager to be configured with. + description: logFormat for Alertmanager to be configured with. enum: - "" - logfmt - json type: string logLevel: - description: Log level for Alertmanager to be configured with. + description: logLevel for Alertmanager to be configured with. enum: - "" - debug @@ -5907,7 +6142,7 @@ spec: type: string minReadySeconds: description: |- - Minimum number of seconds for which a newly created pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -5917,16 +6152,17 @@ spec: nodeSelector: additionalProperties: type: string - description: Define which Nodes the Pods are scheduled on. + description: nodeSelector defines which Nodes the Pods are scheduled + on. type: object paused: description: |- - If set to true all actions on the underlying managed objects are not + paused if set to true all actions on the underlying managed objects are not going to be performed, except for delete actions. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -5949,7 +6185,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. + podMetadata defines labels and annotations which are propagated to the Alertmanager pods. The following items are reserved and cannot be overridden: * "alertmanager" label, set to the name of the Alertmanager instance. @@ -5963,7 +6199,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -5972,14 +6208,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -5990,28 +6226,29 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName defines the port's name for the pods and governing service. Defaults to `web`. type: string priorityClassName: - description: Priority class assigned to the Pods + description: priorityClassName assigned to the Pods type: string replicas: description: |- - Size is the expected size of the alertmanager cluster. The controller will + replicas defines the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size. format: int32 type: integer resources: - description: Define resources requests and limits for single Pods. + description: resources defines the resource requests and limits of + the Pods. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -6065,20 +6302,20 @@ spec: retention: default: 120h description: |- - Time duration Alertmanager shall retain data for. Default is '120h', + retention defines the time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string routePrefix: description: |- - The route prefix Alertmanager registers HTTP handlers for. This is useful, + routePrefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Alertmanager + secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container. @@ -6087,7 +6324,7 @@ spec: type: array securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -6321,37 +6558,37 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels. - If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alermanager resources. + If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alertmanager resources. When deploying multiple Alertmanager resources in the same namespace, it is recommended to specify a different value for each. See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. minLength: 1 type: string sha: description: |- - SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. + sha of Alertmanager container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL. type: string storage: description: |- - Storage is the definition of how storage will be used by the Alertmanager + storage defines the definition of how storage will be used by the Alertmanager instances. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -6378,7 +6615,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -6599,15 +6836,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6625,7 +6860,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -6645,14 +6880,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -6661,14 +6896,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -6678,7 +6913,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -6855,15 +7090,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6876,7 +7109,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -7025,13 +7258,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -7063,13 +7294,13 @@ spec: type: object tag: description: |- - Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. + tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL. type: string terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -7078,7 +7309,7 @@ spec: minimum: 0 type: integer tolerations: - description: If specified, the pod's tolerations. + description: tolerations defines the pod's tolerations. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -7117,7 +7348,8 @@ spec: type: object type: array topologySpreadConstraints: - description: If specified, the pod's topology spread constraints. + description: topologySpreadConstraints defines the Pod's topology + spread constraints. items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. @@ -7291,11 +7523,11 @@ spec: type: object type: array version: - description: Version the cluster should be on. + description: version the cluster should be on. type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + volumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. items: @@ -7362,7 +7594,7 @@ spec: type: array volumes: description: |- - Volumes allows configuration of additional volumes on the output StatefulSet definition. + volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -8036,15 +8268,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8226,12 +8456,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -8310,7 +8538,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -8730,6 +8958,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -8864,7 +9197,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -9148,28 +9480,30 @@ spec: type: object type: array web: - description: Defines the web command line flags when starting Alertmanager. + description: web defines the web command line flags when starting + Alertmanager. properties: getConcurrency: description: |- - Maximum number of GET requests processed concurrently. This corresponds to the + getConcurrency defines the maximum number of GET requests processed concurrently. This corresponds to the Alertmanager's `--web.get-concurrency` flag. format: int32 type: integer httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -9178,7 +9512,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -9187,7 +9521,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -9197,38 +9531,38 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object timeout: description: |- - Timeout for HTTP requests. This corresponds to the Alertmanager's + timeout for HTTP requests. This corresponds to the Alertmanager's `--web.timeout` flag. format: int32 type: integer tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9251,7 +9585,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9277,7 +9612,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -9285,7 +9620,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -9295,14 +9630,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9325,7 +9660,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9351,21 +9687,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -9375,7 +9711,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -9383,7 +9719,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -9411,14 +9747,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -9429,18 +9767,19 @@ spec: type: object status: description: |- - Most recent observed status of the Alertmanager cluster. Read-only. + status defines the most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster. format: int32 type: integer conditions: - description: The current state of the Alertmanager object. + description: conditions defines the current state of the Alertmanager + object. items: description: |- Condition represents the state of the resources associated with the @@ -9452,12 +9791,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -9465,14 +9804,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -9486,36 +9825,30 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Alertmanager + replicas defines the total number of non-terminated pods targeted by this Alertmanager object (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Alertmanager object. + description: selector used to match the pods targeted by this Alertmanager + object. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this Alertmanager - object. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Alertmanager object. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Alertmanager + updatedReplicas defines the total number of non-terminated pods targeted by this Alertmanager object that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml index 6b59b26fb592..00ba857a646b 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-podmonitors.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -51,19 +51,19 @@ spec: metadata: type: object spec: - description: Specification of desired Pod selection for target discovery - by Prometheus. + description: spec defines the specification of desired Pod selection for + target discovery by Prometheus. properties: attachMetadata: description: |- - `attachMetadata` defines additional metadata which is added to the + attachMetadata defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.35.0. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -72,7 +72,7 @@ spec: type: object bodySizeLimit: description: |- - When defined, bodySizeLimit specifies a job level limit on the size + bodySizeLimit when defined specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. @@ -80,12 +80,12 @@ spec: type: string convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -97,7 +97,7 @@ spec: type: string jobLabel: description: |- - The label to use to retrieve the job name from. + jobLabel defines the label to use to retrieve the job name from. `jobLabel` selects the label from the associated Kubernetes `Pod` object which will be used as the `job` label for all metrics. @@ -110,7 +110,7 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -118,44 +118,45 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer namespaceSelector: description: |- - `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. + namespaceSelector defines in which namespace(s) Prometheus should discover the pods. By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace names to + select from. items: type: string type: array type: object nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -165,13 +166,14 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true podMetricsEndpoints: - description: Defines how to scrape metrics from the selected pods. + description: podMetricsEndpoints defines how to scrape metrics from + the selected pods. items: description: |- PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by @@ -179,14 +181,14 @@ spec: properties: authorization: description: |- - `authorization` configures the Authorization header credentials to use when - scraping the target. + authorization configures the Authorization header credentials used by + the client. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -211,7 +213,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -220,14 +222,14 @@ spec: type: object basicAuth: description: |- - `basicAuth` configures the Basic Authentication credentials to use when - scraping the target. + basicAuth defines the Basic Authentication credentials used by the + client. - Cannot be set at the same time as `authorization`, or `oauth2`. + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -253,7 +255,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -280,9 +282,12 @@ spec: type: object bearerTokenSecret: description: |- - `bearerTokenSecret` specifies a key of a Secret containing the bearer - token for scraping targets. The secret needs to be in the same namespace - as the PodMonitor object and readable by the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. Deprecated: use `authorization` instead. properties: @@ -308,12 +313,11 @@ spec: type: object x-kubernetes-map-type: atomic enableHttp2: - description: '`enableHttp2` can be used to disable HTTP2 when - scraping the target.' + description: enableHttp2 can be used to disable HTTP2. type: boolean filterRunning: description: |- - When true, the pods which are not running (e.g. either in Failed or + filterRunning when true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. @@ -322,29 +326,29 @@ spec: type: boolean followRedirects: description: |- - `followRedirects` defines whether the scrape requests should follow HTTP - 3xx redirects. + followRedirects defines whether the client should follow HTTP 3xx + redirects. type: boolean honorLabels: description: |- - When true, `honorLabels` preserves the metric's labels when they collide + honorLabels when true preserves the metric's labels when they collide with the target's labels. type: boolean honorTimestamps: description: |- - `honorTimestamps` controls whether Prometheus preserves the timestamps + honorTimestamps defines whether Prometheus preserves the timestamps when exposed by the target. type: boolean interval: description: |- - Interval at which Prometheus scrapes the metrics from the target. + interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string metricRelabelings: description: |- - `metricRelabelings` configures the relabeling rules to apply to the + metricRelabelings defines the relabeling rules to apply to the samples before ingestion. items: description: |- @@ -356,7 +360,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -388,41 +392,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -433,7 +437,7 @@ spec: type: array noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -441,20 +445,20 @@ spec: type: string oauth2: description: |- - `oauth2` configures the OAuth2 settings to use when scraping the target. + oauth2 defines the OAuth2 settings used by the client. It requires Prometheus >= 2.27.0. - Cannot be set at the same time as `authorization`, or `basicAuth`. + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -477,7 +481,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -503,7 +508,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -531,12 +536,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -570,7 +575,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -578,33 +583,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -627,8 +631,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -653,12 +657,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -681,8 +685,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -707,11 +711,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -736,7 +741,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -747,7 +752,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -757,12 +762,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -775,22 +781,23 @@ spec: items: type: string type: array - description: '`params` define optional HTTP URL parameters.' + description: params define optional HTTP URL parameters. type: object path: description: |- - HTTP path from which to scrape for metrics. + path defines the HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). type: string port: description: |- - The `Pod` port name which exposes the endpoint. + port defines the `Pod` port name which exposes the endpoint. It takes precedence over the `portNumber` and `targetPort` fields. type: string portNumber: - description: The `Pod` port number which exposes the endpoint. + description: portNumber defines the `Pod` port number which + exposes the endpoint. format: int32 maximum: 65535 minimum: 1 @@ -823,7 +830,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -831,17 +838,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: description: |- - `relabelings` configures the relabeling rules to apply the target's + relabelings defines the relabeling rules to apply the target's metadata labels. The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -859,7 +866,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -891,41 +898,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -936,7 +943,7 @@ spec: type: array scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. @@ -948,7 +955,7 @@ spec: type: string scrapeTimeout: description: |- - Timeout after which Prometheus considers the scrape to be failed. + scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. @@ -960,21 +967,22 @@ spec: - type: integer - type: string description: |- - Name or number of the target port of the `Pod` object behind the Service, the + targetPort defines the name or number of the target port of the `Pod` object behind the Service, the port must be specified with container port property. Deprecated: use 'port' or 'portNumber' instead. x-kubernetes-int-or-string: true tlsConfig: - description: TLS configuration to use when scraping the target. + description: tlsConfig defines the TLS configuration used by + the client. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -997,7 +1005,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1022,11 +1031,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1049,7 +1059,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1074,11 +1085,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1103,7 +1115,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1114,7 +1126,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1124,12 +1136,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object trackTimestampsStaleness: description: |- - `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. @@ -1139,31 +1152,31 @@ spec: type: array podTargetLabels: description: |- - `podTargetLabels` defines the labels which are transferred from the + podTargetLabels defines the labels which are transferred from the associated Kubernetes `Pod` object onto the ingested metrics. items: type: string type: array sampleLimit: description: |- - `sampleLimit` defines a per-scrape limit on the number of scraped samples + sampleLimit defines a per-scrape limit on the number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -1188,8 +1201,8 @@ spec: type: array x-kubernetes-list-type: set selector: - description: Label selector to select the Kubernetes `Pod` objects - to scrape metrics from. + description: selector defines the label selector to select the Kubernetes + `Pod` objects to scrape metrics from. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1236,7 +1249,7 @@ spec: x-kubernetes-map-type: atomic selectorMechanism: description: |- - Mechanism used to select the endpoints to scrape. + selectorMechanism defines the mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. @@ -1248,15 +1261,120 @@ spec: type: string targetLimit: description: |- - `targetLimit` defines a limit on the number of scraped targets that will + targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer required: - selector type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the PodMonitor. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml index 64e4221cd80f..529316ec45f4 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-probes.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -50,15 +50,15 @@ spec: metadata: type: object spec: - description: Specification of desired Ingress selection for target discovery - by Prometheus. + description: spec defines the specification of desired Ingress selection + for target discovery by Prometheus. properties: authorization: - description: Authorization section for this endpoint + description: authorization section for this endpoint properties: credentials: - description: Selects a key of a Secret in the namespace that contains - the credentials for authentication. + description: credentials defines a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -83,7 +83,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -92,12 +92,12 @@ spec: type: object basicAuth: description: |- - BasicAuth allow an endpoint to authenticate over basic authentication. + basicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -123,7 +123,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -150,7 +150,7 @@ spec: type: object bearerTokenSecret: description: |- - Secret to mount to read bearer token for scraping targets. The secret + bearerTokenSecret defines the secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator. properties: @@ -176,12 +176,12 @@ spec: x-kubernetes-map-type: atomic convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -193,16 +193,16 @@ spec: type: string interval: description: |- - Interval at which targets are probed using the configured prober. + interval at which targets are probed using the configured prober. If not specified Prometheus' global scrape interval is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string jobName: - description: The job name assigned to scraped metrics by default. + description: jobName assigned to scraped metrics by default. type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -210,24 +210,25 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. + description: metricRelabelings defines the RelabelConfig to apply + to samples before ingestion. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -238,7 +239,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -270,40 +271,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -314,13 +316,13 @@ spec: type: array module: description: |- - The module to use for probing specifying how to probe the target. + module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml type: string nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -330,22 +332,23 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true oauth2: - description: OAuth2 for the URL. Only valid in Prometheus versions + description: oauth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -368,7 +371,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -394,7 +398,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -422,12 +426,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -461,7 +465,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -469,32 +473,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for the - token request.' + description: scopes defines the OAuth2 scopes used for the token + request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -517,7 +521,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -542,11 +547,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -569,7 +575,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -594,11 +601,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -623,7 +631,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -634,7 +642,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -644,12 +652,12 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the token - from.' + description: tokenUrl defines the URL to fetch the token from. minLength: 1 type: string required: @@ -659,7 +667,7 @@ spec: type: object params: description: |- - The list of HTTP query parameters for the scrape. + params defines the list of HTTP query parameters for the scrape. Please note that the `.spec.module` field takes precedence over the `module` parameter from this list when both are defined. The module name must be added using Module under ProbeSpec. items: @@ -667,11 +675,11 @@ spec: for a Probe. properties: name: - description: The parameter name + description: name defines the parameter name minLength: 1 type: string values: - description: The parameter values + description: values defines the parameter values items: minLength: 1 type: string @@ -687,12 +695,12 @@ spec: x-kubernetes-list-type: map prober: description: |- - Specification for the prober to use for probing targets. + prober defines the specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty. properties: noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -701,7 +709,7 @@ spec: path: default: /probe description: |- - Path to collect metrics from. + path to collect metrics from. Defaults to `/probe`. type: string proxyConnectHeader: @@ -732,7 +740,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -740,17 +748,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. If empty, Prometheus uses the default value `http`. enum: @@ -758,30 +766,30 @@ spec: - https type: string url: - description: Mandatory URL of the prober. + description: url defines the mandatory URL of the prober. type: string required: - url type: object sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped + description: sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -807,18 +815,18 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Timeout for scraping metrics from the Prometheus exporter. + scrapeTimeout defines the timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape timeout is used. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetLimit: - description: TargetLimit defines a limit on the number of scraped + description: targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer targets: - description: Targets defines a set of static or dynamically discovered + description: targets defines a set of static or dynamically discovered targets to probe. properties: ingress: @@ -828,22 +836,24 @@ spec: If `staticConfig` is also defined, `staticConfig` takes precedence. properties: namespaceSelector: - description: From which namespaces to select Ingress objects. + description: namespaceSelector defines from which namespaces + to select Ingress objects. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace + names to select from. items: type: string type: array type: object relabelingConfigs: description: |- - RelabelConfigs to apply to the label set of the target before it gets + relabelingConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the @@ -860,7 +870,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -892,41 +902,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -936,7 +946,7 @@ spec: type: object type: array selector: - description: Selector to select the Ingress objects. + description: selector to select the Ingress objects. properties: matchExpressions: description: matchExpressions is a list of label selector @@ -992,12 +1002,12 @@ spec: labels: additionalProperties: type: string - description: Labels assigned to all metrics scraped from the - targets. + description: labels defines all labels assigned to all metrics + scraped from the targets. type: object relabelingConfigs: description: |- - RelabelConfigs to apply to the label set of the targets before it gets + relabelingConfigs defines relabelings to be apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config items: @@ -1010,7 +1020,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1042,41 +1052,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1086,21 +1096,23 @@ spec: type: object type: array static: - description: The list of hosts to probe. + description: static defines the list of hosts to probe. items: type: string type: array type: object type: object tlsConfig: - description: TLS configuration to use when scraping the endpoint. + description: tlsConfig defines the TLS configuration to use when scraping + the endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -1123,7 +1135,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1148,10 +1161,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -1174,7 +1189,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1199,10 +1215,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -1227,7 +1245,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1238,7 +1256,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1248,12 +1266,118 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the Probe. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml index 5cbb3b0ebe78..5c779f53f44e 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusagents.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -74,12 +74,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Prometheus agent. More info: + spec defines the specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'prometheus' container. + additionalArgs allows setting additional arguments for the 'prometheus' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the @@ -93,12 +93,12 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name @@ -106,7 +106,7 @@ spec: type: array additionalScrapeConfigs: description: |- - AdditionalScrapeConfigs allows specifying a key of a Secret containing + additionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified @@ -139,7 +139,8 @@ spec: type: object x-kubernetes-map-type: atomic affinity: - description: Defines the Pods' affinity scheduling rules if specified. + description: affinity defines the Pods' affinity scheduling rules + if specified. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -707,8 +708,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1052,7 +1053,7 @@ spec: type: object apiserverConfig: description: |- - APIServerConfig allows specifying a host and auth methods to access the + apiserverConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod's CA certificate @@ -1060,14 +1061,14 @@ spec: properties: authorization: description: |- - Authorization section for the API server. + authorization section for the API server. Cannot be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`. properties: credentials: - description: Selects a key of a Secret in the namespace that - contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1091,12 +1092,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a secret + from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1105,14 +1106,14 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the API server. + basicAuth configuration for the API server. Cannot be set at the same time as `authorization`, `bearerToken`, or `bearerTokenFile`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1138,7 +1139,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1165,14 +1166,13 @@ spec: type: object bearerToken: description: |- - *Warning: this field shouldn't be used because the token value appears + bearerToken is deprecated: this will be removed in a future release. + *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File to read bearer token for accessing apiserver. + bearerTokenFile defines the file to read bearer token for accessing apiserver. Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. @@ -1180,12 +1180,12 @@ spec: type: string host: description: |- - Kubernetes API address consisting of a hostname or IP address followed + host defines the Kubernetes API address consisting of a hostname or IP address followed by an optional port number. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1219,7 +1219,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1227,24 +1227,24 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS Config to use for the API server. + description: tlsConfig to use for the API server. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1267,7 +1267,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1292,15 +1293,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1323,7 +1325,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1348,19 +1351,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1385,7 +1389,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1396,7 +1400,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1406,7 +1410,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -1414,7 +1419,7 @@ spec: type: object arbitraryFSAccessThroughSMs: description: |- - When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + arbitraryFSAccessThroughSMs when true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value @@ -1426,11 +1431,16 @@ spec: `spec.bearerTokenSecret` field. properties: deny: + description: |- + deny prevents service monitors from accessing arbitrary files on the file system. + When true, service monitors cannot use file-based configurations like BearerTokenFile + that could potentially access sensitive files. When false (default), such access is allowed. + Setting this to true enhances security by preventing potential credential theft attacks. type: boolean type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the field isn't set, the operator mounts the service account token by default. **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. @@ -1438,7 +1448,7 @@ spec: type: boolean bodySizeLimit: description: |- - BodySizeLimit defines per-scrape on response body size. + bodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -1447,7 +1457,7 @@ spec: type: string configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + configMaps defines a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. @@ -1456,7 +1466,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated @@ -1512,8 +1522,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -1571,6 +1582,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -1631,8 +1679,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -1659,8 +1707,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -2331,7 +2380,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -2385,10 +2434,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -2400,6 +2449,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -2900,17 +3002,17 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. type: boolean dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -2919,7 +3021,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -2928,11 +3030,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -2943,7 +3045,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -2952,7 +3054,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -2961,7 +3063,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Prometheus feature flags. By default, no features are enabled. + enableFeatures enables access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -2975,7 +3077,7 @@ spec: x-kubernetes-list-type: set enableOTLPReceiver: description: |- - Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + enableOTLPReceiver defines the Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. @@ -2983,7 +3085,7 @@ spec: type: boolean enableRemoteWriteReceiver: description: |- - Enable Prometheus to be used as a receiver for the Prometheus remote + enableRemoteWriteReceiver defines the Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. @@ -2995,12 +3097,12 @@ spec: It requires Prometheus >= v2.33.0. type: boolean enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedBodySizeLimit: description: |- - When defined, enforcedBodySizeLimit specifies a global limit on the size + enforcedBodySizeLimit when defined specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. @@ -3016,7 +3118,7 @@ spec: type: string enforcedKeepDroppedTargets: description: |- - When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + enforcedKeepDroppedTargets when defined specifies a global limit on the number of targets dropped by relabeling that will be kept in memory. The value overrides any `spec.keepDroppedTargets` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is @@ -3033,7 +3135,7 @@ spec: type: integer enforcedLabelLimit: description: |- - When defined, enforcedLabelLimit specifies a global limit on the number + enforcedLabelLimit when defined specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. @@ -3049,7 +3151,7 @@ spec: type: integer enforcedLabelNameLengthLimit: description: |- - When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + enforcedLabelNameLengthLimit when defined specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. @@ -3065,7 +3167,7 @@ spec: type: integer enforcedLabelValueLengthLimit: description: |- - When not null, enforcedLabelValueLengthLimit defines a global limit on the length + enforcedLabelValueLengthLimit when not null defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. @@ -3081,7 +3183,7 @@ spec: type: integer enforcedNamespaceLabel: description: |- - When not empty, a label will be added to: + enforcedNamespaceLabel when not empty, a label will be added to: 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. @@ -3096,7 +3198,7 @@ spec: type: string enforcedSampleLimit: description: |- - When defined, enforcedSampleLimit specifies a global limit on the number + enforcedSampleLimit when defined specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than @@ -3114,7 +3216,7 @@ spec: type: integer enforcedTargetLimit: description: |- - When defined, enforcedTargetLimit specifies a global limit on the number + enforcedTargetLimit when defined specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. @@ -3131,7 +3233,7 @@ spec: type: integer excludedFromEnforcement: description: |- - List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + excludedFromEnforcement defines the list of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if `spec.enforcedNamespaceLabel` set to true. @@ -3141,23 +3243,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -3174,20 +3276,20 @@ spec: additionalProperties: type: string description: |- - The labels to add to any time series or alerts when communicating with + externalLabels defines the labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list. type: object externalUrl: description: |- - The external URL under which the Prometheus service is externally + externalUrl defines the external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). type: string hostAliases: description: |- - Optional list of hosts and IPs that will be injected into the Pod's + hostAliases defines the optional list of hosts and IPs that will be injected into the Pod's hosts file if specified. items: description: |- @@ -3195,12 +3297,12 @@ spec: pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -3212,7 +3314,7 @@ spec: x-kubernetes-list-type: map hostNetwork: description: |- - Use the host's network namespace if true. + hostNetwork defines the host's network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). @@ -3223,7 +3325,7 @@ spec: type: boolean hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -3232,14 +3334,14 @@ spec: type: boolean ignoreNamespaceSelectors: description: |- - When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + ignoreNamespaceSelectors when true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object. type: boolean image: description: |- - Container image name for Prometheus. If specified, it takes precedence + image defines the container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. Specifying `spec.version` is still necessary to ensure the Prometheus @@ -3251,7 +3353,7 @@ spec: type: string imagePullPolicy: description: |- - Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines the image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -3261,7 +3363,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to Secrets in the same namespace + imagePullSecrets defines an optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -3283,7 +3385,7 @@ spec: type: array initContainers: description: |- - InitContainers allows injecting initContainers to the Pod definition. Those + initContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: @@ -3339,8 +3441,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -3398,6 +3501,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3458,8 +3598,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3486,8 +3626,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -4158,7 +4299,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -4212,10 +4353,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -4227,6 +4368,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4727,7 +4921,7 @@ spec: type: array keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -4738,7 +4932,7 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4747,7 +4941,7 @@ spec: type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4756,7 +4950,7 @@ spec: type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4765,11 +4959,11 @@ spec: type: integer listenLocal: description: |- - When true, the Prometheus server listens on the loopback address + listenLocal when true, the Prometheus server listens on the loopback address instead of the Pod IP's address. type: boolean logFormat: - description: Log format for Log level for Prometheus and the config-reloader + description: logFormat for Log level for Prometheus and the config-reloader sidecar. enum: - "" @@ -4777,7 +4971,7 @@ spec: - json type: string logLevel: - description: Log level for Prometheus and the config-reloader sidecar. + description: logLevel for Prometheus and the config-reloader sidecar. enum: - "" - debug @@ -4787,14 +4981,14 @@ spec: type: string maximumStartupDurationSeconds: description: |- - Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. - If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). + maximumStartupDurationSeconds defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 900 seconds (15 minutes). format: int32 minimum: 60 type: integer minReadySeconds: description: |- - Minimum number of seconds for which a newly created Pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -4803,7 +4997,7 @@ spec: type: integer mode: description: |- - Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). + mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled. enum: @@ -4812,7 +5006,7 @@ spec: type: string nameEscapingScheme: description: |- - Specifies the character escaping scheme that will be requested when scraping + nameEscapingScheme defines the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. @@ -4825,7 +5019,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. enum: @@ -4835,21 +5029,21 @@ spec: nodeSelector: additionalProperties: type: string - description: Defines on which Nodes the Pods are scheduled. + description: nodeSelector defines on which Nodes the Pods are scheduled. type: object otlp: description: |- - Settings related to the OTLP receiver feature. + otlp defines the settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. properties: convertHistogramsToNHCB: description: |- - Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. + convertHistogramsToNHCB defines optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. It requires Prometheus >= v3.4.0. type: boolean ignoreResourceAttributes: description: |- - List of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. + ignoreResourceAttributes defines the list of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. It requires `promoteAllResourceAttributes` to be true. It requires Prometheus >= v3.5.0. @@ -4861,21 +5055,21 @@ spec: x-kubernetes-list-type: set keepIdentifyingResourceAttributes: description: |- - Enables adding `service.name`, `service.namespace` and `service.instance.id` + keepIdentifyingResourceAttributes enables adding `service.name`, `service.namespace` and `service.instance.id` resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. It requires Prometheus >= v3.1.0. type: boolean promoteAllResourceAttributes: description: |- - Promote all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. + promoteAllResourceAttributes promotes all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. Cannot be true when `promoteResourceAttributes` is defined. It requires Prometheus >= v3.5.0. type: boolean promoteResourceAttributes: description: |- - List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + promoteResourceAttributes defines the list of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. Cannot be defined when `promoteAllResourceAttributes` is true. items: minLength: 1 @@ -4883,39 +5077,46 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + promoteScopeMetadata: + description: |- + promoteScopeMetadata controls whether to promote OpenTelemetry scope metadata (i.e. name, version, schema URL, and attributes) to metric labels. + As per the OpenTelemetry specification, the aforementioned scope metadata should be identifying, i.e. made into metric labels. + It requires Prometheus >= v3.6.0. + type: boolean translationStrategy: description: |- - Configures how the OTLP receiver endpoint translates the incoming metrics. + translationStrategy defines how the OTLP receiver endpoint translates the incoming metrics. It requires Prometheus >= v3.0.0. enum: - NoUTF8EscapingWithSuffixes - UnderscoreEscapingWithSuffixes - NoTranslation + - UnderscoreEscapingWithoutSuffixes type: string type: object overrideHonorLabels: description: |- - When true, Prometheus resolves label conflicts by renaming the labels in the scraped data + overrideHonorLabels when true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from ServiceMonitor, PodMonitor and ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies. - In practice,`overrideHonorLaels:true` enforces `honorLabels:false` + In practice,`OverrideHonorLabels:true` enforces `honorLabels:false` for all ServiceMonitor, PodMonitor and ScrapeConfig objects. type: boolean overrideHonorTimestamps: description: |- - When true, Prometheus ignores the timestamps for all the targets created + overrideHonorTimestamps when true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. type: boolean paused: description: |- - When a Prometheus deployment is paused, no actions except for deletion + paused defines when a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy defines the field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -4938,7 +5139,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + podMetadata defines labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * "prometheus" label, set to the name of the Prometheus object. @@ -4954,7 +5155,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -4963,14 +5164,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -4980,7 +5181,7 @@ spec: type: object podMonitorNamespaceSelector: description: |- - Namespaces to match for PodMonitors discovery. An empty label selector + podMonitorNamespaceSelector defines the namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -5029,7 +5230,7 @@ spec: x-kubernetes-map-type: atomic podMonitorSelector: description: |- - PodMonitors to be selected for target discovery. An empty label selector + podMonitorSelector defines the podMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5086,7 +5287,7 @@ spec: x-kubernetes-map-type: atomic podTargetLabels: description: |- - PodTargetLabels are appended to the `spec.podTargetLabels` field of all + podTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects. items: type: string @@ -5094,15 +5295,15 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName used for the pods and governing service. Default: "web" type: string priorityClassName: - description: Priority class assigned to the Pods. + description: priorityClassName assigned to the Pods. type: string probeNamespaceSelector: description: |- - Namespaces to match for Probe discovery. An empty label + probeNamespaceSelector defines the namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -5151,7 +5352,7 @@ spec: x-kubernetes-map-type: atomic probeSelector: description: |- - Probes to be selected for target discovery. An empty label selector + probeSelector defines the probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5208,7 +5409,7 @@ spec: x-kubernetes-map-type: atomic prometheusExternalLabelName: description: |- - Name of Prometheus external label used to denote the Prometheus instance + prometheusExternalLabelName defines the name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -5216,14 +5417,14 @@ spec: type: string reloadStrategy: description: |- - Defines the strategy used to reload the Prometheus configuration. + reloadStrategy defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. enum: - HTTP - ProcessSignal type: string remoteWrite: - description: Defines the list of remote write configurations. + description: remoteWrite defines the list of remote write configurations. items: description: |- RemoteWriteSpec defines the configuration to write samples from Prometheus @@ -5231,15 +5432,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -5263,12 +5464,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5277,15 +5478,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -5293,32 +5494,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -5342,9 +5544,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -5355,29 +5557,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5403,7 +5605,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5430,23 +5632,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -5454,14 +5655,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -5478,37 +5679,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5516,7 +5717,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -5524,12 +5725,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5552,7 +5753,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5578,7 +5780,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5606,12 +5808,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5645,7 +5847,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5653,33 +5855,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5702,8 +5903,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5728,12 +5929,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5756,8 +5957,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5782,11 +5983,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5811,7 +6013,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5822,7 +6024,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5832,12 +6034,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5873,7 +6076,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5881,89 +6084,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -5971,14 +6173,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -5986,7 +6188,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -6011,18 +6213,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -6046,17 +6250,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6079,7 +6288,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6104,15 +6314,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6135,7 +6346,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6160,19 +6372,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6197,7 +6410,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6208,7 +6421,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6218,15 +6431,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -6237,7 +6453,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6269,41 +6485,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6318,7 +6534,7 @@ spec: type: array remoteWriteReceiverMessageVersions: description: |- - List of the protobuf message versions to accept when receiving the + remoteWriteReceiverMessageVersions list of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. @@ -6332,7 +6548,7 @@ spec: x-kubernetes-list-type: set replicaExternalLabelName: description: |- - Name of Prometheus external label used to denote the replica name. + replicaExternalLabelName defines the name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -6340,7 +6556,7 @@ spec: type: string replicas: description: |- - Number of replicas of each shard to deploy for a Prometheus deployment. + replicas defines the number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. @@ -6348,15 +6564,15 @@ spec: format: int32 type: integer resources: - description: Defines the resources requests and limits of the 'prometheus' - container. + description: resources defines the resources requests and limits of + the 'prometheus' container. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -6409,7 +6625,7 @@ spec: type: object routePrefix: description: |- - The route prefix Prometheus registers HTTP handlers for. + routePrefix defines the route prefix Prometheus registers HTTP handlers for. This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but @@ -6417,12 +6633,12 @@ spec: for use with `kubectl proxy`. type: string runtime: - description: RuntimeConfig configures the values for the Prometheus - process behavior + description: runtime defines the values for the Prometheus process + behavior properties: goGC: description: |- - The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + goGC defines the Go garbage collection target percentage. Lowering this number may increase the CPU usage. See: https://tip.golang.org/doc/gc-guide#GOGC format: int32 minimum: -1 @@ -6430,7 +6646,7 @@ spec: type: object sampleLimit: description: |- - SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -6439,7 +6655,7 @@ spec: type: integer scrapeClasses: description: |- - List of scrape classes to expose to scraping objects such as + scrapeClasses defines the list of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an *experimental feature*, it may change in any upcoming release @@ -6448,13 +6664,13 @@ spec: properties: attachMetadata: description: |- - AttachMetadata configures additional metadata to the discovered targets. + attachMetadata defines additional metadata to the discovered targets. When the scrape object defines its own configuration, it takes precedence over the scrape class configuration. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -6463,12 +6679,12 @@ spec: type: object authorization: description: |- - Authorization section for the ScrapeClass. + authorization section for the ScrapeClass. It will only apply if the scrape resource doesn't specify any Authorization. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6492,12 +6708,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6506,14 +6722,14 @@ spec: type: object default: description: |- - Default indicates that the scrape applies to all scrape objects that + default defines that the scrape applies to all scrape objects that don't configure an explicit scrape class name. Only one scrape class can be set as the default. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol It requires Prometheus >= v3.0.0. @@ -6526,7 +6742,7 @@ spec: type: string metricRelabelings: description: |- - MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. + metricRelabelings defines the relabeling rules to apply to all samples before ingestion. The Operator adds the scrape class metric relabelings defined here. Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. @@ -6543,7 +6759,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6575,41 +6791,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6619,12 +6835,12 @@ spec: type: object type: array name: - description: Name of the scrape class. + description: name of the scrape class. minLength: 1 type: string relabelings: description: |- - Relabelings configures the relabeling rules to apply to all scrape targets. + relabelings defines the relabeling rules to apply to all scrape targets. The Operator automatically adds relabelings for a few standard Kubernetes fields like `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. @@ -6642,7 +6858,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6674,41 +6890,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6719,19 +6935,19 @@ spec: type: array tlsConfig: description: |- - TLSConfig defines the TLS settings to use for the scrape. When the + tlsConfig defines the TLS settings to use for the scrape. When the scrape objects define their own CA, certificate and/or key, they take precedence over the corresponding scrape class fields. For now only the `caFile`, `certFile` and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6754,7 +6970,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6779,15 +6996,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6810,7 +7028,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6835,19 +7054,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6872,7 +7092,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6883,7 +7103,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6893,7 +7113,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -6905,7 +7126,7 @@ spec: x-kubernetes-list-type: map scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. @@ -6913,7 +7134,7 @@ spec: type: boolean scrapeConfigNamespaceSelector: description: |- - Namespaces to match for ScrapeConfig discovery. An empty label selector + scrapeConfigNamespaceSelector defines the namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. @@ -6964,7 +7185,7 @@ spec: x-kubernetes-map-type: atomic scrapeConfigSelector: description: |- - ScrapeConfigs to be selected for target discovery. An empty label + scrapeConfigSelector defines the scrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -7023,7 +7244,7 @@ spec: x-kubernetes-map-type: atomic scrapeFailureLogFile: description: |- - File to which scrape failures are logged. + scrapeFailureLogFile defines the file to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. 'file.log', The Prometheus Pods @@ -7036,14 +7257,14 @@ spec: scrapeInterval: default: 30s description: |- - Interval between consecutive scrapes. + scrapeInterval defines interval between consecutive scrapes. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -7071,13 +7292,13 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Prometheus + secrets defines a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. @@ -7087,7 +7308,7 @@ spec: x-kubernetes-list-type: set securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -7321,12 +7542,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceDiscoveryRole: description: |- - Defines the service discovery role used to discover targets from + serviceDiscoveryRole defines the service discovery role used to discover targets from `ServiceMonitor` objects and Alertmanager endpoints. If set, the value should be either "Endpoints" or "EndpointSlice". @@ -7337,7 +7558,7 @@ spec: type: string serviceMonitorNamespaceSelector: description: |- - Namespaces to match for ServicedMonitors discovery. An empty label selector + serviceMonitorNamespaceSelector defines the namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -7386,7 +7607,7 @@ spec: x-kubernetes-map-type: atomic serviceMonitorSelector: description: |- - ServiceMonitors to be selected for target discovery. An empty label + serviceMonitorSelector defines the serviceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -7443,7 +7664,7 @@ spec: x-kubernetes-map-type: atomic serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, or `prometheus-agent-operated` for PrometheusAgent resources. @@ -7453,7 +7674,7 @@ spec: type: string shards: description: |- - Number of shards to distribute the scraped targets onto. + shards defines the number of shards to distribute the scraped targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods being created. @@ -7482,15 +7703,15 @@ spec: format: int32 type: integer storage: - description: Storage defines the storage used by Prometheus. + description: storage defines the storage used by Prometheus. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -7517,7 +7738,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -7738,15 +7959,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -7764,7 +7983,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -7784,14 +8003,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -7800,14 +8019,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -7817,7 +8036,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -7994,15 +8213,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8015,7 +8232,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -8164,13 +8381,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -8202,7 +8417,7 @@ spec: type: object targetLimit: description: |- - TargetLimit defines a limit on the number of scraped targets that will be accepted. + targetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -8211,7 +8426,7 @@ spec: type: integer terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -8220,7 +8435,7 @@ spec: minimum: 0 type: integer tolerations: - description: Defines the Pods' tolerations if specified. + description: tolerations defines the Pods' tolerations if specified. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -8259,12 +8474,14 @@ spec: type: object type: array topologySpreadConstraints: - description: Defines the pod's topology spread constraints if specified. + description: topologySpreadConstraints defines the pod's topology + spread constraints if specified. items: properties: additionalLabelSelectors: - description: Defines what Prometheus Operator managed labels - should be added to labelSelector on the topologySpreadConstraint. + description: additionalLabelSelectors Defines what Prometheus + Operator managed labels should be added to labelSelector on + the topologySpreadConstraint. enum: - OnResource - OnShard @@ -8439,61 +8656,62 @@ spec: type: array tracingConfig: description: |- - TracingConfig configures tracing in Prometheus. + tracingConfig defines tracing in Prometheus. This is an *experimental feature*, it may change in any upcoming release in a breaking way. properties: clientType: - description: Client used to export the traces. Supported values - are `http` or `grpc`. + description: clientType defines the client used to export the + traces. Supported values are `http` or `grpc`. enum: - http - grpc type: string compression: - description: Compression key for supported compression types. + description: compression key for supported compression types. The only supported value is `gzip`. enum: - gzip type: string endpoint: - description: Endpoint to send the traces to. Should be provided + description: endpoint to send the traces to. Should be provided in format :. minLength: 1 type: string headers: additionalProperties: type: string - description: Key-value pairs to be used as headers associated - with gRPC or HTTP requests. + description: headers defines the key-value pairs to be used as + headers associated with gRPC or HTTP requests. type: object insecure: - description: If disabled, the client will use a secure connection. + description: insecure if disabled, the client will use a secure + connection. type: boolean samplingFraction: anyOf: - type: integer - type: string - description: Sets the probability a given trace will be sampled. - Must be a float from 0 through 1. + description: samplingFraction defines the probability a given + trace will be sampled. Must be a float from 0 through 1. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true timeout: - description: Maximum time the exporter will wait for each batch - export. + description: timeout defines the maximum time the exporter will + wait for each batch export. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use when sending traces. + description: tlsConfig to use when sending traces. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8516,7 +8734,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8541,15 +8760,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8572,7 +8792,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8597,19 +8818,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8634,7 +8856,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8645,7 +8867,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8655,7 +8877,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8663,12 +8886,12 @@ spec: type: object tsdb: description: |- - Defines the runtime reloadable configuration of the timeseries database(TSDB). + tsdb defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. properties: outOfOrderTimeWindow: description: |- - Configures how old an out-of-order/out-of-bounds sample can be with + outOfOrderTimeWindow defines how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as @@ -8683,7 +8906,7 @@ spec: type: object version: description: |- - Version of Prometheus being deployed. The operator uses this information + version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of @@ -8692,7 +8915,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows the configuration of additional VolumeMounts. + volumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects. @@ -8760,7 +8983,7 @@ spec: type: array volumes: description: |- - Volumes allows the configuration of additional volumes on the output + volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -9434,15 +9657,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9624,12 +9845,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -9708,7 +9927,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -10128,6 +10347,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -10262,7 +10586,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -10547,29 +10870,30 @@ spec: type: array walCompression: description: |- - Configures compression of the write-ahead log (WAL) using Snappy. + walCompression defines the compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. type: boolean web: - description: Defines the configuration of the Prometheus web server. + description: web defines the configuration of the Prometheus web server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -10578,7 +10902,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -10587,7 +10911,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -10597,42 +10921,42 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object maxConnections: description: |- - Defines the maximum number of simultaneous connections + maxConnections defines the maximum number of simultaneous connections A zero value means that Prometheus doesn't accept any incoming connection. format: int32 minimum: 0 type: integer pageTitle: - description: The prometheus web page title. + description: pageTitle defines the prometheus web page title. type: string tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10655,7 +10979,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10681,7 +11006,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -10689,7 +11014,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -10699,14 +11024,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10729,7 +11054,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10755,21 +11081,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -10779,7 +11105,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -10787,7 +11113,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -10815,14 +11141,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -10848,18 +11176,19 @@ spec: rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.probeSelector))' status: description: |- - Most recent observed status of the Prometheus cluster. Read-only. + status defines the most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. format: int32 type: integer conditions: - description: The current state of the Prometheus deployment. + description: conditions defines the current state of the Prometheus + deployment. items: description: |- Condition represents the state of the resources associated with the @@ -10871,12 +11200,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -10884,14 +11213,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -10905,45 +11234,46 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + replicas defines the total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Prometheus resource. + description: selector used to match the pods targeted by this Prometheus + resource. type: string shardStatuses: - description: The list has one entry per shard. Each entry provides - a summary of the shard status. + description: shardStatuses defines the list has one entry per shard. + Each entry provides a summary of the shard status. items: properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this shard. format: int32 type: integer replicas: - description: Total number of pods targeted by this shard. + description: replicas defines the total number of pods targeted + by this shard. format: int32 type: integer shardID: - description: Identifier of the shard. + description: shardID defines the identifier of the shard. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this - shard. + description: unavailableReplicas defines the Total number of + unavailable pods targeted by this shard. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this shard + updatedReplicas defines the total number of non-terminated pods targeted by this shard that have the desired spec. format: int32 type: integer @@ -10959,26 +11289,20 @@ spec: - shardID x-kubernetes-list-type: map shards: - description: Shards is the most recently observed number of shards. + description: shards defines the most recently observed number of shards. format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this Prometheus - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Prometheus deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + updatedReplicas defines the total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml index 5f096cfd7bfe..072de7f0c41d 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheuses.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -78,12 +78,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Prometheus cluster. More info: + spec defines the specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalAlertManagerConfigs: description: |- - AdditionalAlertManagerConfigs specifies a key of a Secret containing + additionalAlertManagerConfigs defines a key of a Secret containing additional Prometheus Alertmanager configurations. The Alertmanager configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official @@ -120,7 +120,7 @@ spec: x-kubernetes-map-type: atomic additionalAlertRelabelConfigs: description: |- - AdditionalAlertRelabelConfigs specifies a key of a Secret containing + additionalAlertRelabelConfigs defines a key of a Secret containing additional Prometheus alert relabel configurations. The alert relabel configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official @@ -157,7 +157,7 @@ spec: x-kubernetes-map-type: atomic additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'prometheus' container. + additionalArgs allows setting additional arguments for the 'prometheus' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the @@ -171,12 +171,12 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name @@ -184,7 +184,7 @@ spec: type: array additionalScrapeConfigs: description: |- - AdditionalScrapeConfigs allows specifying a key of a Secret containing + additionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified @@ -217,7 +217,8 @@ spec: type: object x-kubernetes-map-type: atomic affinity: - description: Defines the Pods' affinity scheduling rules if specified. + description: affinity defines the Pods' affinity scheduling rules + if specified. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -785,8 +786,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1129,10 +1130,10 @@ spec: type: object type: object alerting: - description: Defines the settings related to Alertmanager. + description: alerting defines the settings related to Alertmanager. properties: alertmanagers: - description: Alertmanager endpoints where Prometheus should send + description: alertmanagers endpoints where Prometheus should send alerts to. items: description: |- @@ -1141,7 +1142,7 @@ spec: properties: alertRelabelings: description: |- - Relabeling configs applied before sending alerts to a specific Alertmanager. + alertRelabelings defines the relabeling configs applied before sending alerts to a specific Alertmanager. It requires Prometheus >= v2.51.0. items: description: |- @@ -1153,7 +1154,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1185,41 +1186,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the - extracted value is matched. + description: regex defines the regular expression + against which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated - SourceLabels. + description: separator defines the string between + concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1230,7 +1231,7 @@ spec: type: array apiVersion: description: |- - Version of the Alertmanager API that Prometheus uses to send alerts. + apiVersion defines the version of the Alertmanager API that Prometheus uses to send alerts. It can be "V1" or "V2". The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. enum: @@ -1241,13 +1242,13 @@ spec: type: string authorization: description: |- - Authorization section for Alertmanager. + authorization section for Alertmanager. Cannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in + the namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1272,7 +1273,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1281,13 +1282,13 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for Alertmanager. + basicAuth configuration for Alertmanager. Cannot be set at the same time as `bearerTokenFile`, `authorization` or `sigv4`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1313,7 +1314,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1340,22 +1341,22 @@ spec: type: object bearerTokenFile: description: |- - File to read bearer token for Alertmanager. + bearerTokenFile defines the file to read bearer token for Alertmanager. Cannot be set at the same time as `basicAuth`, `authorization`, or `sigv4`. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHttp2: - description: Whether to enable HTTP2. + description: enableHttp2 defines whether to enable HTTP2. type: boolean name: - description: Name of the Endpoints object in the namespace. + description: name of the Endpoints object in the namespace. minLength: 1 type: string namespace: description: |- - Namespace of the Endpoints object. + namespace of the Endpoints object. If not set, the object will be discovered in the namespace of the Prometheus object. @@ -1363,21 +1364,21 @@ spec: type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string pathPrefix: - description: Prefix for the HTTP path alerts are pushed - to. + description: pathPrefix defines the prefix for the HTTP + path alerts are pushed to. type: string port: anyOf: - type: integer - type: string - description: Port on which the Alertmanager API is exposed. + description: port on which the Alertmanager API is exposed. x-kubernetes-int-or-string: true proxyConnectHeader: additionalProperties: @@ -1407,7 +1408,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1415,18 +1416,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: - description: Relabel configuration applied to the discovered - Alertmanagers. + description: relabelings defines the relabel configuration + applied to the discovered Alertmanagers. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -1437,7 +1437,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1469,41 +1469,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the - extracted value is matched. + description: regex defines the regular expression + against which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated - SourceLabels. + description: separator defines the string between + concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1513,11 +1513,11 @@ spec: type: object type: array scheme: - description: Scheme to use when firing alerts. + description: scheme to use when firing alerts. type: string sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.48.0. @@ -1525,7 +1525,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -1550,20 +1550,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to - authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the - region from the default credentials chain used. + description: region defines the AWS region. If blank, + the region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to - authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -1587,22 +1587,27 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object timeout: - description: Timeout is a per-target Alertmanager timeout + description: timeout defines a per-target Alertmanager timeout when pushing alerts. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use for Alertmanager. + description: tlsConfig to use for Alertmanager. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1625,8 +1630,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1651,16 +1656,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert + in the Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1683,8 +1688,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1709,19 +1714,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client + cert file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client + key file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1746,7 +1752,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1757,7 +1763,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1767,7 +1773,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object required: @@ -1780,14 +1787,14 @@ spec: type: object allowOverlappingBlocks: description: |- - AllowOverlappingBlocks enables vertical compaction and vertical query + allowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are enabled by default. type: boolean apiserverConfig: description: |- - APIServerConfig allows specifying a host and auth methods to access the + apiserverConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod's CA certificate @@ -1795,14 +1802,14 @@ spec: properties: authorization: description: |- - Authorization section for the API server. + authorization section for the API server. Cannot be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`. properties: credentials: - description: Selects a key of a Secret in the namespace that - contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1826,12 +1833,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a secret + from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1840,14 +1847,14 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the API server. + basicAuth configuration for the API server. Cannot be set at the same time as `authorization`, `bearerToken`, or `bearerTokenFile`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1873,7 +1880,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1900,14 +1907,13 @@ spec: type: object bearerToken: description: |- - *Warning: this field shouldn't be used because the token value appears + bearerToken is deprecated: this will be removed in a future release. + *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File to read bearer token for accessing apiserver. + bearerTokenFile defines the file to read bearer token for accessing apiserver. Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. @@ -1915,12 +1921,12 @@ spec: type: string host: description: |- - Kubernetes API address consisting of a hostname or IP address followed + host defines the Kubernetes API address consisting of a hostname or IP address followed by an optional port number. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1954,7 +1960,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1962,24 +1968,24 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS Config to use for the API server. + description: tlsConfig to use for the API server. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2002,7 +2008,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2027,15 +2034,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2058,7 +2066,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2083,19 +2092,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2120,7 +2130,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2131,7 +2141,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2141,7 +2151,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -2149,7 +2160,7 @@ spec: type: object arbitraryFSAccessThroughSMs: description: |- - When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + arbitraryFSAccessThroughSMs when true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value @@ -2161,22 +2172,27 @@ spec: `spec.bearerTokenSecret` field. properties: deny: + description: |- + deny prevents service monitors from accessing arbitrary files on the file system. + When true, service monitors cannot use file-based configurations like BearerTokenFile + that could potentially access sensitive files. When false (default), such access is allowed. + Setting this to true enhances security by preventing potential credential theft attacks. type: boolean type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the field isn't set, the operator mounts the service account token by default. **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. It is possible to use strategic merge patch to project the service account token into the 'prometheus' container. type: boolean baseImage: - description: 'Deprecated: use ''spec.image'' instead.' + description: 'baseImage is deprecated: use ''spec.image'' instead.' type: string bodySizeLimit: description: |- - BodySizeLimit defines per-scrape on response body size. + bodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -2185,7 +2201,7 @@ spec: type: string configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + configMaps defines a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. @@ -2194,7 +2210,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated @@ -2250,8 +2266,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -2309,6 +2326,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -2369,8 +2423,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -2397,8 +2451,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3069,7 +3124,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3123,10 +3178,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3138,6 +3193,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -3638,23 +3746,23 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. type: boolean disableCompaction: description: |- - When true, the Prometheus compaction is disabled. + disableCompaction when true, the Prometheus compaction is disabled. When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). type: boolean dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -3663,7 +3771,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -3672,11 +3780,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -3687,7 +3795,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -3696,7 +3804,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -3705,7 +3813,7 @@ spec: type: string enableAdminAPI: description: |- - Enables access to the Prometheus web admin API. + enableAdminAPI defines access to the Prometheus web admin API. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the @@ -3717,7 +3825,7 @@ spec: type: boolean enableFeatures: description: |- - Enable access to Prometheus feature flags. By default, no features are enabled. + enableFeatures enables access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -3731,7 +3839,7 @@ spec: x-kubernetes-list-type: set enableOTLPReceiver: description: |- - Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + enableOTLPReceiver defines the Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. @@ -3739,7 +3847,7 @@ spec: type: boolean enableRemoteWriteReceiver: description: |- - Enable Prometheus to be used as a receiver for the Prometheus remote + enableRemoteWriteReceiver defines the Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. @@ -3751,12 +3859,12 @@ spec: It requires Prometheus >= v2.33.0. type: boolean enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedBodySizeLimit: description: |- - When defined, enforcedBodySizeLimit specifies a global limit on the size + enforcedBodySizeLimit when defined specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. @@ -3772,7 +3880,7 @@ spec: type: string enforcedKeepDroppedTargets: description: |- - When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + enforcedKeepDroppedTargets when defined specifies a global limit on the number of targets dropped by relabeling that will be kept in memory. The value overrides any `spec.keepDroppedTargets` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is @@ -3789,7 +3897,7 @@ spec: type: integer enforcedLabelLimit: description: |- - When defined, enforcedLabelLimit specifies a global limit on the number + enforcedLabelLimit when defined specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. @@ -3805,7 +3913,7 @@ spec: type: integer enforcedLabelNameLengthLimit: description: |- - When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + enforcedLabelNameLengthLimit when defined specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. @@ -3821,7 +3929,7 @@ spec: type: integer enforcedLabelValueLengthLimit: description: |- - When not null, enforcedLabelValueLengthLimit defines a global limit on the length + enforcedLabelValueLengthLimit when not null defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. @@ -3837,7 +3945,7 @@ spec: type: integer enforcedNamespaceLabel: description: |- - When not empty, a label will be added to: + enforcedNamespaceLabel when not empty, a label will be added to: 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. @@ -3852,7 +3960,7 @@ spec: type: string enforcedSampleLimit: description: |- - When defined, enforcedSampleLimit specifies a global limit on the number + enforcedSampleLimit when defined specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than @@ -3870,7 +3978,7 @@ spec: type: integer enforcedTargetLimit: description: |- - When defined, enforcedTargetLimit specifies a global limit on the number + enforcedTargetLimit when defined specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. @@ -3888,13 +3996,13 @@ spec: evaluationInterval: default: 30s description: |- - Interval between rule evaluations. + evaluationInterval defines the interval between rule evaluations. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string excludedFromEnforcement: description: |- - List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + excludedFromEnforcement defines the list of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if `spec.enforcedNamespaceLabel` set to true. @@ -3904,23 +4012,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -3935,12 +4043,12 @@ spec: type: array exemplars: description: |- - Exemplars related settings that are runtime reloadable. + exemplars related settings that are runtime reloadable. It requires to enable the `exemplar-storage` feature flag to be effective. properties: maxSize: description: |- - Maximum number of exemplars stored in memory for all series. + maxSize defines the maximum number of exemplars stored in memory for all series. exemplar-storage itself must be enabled using the `spec.enableFeature` option for exemplars to be scraped in the first place. @@ -3954,20 +4062,20 @@ spec: additionalProperties: type: string description: |- - The labels to add to any time series or alerts when communicating with + externalLabels defines the labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list. type: object externalUrl: description: |- - The external URL under which the Prometheus service is externally + externalUrl defines the external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). type: string hostAliases: description: |- - Optional list of hosts and IPs that will be injected into the Pod's + hostAliases defines the optional list of hosts and IPs that will be injected into the Pod's hosts file if specified. items: description: |- @@ -3975,12 +4083,12 @@ spec: pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -3992,7 +4100,7 @@ spec: x-kubernetes-list-type: map hostNetwork: description: |- - Use the host's network namespace if true. + hostNetwork defines the host's network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). @@ -4003,7 +4111,7 @@ spec: type: boolean hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -4012,14 +4120,14 @@ spec: type: boolean ignoreNamespaceSelectors: description: |- - When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + ignoreNamespaceSelectors when true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object. type: boolean image: description: |- - Container image name for Prometheus. If specified, it takes precedence + image defines the container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. Specifying `spec.version` is still necessary to ensure the Prometheus @@ -4031,7 +4139,7 @@ spec: type: string imagePullPolicy: description: |- - Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines the image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -4041,7 +4149,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to Secrets in the same namespace + imagePullSecrets defines an optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -4063,7 +4171,7 @@ spec: type: array initContainers: description: |- - InitContainers allows injecting initContainers to the Pod definition. Those + initContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: @@ -4119,8 +4227,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -4178,6 +4287,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -4238,8 +4384,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -4266,8 +4412,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -4938,7 +5085,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -4992,10 +5139,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -5007,6 +5154,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -5507,7 +5707,7 @@ spec: type: array keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -5518,7 +5718,7 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5527,7 +5727,7 @@ spec: type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5536,7 +5736,7 @@ spec: type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5545,11 +5745,11 @@ spec: type: integer listenLocal: description: |- - When true, the Prometheus server listens on the loopback address + listenLocal when true, the Prometheus server listens on the loopback address instead of the Pod IP's address. type: boolean logFormat: - description: Log format for Log level for Prometheus and the config-reloader + description: logFormat for Log level for Prometheus and the config-reloader sidecar. enum: - "" @@ -5557,7 +5757,7 @@ spec: - json type: string logLevel: - description: Log level for Prometheus and the config-reloader sidecar. + description: logLevel for Prometheus and the config-reloader sidecar. enum: - "" - debug @@ -5567,14 +5767,14 @@ spec: type: string maximumStartupDurationSeconds: description: |- - Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. - If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). + maximumStartupDurationSeconds defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 900 seconds (15 minutes). format: int32 minimum: 60 type: integer minReadySeconds: description: |- - Minimum number of seconds for which a newly created Pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -5583,7 +5783,7 @@ spec: type: integer nameEscapingScheme: description: |- - Specifies the character escaping scheme that will be requested when scraping + nameEscapingScheme defines the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. @@ -5596,7 +5796,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. enum: @@ -5606,21 +5806,21 @@ spec: nodeSelector: additionalProperties: type: string - description: Defines on which Nodes the Pods are scheduled. + description: nodeSelector defines on which Nodes the Pods are scheduled. type: object otlp: description: |- - Settings related to the OTLP receiver feature. + otlp defines the settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. properties: convertHistogramsToNHCB: description: |- - Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. + convertHistogramsToNHCB defines optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. It requires Prometheus >= v3.4.0. type: boolean ignoreResourceAttributes: description: |- - List of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. + ignoreResourceAttributes defines the list of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. It requires `promoteAllResourceAttributes` to be true. It requires Prometheus >= v3.5.0. @@ -5632,21 +5832,21 @@ spec: x-kubernetes-list-type: set keepIdentifyingResourceAttributes: description: |- - Enables adding `service.name`, `service.namespace` and `service.instance.id` + keepIdentifyingResourceAttributes enables adding `service.name`, `service.namespace` and `service.instance.id` resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. It requires Prometheus >= v3.1.0. type: boolean promoteAllResourceAttributes: description: |- - Promote all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. + promoteAllResourceAttributes promotes all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. Cannot be true when `promoteResourceAttributes` is defined. It requires Prometheus >= v3.5.0. type: boolean promoteResourceAttributes: description: |- - List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + promoteResourceAttributes defines the list of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. Cannot be defined when `promoteAllResourceAttributes` is true. items: minLength: 1 @@ -5654,39 +5854,46 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + promoteScopeMetadata: + description: |- + promoteScopeMetadata controls whether to promote OpenTelemetry scope metadata (i.e. name, version, schema URL, and attributes) to metric labels. + As per the OpenTelemetry specification, the aforementioned scope metadata should be identifying, i.e. made into metric labels. + It requires Prometheus >= v3.6.0. + type: boolean translationStrategy: description: |- - Configures how the OTLP receiver endpoint translates the incoming metrics. + translationStrategy defines how the OTLP receiver endpoint translates the incoming metrics. It requires Prometheus >= v3.0.0. enum: - NoUTF8EscapingWithSuffixes - UnderscoreEscapingWithSuffixes - NoTranslation + - UnderscoreEscapingWithoutSuffixes type: string type: object overrideHonorLabels: description: |- - When true, Prometheus resolves label conflicts by renaming the labels in the scraped data + overrideHonorLabels when true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from ServiceMonitor, PodMonitor and ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies. - In practice,`overrideHonorLaels:true` enforces `honorLabels:false` + In practice,`OverrideHonorLabels:true` enforces `honorLabels:false` for all ServiceMonitor, PodMonitor and ScrapeConfig objects. type: boolean overrideHonorTimestamps: description: |- - When true, Prometheus ignores the timestamps for all the targets created + overrideHonorTimestamps when true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. type: boolean paused: description: |- - When a Prometheus deployment is paused, no actions except for deletion + paused defines when a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy defines the field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -5709,7 +5916,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + podMetadata defines labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * "prometheus" label, set to the name of the Prometheus object. @@ -5725,7 +5932,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -5734,14 +5941,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -5751,7 +5958,7 @@ spec: type: object podMonitorNamespaceSelector: description: |- - Namespaces to match for PodMonitors discovery. An empty label selector + podMonitorNamespaceSelector defines the namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -5800,7 +6007,7 @@ spec: x-kubernetes-map-type: atomic podMonitorSelector: description: |- - PodMonitors to be selected for target discovery. An empty label selector + podMonitorSelector defines the podMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5857,7 +6064,7 @@ spec: x-kubernetes-map-type: atomic podTargetLabels: description: |- - PodTargetLabels are appended to the `spec.podTargetLabels` field of all + podTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects. items: type: string @@ -5865,15 +6072,15 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName used for the pods and governing service. Default: "web" type: string priorityClassName: - description: Priority class assigned to the Pods. + description: priorityClassName assigned to the Pods. type: string probeNamespaceSelector: description: |- - Namespaces to match for Probe discovery. An empty label + probeNamespaceSelector defines the namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -5922,7 +6129,7 @@ spec: x-kubernetes-map-type: atomic probeSelector: description: |- - Probes to be selected for target discovery. An empty label selector + probeSelector defines the probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5979,7 +6186,7 @@ spec: x-kubernetes-map-type: atomic prometheusExternalLabelName: description: |- - Name of Prometheus external label used to denote the Prometheus instance + prometheusExternalLabelName defines the name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -5987,7 +6194,7 @@ spec: type: string prometheusRulesExcludedFromEnforce: description: |- - Defines the list of PrometheusRule objects to which the namespace label + prometheusRulesExcludedFromEnforce defines the list of PrometheusRule objects to which the namespace label enforcement doesn't apply. This is only relevant when `spec.enforcedNamespaceLabel` is set to true. Deprecated: use `spec.excludedFromEnforcement` instead. @@ -5998,10 +6205,12 @@ spec: namespace label for alerts and metrics. properties: ruleName: - description: Name of the excluded PrometheusRule object. + description: ruleName defines the name of the excluded PrometheusRule + object. type: string ruleNamespace: - description: Namespace of the excluded PrometheusRule object. + description: ruleNamespace defines the namespace of the excluded + PrometheusRule object. type: string required: - ruleName @@ -6009,27 +6218,29 @@ spec: type: object type: array query: - description: QuerySpec defines the configuration of the Promethus - query service. + description: query defines the configuration of the Prometheus query + service. properties: lookbackDelta: - description: The delta difference allowed for retrieving metrics - during expression evaluations. + description: lookbackDelta defines the delta difference allowed + for retrieving metrics during expression evaluations. type: string maxConcurrency: - description: Number of concurrent queries that can be run at once. + description: maxConcurrency defines the number of concurrent queries + that can be run at once. format: int32 minimum: 1 type: integer maxSamples: description: |- - Maximum number of samples a single query can load into memory. Note that + maxSamples defines the maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return. format: int32 type: integer timeout: - description: Maximum time a query may take before being aborted. + description: timeout defines the maximum time a query may take + before being aborted. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -6049,14 +6260,14 @@ spec: type: string reloadStrategy: description: |- - Defines the strategy used to reload the Prometheus configuration. + reloadStrategy defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. enum: - HTTP - ProcessSignal type: string remoteRead: - description: Defines the list of remote read configurations. + description: remoteRead defines the list of remote read configurations. items: description: |- RemoteReadSpec defines the configuration for Prometheus to read back samples @@ -6064,15 +6275,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6096,12 +6307,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6110,13 +6321,13 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6142,7 +6353,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6169,26 +6380,25 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read the bearer token for the URL. + bearerTokenFile defines the file from which to read the bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string filterExternalLabels: description: |- - Whether to use the external labels as selectors for the remote read endpoint. + filterExternalLabels defines whether to use the external labels as selectors for the remote read endpoint. It requires Prometheus >= v2.34.0. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0. type: boolean @@ -6196,13 +6406,13 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote read request. + headers defines the custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.26.0 and newer. type: object name: description: |- - The name of the remote read queue, it must be unique if specified. The + name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. @@ -6210,7 +6420,7 @@ spec: type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6218,7 +6428,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0. @@ -6226,12 +6436,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6254,7 +6464,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6280,7 +6491,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6308,12 +6519,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6347,7 +6558,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6355,33 +6566,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6404,8 +6614,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6430,12 +6640,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6458,8 +6668,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6484,11 +6694,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6513,7 +6724,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6524,7 +6735,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6534,12 +6745,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6575,7 +6787,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6583,40 +6795,41 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string readRecent: description: |- - Whether reads should be made for queries for time ranges that + readRecent defines whether reads should be made for queries for time ranges that the local storage should have complete data for. type: boolean remoteTimeout: - description: Timeout for requests to the remote read endpoint. + description: remoteTimeout defines the timeout for requests + to the remote read endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string requiredMatchers: additionalProperties: type: string description: |- - An optional list of equality matchers which have to be present + requiredMatchers defines an optional list of equality matchers which have to be present in a selector to query the remote read endpoint. type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6639,7 +6852,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6664,15 +6878,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6695,7 +6910,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6720,19 +6936,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6757,7 +6974,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6768,7 +6985,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6778,18 +6995,19 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to query from. + description: url defines the URL of the endpoint to query from. type: string required: - url type: object type: array remoteWrite: - description: Defines the list of remote write configurations. + description: remoteWrite defines the list of remote write configurations. items: description: |- RemoteWriteSpec defines the configuration to write samples from Prometheus @@ -6797,15 +7015,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6829,12 +7047,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6843,15 +7061,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -6859,32 +7077,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -6908,9 +7127,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -6921,29 +7140,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6969,7 +7188,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6996,23 +7215,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -7020,14 +7238,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -7044,37 +7262,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7082,7 +7300,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -7090,12 +7308,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7118,7 +7336,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7144,7 +7363,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7172,12 +7391,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7211,7 +7430,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7219,33 +7438,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7268,8 +7486,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7294,12 +7512,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7322,8 +7540,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7348,11 +7566,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7377,7 +7596,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7388,7 +7607,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7398,12 +7617,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -7439,7 +7659,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7447,89 +7667,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -7537,14 +7756,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -7552,7 +7771,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -7577,18 +7796,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -7612,17 +7833,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7645,7 +7871,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7670,15 +7897,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7701,7 +7929,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7726,19 +7955,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7763,7 +7993,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7774,7 +8004,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7784,15 +8014,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -7803,7 +8036,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -7835,41 +8068,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -7884,7 +8117,7 @@ spec: type: array remoteWriteReceiverMessageVersions: description: |- - List of the protobuf message versions to accept when receiving the + remoteWriteReceiverMessageVersions list of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. @@ -7898,7 +8131,7 @@ spec: x-kubernetes-list-type: set replicaExternalLabelName: description: |- - Name of Prometheus external label used to denote the replica name. + replicaExternalLabelName defines the name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -7906,7 +8139,7 @@ spec: type: string replicas: description: |- - Number of replicas of each shard to deploy for a Prometheus deployment. + replicas defines the number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. @@ -7914,15 +8147,15 @@ spec: format: int32 type: integer resources: - description: Defines the resources requests and limits of the 'prometheus' - container. + description: resources defines the resources requests and limits of + the 'prometheus' container. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -7975,18 +8208,19 @@ spec: type: object retention: description: |- - How long to retain the Prometheus data. + retention defines how long to retain the Prometheus data. Default: "24h" if `spec.retention` and `spec.retentionSize` are empty. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string retentionSize: - description: Maximum number of bytes used by the Prometheus data. + description: retentionSize defines the maximum number of bytes used + by the Prometheus data. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string routePrefix: description: |- - The route prefix Prometheus registers HTTP handlers for. + routePrefix defines the route prefix Prometheus registers HTTP handlers for. This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but @@ -7995,7 +8229,7 @@ spec: type: string ruleNamespaceSelector: description: |- - Namespaces to match for PrometheusRule discovery. An empty label selector + ruleNamespaceSelector defines the namespaces to match for PrometheusRule discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -8044,13 +8278,13 @@ spec: x-kubernetes-map-type: atomic ruleQueryOffset: description: |- - Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + ruleQueryOffset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleSelector: description: |- - PrometheusRule objects to be selected for rule evaluation. An empty + ruleSelector defines the prometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. properties: @@ -8098,40 +8332,41 @@ spec: type: object x-kubernetes-map-type: atomic rules: - description: Defines the configuration of the Prometheus rules' engine. + description: rules defines the configuration of the Prometheus rules' + engine. properties: alert: description: |- - Defines the parameters of the Prometheus rules' engine. + alert defines the parameters of the Prometheus rules' engine. Any update to these parameters trigger a restart of the pods. properties: forGracePeriod: description: |- - Minimum duration between alert and restored 'for' state. + forGracePeriod defines the minimum duration between alert and restored 'for' state. This is maintained only for alerts with a configured 'for' time greater than the grace period. type: string forOutageTolerance: description: |- - Max time to tolerate prometheus outage for restoring 'for' state of + forOutageTolerance defines the max time to tolerate prometheus outage for restoring 'for' state of alert. type: string resendDelay: description: |- - Minimum amount of time to wait before resending an alert to + resendDelay defines the minimum amount of time to wait before resending an alert to Alertmanager. type: string type: object type: object runtime: - description: RuntimeConfig configures the values for the Prometheus - process behavior + description: runtime defines the values for the Prometheus process + behavior properties: goGC: description: |- - The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + goGC defines the Go garbage collection target percentage. Lowering this number may increase the CPU usage. See: https://tip.golang.org/doc/gc-guide#GOGC format: int32 minimum: -1 @@ -8139,7 +8374,7 @@ spec: type: object sampleLimit: description: |- - SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -8148,7 +8383,7 @@ spec: type: integer scrapeClasses: description: |- - List of scrape classes to expose to scraping objects such as + scrapeClasses defines the list of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an *experimental feature*, it may change in any upcoming release @@ -8157,13 +8392,13 @@ spec: properties: attachMetadata: description: |- - AttachMetadata configures additional metadata to the discovered targets. + attachMetadata defines additional metadata to the discovered targets. When the scrape object defines its own configuration, it takes precedence over the scrape class configuration. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -8172,12 +8407,12 @@ spec: type: object authorization: description: |- - Authorization section for the ScrapeClass. + authorization section for the ScrapeClass. It will only apply if the scrape resource doesn't specify any Authorization. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -8201,12 +8436,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8215,14 +8450,14 @@ spec: type: object default: description: |- - Default indicates that the scrape applies to all scrape objects that + default defines that the scrape applies to all scrape objects that don't configure an explicit scrape class name. Only one scrape class can be set as the default. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol It requires Prometheus >= v3.0.0. @@ -8235,7 +8470,7 @@ spec: type: string metricRelabelings: description: |- - MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. + metricRelabelings defines the relabeling rules to apply to all samples before ingestion. The Operator adds the scrape class metric relabelings defined here. Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. @@ -8252,7 +8487,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -8284,41 +8519,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -8328,12 +8563,12 @@ spec: type: object type: array name: - description: Name of the scrape class. + description: name of the scrape class. minLength: 1 type: string relabelings: description: |- - Relabelings configures the relabeling rules to apply to all scrape targets. + relabelings defines the relabeling rules to apply to all scrape targets. The Operator automatically adds relabelings for a few standard Kubernetes fields like `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. @@ -8351,7 +8586,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -8383,41 +8618,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -8428,19 +8663,19 @@ spec: type: array tlsConfig: description: |- - TLSConfig defines the TLS settings to use for the scrape. When the + tlsConfig defines the TLS settings to use for the scrape. When the scrape objects define their own CA, certificate and/or key, they take precedence over the corresponding scrape class fields. For now only the `caFile`, `certFile` and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8463,7 +8698,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8488,15 +8724,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8519,7 +8756,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8544,19 +8782,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8581,7 +8820,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8592,7 +8831,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8602,7 +8841,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8614,7 +8854,7 @@ spec: x-kubernetes-list-type: map scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. @@ -8622,7 +8862,7 @@ spec: type: boolean scrapeConfigNamespaceSelector: description: |- - Namespaces to match for ScrapeConfig discovery. An empty label selector + scrapeConfigNamespaceSelector defines the namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. @@ -8673,7 +8913,7 @@ spec: x-kubernetes-map-type: atomic scrapeConfigSelector: description: |- - ScrapeConfigs to be selected for target discovery. An empty label + scrapeConfigSelector defines the scrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -8732,7 +8972,7 @@ spec: x-kubernetes-map-type: atomic scrapeFailureLogFile: description: |- - File to which scrape failures are logged. + scrapeFailureLogFile defines the file to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. 'file.log', The Prometheus Pods @@ -8745,14 +8985,14 @@ spec: scrapeInterval: default: 30s description: |- - Interval between consecutive scrapes. + scrapeInterval defines interval between consecutive scrapes. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -8780,13 +9020,13 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Prometheus + secrets defines a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. @@ -8796,7 +9036,7 @@ spec: x-kubernetes-list-type: set securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -9030,12 +9270,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceDiscoveryRole: description: |- - Defines the service discovery role used to discover targets from + serviceDiscoveryRole defines the service discovery role used to discover targets from `ServiceMonitor` objects and Alertmanager endpoints. If set, the value should be either "Endpoints" or "EndpointSlice". @@ -9046,7 +9286,7 @@ spec: type: string serviceMonitorNamespaceSelector: description: |- - Namespaces to match for ServicedMonitors discovery. An empty label selector + serviceMonitorNamespaceSelector defines the namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -9095,7 +9335,7 @@ spec: x-kubernetes-map-type: atomic serviceMonitorSelector: description: |- - ServiceMonitors to be selected for target discovery. An empty label + serviceMonitorSelector defines the serviceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -9152,7 +9392,7 @@ spec: x-kubernetes-map-type: atomic serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, or `prometheus-agent-operated` for PrometheusAgent resources. @@ -9161,12 +9401,12 @@ spec: minLength: 1 type: string sha: - description: 'Deprecated: use ''spec.image'' instead. The image''s + description: 'sha is deprecated: use ''spec.image'' instead. The image''s digest can be specified as part of the image name.' type: string shardRetentionPolicy: description: |- - ShardRetentionPolicy defines the retention policy for the Prometheus shards. + shardRetentionPolicy defines the retention policy for the Prometheus shards. (Alpha) Using this field requires the 'PrometheusShardRetentionPolicy' feature gate to be enabled. The final goals for this feature can be seen at https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/proposals/202310-shard-autoscaling.md#graceful-scale-down-of-prometheus-servers, @@ -9175,14 +9415,12 @@ spec: properties: retain: description: |- - Defines the config for retention when the retention policy is set to `Retain`. + retain defines the config for retention when the retention policy is set to `Retain`. This field is ineffective as of now. properties: retentionPeriod: - description: |- - Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function. - Supported units: y, w, d, h, m, s, ms - Examples: `30s`, `1m`, `1h20m15s`, `15d` + description: retentionPeriod defines the retentionPeriod for + shard retention policy. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string required: @@ -9190,7 +9428,7 @@ spec: type: object whenScaled: description: |- - Defines the retention policy when the Prometheus shards are scaled down. + whenScaled defines the retention policy when the Prometheus shards are scaled down. * `Delete`, the operator will delete the pods from the scaled-down shard(s). * `Retain`, the operator will keep the pods from the scaled-down shard(s), so the data can still be queried. @@ -9202,7 +9440,7 @@ spec: type: object shards: description: |- - Number of shards to distribute the scraped targets onto. + shards defines the number of shards to distribute the scraped targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods being created. @@ -9231,15 +9469,15 @@ spec: format: int32 type: integer storage: - description: Storage defines the storage used by Prometheus. + description: storage defines the storage used by Prometheus. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -9266,7 +9504,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -9487,15 +9725,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9513,7 +9749,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -9533,14 +9769,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -9549,14 +9785,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -9566,7 +9802,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -9743,15 +9979,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9764,7 +9998,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -9913,13 +10147,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -9950,12 +10182,12 @@ spec: type: object type: object tag: - description: 'Deprecated: use ''spec.image'' instead. The image''s + description: 'tag is deprecated: use ''spec.image'' instead. The image''s tag can be specified as part of the image name.' type: string targetLimit: description: |- - TargetLimit defines a limit on the number of scraped targets that will be accepted. + targetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -9964,7 +10196,7 @@ spec: type: integer terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -9973,11 +10205,12 @@ spec: minimum: 0 type: integer thanos: - description: Defines the configuration of the optional Thanos sidecar. + description: thanos defines the configuration of the optional Thanos + sidecar. properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the Thanos container. + additionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the @@ -9987,24 +10220,24 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for - name-only arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. + Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array baseImage: - description: 'Deprecated: use ''image'' instead.' + description: 'baseImage is deprecated: use ''image'' instead.' type: string blockSize: default: 2h description: |- - BlockDuration controls the size of TSDB blocks produced by Prometheus. + blockSize controls the size of TSDB blocks produced by Prometheus. The default value is 2h to match the upstream Prometheus defaults. WARNING: Changing the block duration can impact the performance and @@ -10015,34 +10248,35 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string getConfigInterval: - description: How often to retrieve the Prometheus configuration. + description: getConfigInterval defines how often to retrieve the + Prometheus configuration. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string getConfigTimeout: - description: Maximum time to wait when retrieving the Prometheus - configuration. + description: getConfigTimeout defines the maximum time to wait + when retrieving the Prometheus configuration. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string grpcListenLocal: description: |- - When true, the Thanos sidecar listens on the loopback interface instead + grpcListenLocal defines when true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the gRPC endpoints. It has no effect if `listenLocal` is true. type: boolean grpcServerTlsConfig: description: |- - Configures the TLS parameters for the gRPC server providing the StoreAPI. + grpcServerTlsConfig defines the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the `caFile`, `certFile`, and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10065,7 +10299,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10090,15 +10325,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10121,7 +10357,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10146,19 +10383,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10183,7 +10421,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10194,7 +10432,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10204,19 +10442,20 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object httpListenLocal: description: |- - When true, the Thanos sidecar listens on the loopback interface instead + httpListenLocal when true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the HTTP endpoints. It has no effect if `listenLocal` is true. type: boolean image: description: |- - Container image name for Thanos. If specified, it takes precedence over + image defines the container image name for Thanos. If specified, it takes precedence over the `spec.thanos.baseImage`, `spec.thanos.tag` and `spec.thanos.sha` fields. @@ -10228,18 +10467,18 @@ spec: the time when the operator was released. type: string listenLocal: - description: 'Deprecated: use `grpcListenLocal` and `httpListenLocal` - instead.' + description: 'listenLocal is deprecated: use `grpcListenLocal` + and `httpListenLocal` instead.' type: boolean logFormat: - description: Log format for the Thanos sidecar. + description: logFormat for the Thanos sidecar. enum: - "" - logfmt - json type: string logLevel: - description: Log level for the Thanos sidecar. + description: logLevel for the Thanos sidecar. enum: - "" - debug @@ -10249,14 +10488,14 @@ spec: type: string minTime: description: |- - Defines the start of time range limit served by the Thanos sidecar's StoreAPI. + minTime defines the start of time range limit served by the Thanos sidecar's StoreAPI. The field's value should be a constant time in RFC3339 format or a time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y. type: string objectStorageConfig: description: |- - Defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. + objectStorageConfig defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ @@ -10285,7 +10524,7 @@ spec: x-kubernetes-map-type: atomic objectStorageConfigFile: description: |- - Defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. + objectStorageConfigFile defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ @@ -10293,20 +10532,20 @@ spec: type: string readyTimeout: description: |- - ReadyTimeout is the maximum time that the Thanos sidecar will wait for + readyTimeout defines the maximum time that the Thanos sidecar will wait for Prometheus to start. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resources: - description: Defines the resources requests and limits of the - Thanos sidecar. + description: resources defines the resources requests and limits + of the Thanos sidecar. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -10358,16 +10597,16 @@ spec: type: object type: object sha: - description: 'Deprecated: use ''image'' instead. The image digest - can be specified as part of the image name.' + description: 'sha is deprecated: use ''image'' instead. The image + digest can be specified as part of the image name.' type: string tag: - description: 'Deprecated: use ''image'' instead. The image''s + description: 'tag is deprecated: use ''image'' instead. The image''s tag can be specified as as part of the image name.' type: string tracingConfig: description: |- - Defines the tracing configuration for the Thanos sidecar. + tracingConfig defines the tracing configuration for the Thanos sidecar. `tracingConfigFile` takes precedence over this field. @@ -10399,7 +10638,7 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: |- - Defines the tracing configuration file for the Thanos sidecar. + tracingConfigFile defines the tracing configuration file for the Thanos sidecar. This field takes precedence over `tracingConfig`. @@ -10410,7 +10649,7 @@ spec: type: string version: description: |- - Version of Thanos being deployed. The operator uses this information + version of Thanos being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream release of @@ -10419,7 +10658,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts for Thanos. + volumeMounts allows configuration of additional VolumeMounts for Thanos. VolumeMounts specified will be appended to other VolumeMounts in the 'thanos-sidecar' container. items: @@ -10486,7 +10725,7 @@ spec: type: array type: object tolerations: - description: Defines the Pods' tolerations if specified. + description: tolerations defines the Pods' tolerations if specified. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -10525,12 +10764,14 @@ spec: type: object type: array topologySpreadConstraints: - description: Defines the pod's topology spread constraints if specified. + description: topologySpreadConstraints defines the pod's topology + spread constraints if specified. items: properties: additionalLabelSelectors: - description: Defines what Prometheus Operator managed labels - should be added to labelSelector on the topologySpreadConstraint. + description: additionalLabelSelectors Defines what Prometheus + Operator managed labels should be added to labelSelector on + the topologySpreadConstraint. enum: - OnResource - OnShard @@ -10705,61 +10946,62 @@ spec: type: array tracingConfig: description: |- - TracingConfig configures tracing in Prometheus. + tracingConfig defines tracing in Prometheus. This is an *experimental feature*, it may change in any upcoming release in a breaking way. properties: clientType: - description: Client used to export the traces. Supported values - are `http` or `grpc`. + description: clientType defines the client used to export the + traces. Supported values are `http` or `grpc`. enum: - http - grpc type: string compression: - description: Compression key for supported compression types. + description: compression key for supported compression types. The only supported value is `gzip`. enum: - gzip type: string endpoint: - description: Endpoint to send the traces to. Should be provided + description: endpoint to send the traces to. Should be provided in format :. minLength: 1 type: string headers: additionalProperties: type: string - description: Key-value pairs to be used as headers associated - with gRPC or HTTP requests. + description: headers defines the key-value pairs to be used as + headers associated with gRPC or HTTP requests. type: object insecure: - description: If disabled, the client will use a secure connection. + description: insecure if disabled, the client will use a secure + connection. type: boolean samplingFraction: anyOf: - type: integer - type: string - description: Sets the probability a given trace will be sampled. - Must be a float from 0 through 1. + description: samplingFraction defines the probability a given + trace will be sampled. Must be a float from 0 through 1. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true timeout: - description: Maximum time the exporter will wait for each batch - export. + description: timeout defines the maximum time the exporter will + wait for each batch export. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use when sending traces. + description: tlsConfig to use when sending traces. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10782,7 +11024,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10807,15 +11050,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10838,7 +11082,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10863,19 +11108,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10900,7 +11146,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10911,7 +11157,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10921,7 +11167,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -10929,12 +11176,12 @@ spec: type: object tsdb: description: |- - Defines the runtime reloadable configuration of the timeseries database(TSDB). + tsdb defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. properties: outOfOrderTimeWindow: description: |- - Configures how old an out-of-order/out-of-bounds sample can be with + outOfOrderTimeWindow defines how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as @@ -10949,7 +11196,7 @@ spec: type: object version: description: |- - Version of Prometheus being deployed. The operator uses this information + version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of @@ -10958,7 +11205,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows the configuration of additional VolumeMounts. + volumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects. @@ -11026,7 +11273,7 @@ spec: type: array volumes: description: |- - Volumes allows the configuration of additional volumes on the output + volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -11700,15 +11947,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -11890,12 +12135,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -11974,7 +12217,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -12394,6 +12637,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -12528,7 +12876,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -12813,29 +13160,30 @@ spec: type: array walCompression: description: |- - Configures compression of the write-ahead log (WAL) using Snappy. + walCompression defines the compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. type: boolean web: - description: Defines the configuration of the Prometheus web server. + description: web defines the configuration of the Prometheus web server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -12844,7 +13192,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -12853,7 +13201,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -12863,42 +13211,42 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object maxConnections: description: |- - Defines the maximum number of simultaneous connections + maxConnections defines the maximum number of simultaneous connections A zero value means that Prometheus doesn't accept any incoming connection. format: int32 minimum: 0 type: integer pageTitle: - description: The prometheus web page title. + description: pageTitle defines the prometheus web page title. type: string tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12921,7 +13269,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12947,7 +13296,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -12955,7 +13304,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -12965,14 +13314,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12995,7 +13344,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -13021,21 +13371,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -13045,7 +13395,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -13053,7 +13403,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -13081,14 +13431,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -13099,18 +13451,19 @@ spec: type: object status: description: |- - Most recent observed status of the Prometheus cluster. Read-only. + status defines the most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. format: int32 type: integer conditions: - description: The current state of the Prometheus deployment. + description: conditions defines the current state of the Prometheus + deployment. items: description: |- Condition represents the state of the resources associated with the @@ -13122,12 +13475,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -13135,14 +13488,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -13156,45 +13509,46 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + replicas defines the total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Prometheus resource. + description: selector used to match the pods targeted by this Prometheus + resource. type: string shardStatuses: - description: The list has one entry per shard. Each entry provides - a summary of the shard status. + description: shardStatuses defines the list has one entry per shard. + Each entry provides a summary of the shard status. items: properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this shard. format: int32 type: integer replicas: - description: Total number of pods targeted by this shard. + description: replicas defines the total number of pods targeted + by this shard. format: int32 type: integer shardID: - description: Identifier of the shard. + description: shardID defines the identifier of the shard. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this - shard. + description: unavailableReplicas defines the Total number of + unavailable pods targeted by this shard. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this shard + updatedReplicas defines the total number of non-terminated pods targeted by this shard that have the desired spec. format: int32 type: integer @@ -13210,26 +13564,20 @@ spec: - shardID x-kubernetes-list-type: map shards: - description: Shards is the most recently observed number of shards. + description: shards defines the most recently observed number of shards. format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this Prometheus - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Prometheus deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + updatedReplicas defines the total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml index d54fa24e9aa3..60b20ff007d6 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-prometheusrules.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheusrules.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -46,24 +46,25 @@ spec: metadata: type: object spec: - description: Specification of desired alerting rule definitions for Prometheus. + description: spec defines the specification of desired alerting rule definitions + for Prometheus. properties: groups: - description: Content of Prometheus rule file + description: groups defines the content of Prometheus rule file items: description: RuleGroup is a list of sequentially evaluated recording and alerting rules. properties: interval: - description: Interval determines how often rules in the group - are evaluated. + description: interval defines how often rules in the group are + evaluated. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string labels: additionalProperties: type: string description: |- - Labels to add or overwrite before storing the result for its rules. + labels define the labels to add or overwrite before storing the result for its rules. The labels defined at the rule level take precedence. It requires Prometheus >= 3.0.0. @@ -71,31 +72,32 @@ spec: type: object limit: description: |- - Limit the number of alerts an alerting rule and series a recording + limit defines the number of alerts an alerting rule and series a recording rule can produce. Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24. type: integer name: - description: Name of the rule group. + description: name defines the name of the rule group. minLength: 1 type: string partial_response_strategy: description: |- - PartialResponseStrategy is only used by ThanosRuler and will + partial_response_strategy is only used by ThanosRuler and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response pattern: ^(?i)(abort|warn)?$ type: string query_offset: description: |- - Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + query_offset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string rules: - description: List of alerting and recording rules. + description: rules defines the list of alerting and recording + rules. items: description: |- Rule describes an alerting or recording rule @@ -103,42 +105,42 @@ spec: properties: alert: description: |- - Name of the alert. Must be a valid label value. + alert defines the name of the alert. Must be a valid label value. Only one of `record` and `alert` must be set. type: string annotations: additionalProperties: type: string description: |- - Annotations to add to each alert. + annotations defines annotations to add to each alert. Only valid for alerting rules. type: object expr: anyOf: - type: integer - type: string - description: PromQL expression to evaluate. + description: expr defines the PromQL expression to evaluate. x-kubernetes-int-or-string: true for: - description: Alerts are considered firing once they have - been returned for this long. + description: for defines how alerts are considered firing + once they have been returned for this long. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string keep_firing_for: - description: KeepFiringFor defines how long an alert will - continue firing after the condition that triggered it - has cleared. + description: keep_firing_for defines how long an alert + will continue firing after the condition that triggered + it has cleared. minLength: 1 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string labels: additionalProperties: type: string - description: Labels to add or overwrite. + description: labels defines labels to add or overwrite. type: object record: description: |- - Name of the time series to output to. Must be a valid metric name. + record defines the name of the time series to output to. Must be a valid metric name. Only one of `record` and `alert` must be set. type: string required: @@ -153,8 +155,113 @@ spec: - name x-kubernetes-list-type: map type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the PrometheusRule. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml index f78e04c7d437..a3d86bd83b1f 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-scrapeconfigs.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: scrapeconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -45,15 +45,15 @@ spec: metadata: type: object spec: - description: ScrapeConfigSpec is a specification of the desired configuration - for a scrape configuration. + description: spec defines the specification of ScrapeConfigSpec. properties: authorization: - description: Authorization header to use on every scrape request. + description: authorization defines the header to use on every scrape + request. properties: credentials: - description: Selects a key of a Secret in the namespace that contains - the credentials for authentication. + description: credentials defines a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -78,7 +78,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -86,7 +86,7 @@ spec: type: string type: object azureSDConfigs: - description: AzureSDConfigs defines a list of Azure service discovery + description: azureSDConfigs defines a list of Azure service discovery configurations. items: description: |- @@ -95,7 +95,7 @@ spec: properties: authenticationMethod: description: |- - # The authentication method, either `OAuth` or `ManagedIdentity` or `SDK`. + authenticationMethod defines the authentication method, either `OAuth` or `ManagedIdentity` or `SDK`. See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview SDK authentication method uses environment variables by default. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication @@ -106,12 +106,12 @@ spec: type: string authorization: description: |- - Authorization header configuration to authenticate against the target HTTP endpoint. + authorization defines the authorization header configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `oAuth2`, or `basicAuth`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -136,7 +136,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -145,13 +145,13 @@ spec: type: object basicAuth: description: |- - BasicAuth information to authenticate against the target HTTP endpoint. + basicAuth defines the information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oAuth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -177,7 +177,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -203,13 +203,13 @@ spec: x-kubernetes-map-type: atomic type: object clientID: - description: Optional client ID. Only required with the OAuth - authentication method. + description: clientID defines client ID. Only required with + the OAuth authentication method. minLength: 1 type: string clientSecret: - description: Optional client secret. Only required with the - OAuth authentication method. + description: clientSecret defines client secret. Only required + with the OAuth authentication method. properties: key: description: The key of the secret to select from. Must @@ -233,37 +233,36 @@ spec: type: object x-kubernetes-map-type: atomic enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean environment: - description: The Azure environment. + description: environment defines the Azure environment. minLength: 1 type: string followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. - Cannot be set at the same time as `authorization`, or `basicAuth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -286,7 +285,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -312,7 +312,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -340,12 +340,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -379,7 +379,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -387,33 +387,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -436,8 +435,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -462,12 +461,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -490,8 +489,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -516,11 +515,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -545,7 +545,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -556,7 +556,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -566,12 +566,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -581,7 +582,7 @@ spec: type: object port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 @@ -615,7 +616,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -623,44 +624,47 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resourceGroup: description: |- - Optional resource group name. Limits discovery to this resource group. + resourceGroup defines resource group name. Limits discovery to this resource group. Requires Prometheus v2.35.0 and above minLength: 1 type: string subscriptionID: - description: The subscription ID. Always required. + description: subscriptionID defines subscription ID. Always + required. minLength: 1 type: string tenantID: - description: Optional tenant ID. Only required with the OAuth - authentication method. + description: tenantID defines tenant ID. Only required with + the OAuth authentication method. minLength: 1 type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defies the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -683,7 +687,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -708,11 +713,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -735,7 +741,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -760,11 +767,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -789,7 +797,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -800,7 +808,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -810,7 +818,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -818,11 +827,12 @@ spec: type: object type: array basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -848,7 +858,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -874,7 +884,7 @@ spec: x-kubernetes-map-type: atomic type: object consulSDConfigs: - description: ConsulSDConfigs defines a list of Consul service discovery + description: consulSDConfigs defines a list of Consul service discovery configurations. items: description: |- @@ -883,17 +893,17 @@ spec: properties: allowStale: description: |- - Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. + allowStale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. If unset, Prometheus uses its default value. type: boolean authorization: description: |- - Optional Authorization header configuration to authenticate against the Consul Server. + authorization defines the header configuration to authenticate against the Consul Server. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -918,7 +928,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -927,13 +937,13 @@ spec: type: object basicAuth: description: |- - Optional BasicAuth information to authenticate against the Consul Server. + basicAuth defines the information to authenticate against the Consul Server. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -959,7 +969,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -985,37 +995,34 @@ spec: x-kubernetes-map-type: atomic type: object datacenter: - description: Consul Datacenter name, if not provided it will - use the local Consul Agent Datacenter. + description: datacenter defines the consul Datacenter name, + if not provided it will use the local Consul Agent Datacenter. minLength: 1 type: string enableHTTP2: - description: |- - Whether to enable HTTP2. - If unset, Prometheus uses its default value. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filter: description: |- - Filter expression used to filter the catalog results. + filter defines the filter expression used to filter the catalog results. See https://www.consul.io/api-docs/catalog#list-services It requires Prometheus >= 3.0.0. minLength: 1 type: string followRedirects: - description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. - If unset, Prometheus uses its default value. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespace: description: |- - Namespaces are only supported in Consul Enterprise. + namespace are only supported in Consul Enterprise. It requires Prometheus >= 2.28.0. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1025,23 +1032,23 @@ spec: additionalProperties: type: string description: |- - Node metadata key/value pairs to filter nodes for a given service. + nodeMeta defines the node metadata key/value pairs to filter nodes for a given service. Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead. type: object x-kubernetes-map-type: atomic oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1064,7 +1071,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1090,7 +1098,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1118,12 +1126,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1157,7 +1165,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1165,33 +1173,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1214,8 +1221,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1240,12 +1247,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1268,8 +1275,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1294,11 +1301,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1323,7 +1331,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1334,7 +1342,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1344,12 +1352,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -1358,12 +1367,13 @@ spec: - tokenUrl type: object partition: - description: Admin Partitions are only supported in Consul Enterprise. + description: partition defines the admin Partitions are only + supported in Consul Enterprise. minLength: 1 type: string pathPrefix: description: |- - Prefix for URIs for when consul is behind an API gateway (reverse proxy). + pathPrefix defines the prefix for URIs for when consul is behind an API gateway (reverse proxy). It requires Prometheus >= 2.45.0. minLength: 1 @@ -1396,7 +1406,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1404,63 +1414,64 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - The time after which the provided names are refreshed. - On large setup it might be a good idea to increase this value because the catalog will change all the time. - If unset, Prometheus uses its default value. + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scheme: - description: HTTP Scheme default "http" + description: scheme defines the HTTP Scheme default "http" enum: - HTTP - HTTPS type: string server: - description: Consul server address. A valid string consisting - of a hostname or IP followed by an optional port number. + description: server defines the consul server address. A valid + string consisting of a hostname or IP followed by an optional + port number. minLength: 1 type: string services: - description: A list of services for which targets are retrieved. - If omitted, all services are scraped. + description: services defines a list of services for which targets + are retrieved. If omitted, all services are scraped. items: type: string type: array x-kubernetes-list-type: set tagSeparator: description: |- - The string by which Consul tags are joined into the tag label. + tagSeparator defines the string by which Consul tags are joined into the tag label. If unset, Prometheus uses its default value. minLength: 1 type: string tags: description: |- - An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. + tags defines an optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead. items: type: string type: array x-kubernetes-list-type: set tlsConfig: - description: TLS configuration to connect to the Consul API. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1483,7 +1494,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1508,11 +1520,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1535,7 +1548,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1560,11 +1574,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1589,7 +1604,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1600,7 +1615,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1610,12 +1625,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenRef: - description: Consul ACL TokenRef, if not provided it will use - the ACL from the local Consul Agent. + description: tokenRef defines the consul ACL TokenRef, if not + provided it will use the ACL from the local Consul Agent. properties: key: description: The key of the secret to select from. Must @@ -1644,11 +1660,11 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean digitalOceanSDConfigs: - description: DigitalOceanSDConfigs defines a list of DigitalOcean + description: digitalOceanSDConfigs defines a list of DigitalOcean service discovery configurations. items: description: |- @@ -1658,12 +1674,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the DigitalOcean API. + authorization defines the header configuration to authenticate against the DigitalOcean API. Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1688,7 +1704,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1696,33 +1712,32 @@ spec: type: string type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1745,7 +1760,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1771,7 +1787,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1799,12 +1815,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1838,7 +1854,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1846,33 +1862,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1895,8 +1910,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1921,12 +1936,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1949,8 +1964,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1975,11 +1990,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2004,7 +2020,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2015,7 +2031,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2025,12 +2041,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -2039,7 +2056,8 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -2072,7 +2090,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2080,28 +2098,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2124,7 +2145,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2149,11 +2171,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2176,7 +2199,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2201,11 +2225,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2230,7 +2255,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2241,7 +2266,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2251,13 +2276,14 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array dnsSDConfigs: - description: DNSSDConfigs defines a list of DNS service discovery + description: dnsSDConfigs defines a list of DNS service discovery configurations. items: description: |- @@ -2266,7 +2292,8 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config properties: names: - description: A list of DNS domain names to be queried. + description: names defines a list of DNS domain names to be + queried. items: minLength: 1 type: string @@ -2274,7 +2301,7 @@ spec: type: array port: description: |- - The port number used if the query type is not SRV + port defines the port to scrape metrics from. If using the public IP address, this must Ignored for SRV records format: int32 maximum: 65535 @@ -2282,13 +2309,13 @@ spec: type: integer refreshInterval: description: |- - RefreshInterval configures the time after which the provided names are refreshed. + refreshInterval defines the time after which the provided names are refreshed. If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: description: |- - The type of DNS query to perform. One of SRV, A, AAAA, MX or NS. + type defines the type of DNS query to perform. One of SRV, A, AAAA, MX or NS. If not set, Prometheus uses its default value. When set to NS, it requires Prometheus >= v2.49.0. @@ -2305,7 +2332,7 @@ spec: type: object type: array dockerSDConfigs: - description: DockerSDConfigs defines a list of Docker service discovery + description: dockerSDConfigs defines a list of Docker service discovery configurations. items: description: |- @@ -2316,12 +2343,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the Docker API. + authorization defines the header configuration to authenticate against the DigitalOcean API. Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -2346,7 +2373,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2354,11 +2381,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2384,7 +2412,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2410,20 +2438,20 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filters: - description: Optional filters to limit the discovery process - to a subset of the available resources. + description: filters defines filters to limit the discovery + process to a subset of the available resources. items: description: Filter name and value pairs to limit the discovery process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -2439,45 +2467,44 @@ spec: - name x-kubernetes-list-type: map followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean host: - description: Address of the docker daemon + description: host defines the address of the docker daemon minLength: 1 type: string hostNetworkingHost: - description: The host to use if the container is in host networking - mode. + description: hostNetworkingHost defines the host to use if the + container is in host networking mode. minLength: 1 type: string matchFirstNetwork: description: |- - Configure whether to match the first network if the container has multiple networks defined. + matchFirstNetwork defines whether to match the first network if the container has multiple networks defined. If unset, Prometheus uses true by default. It requires Prometheus >= v2.54.1. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2500,7 +2527,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2526,7 +2554,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -2554,12 +2582,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -2593,7 +2621,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2601,33 +2629,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2650,8 +2677,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2676,12 +2703,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2704,8 +2731,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2730,11 +2757,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2759,7 +2787,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2770,7 +2798,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2780,12 +2808,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -2794,7 +2823,8 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -2827,7 +2857,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2835,28 +2865,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Time after which the container is refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2879,7 +2912,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2904,11 +2938,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2931,7 +2966,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2956,11 +2992,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2985,7 +3022,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2996,7 +3033,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3006,7 +3043,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -3014,7 +3052,7 @@ spec: type: object type: array dockerSwarmSDConfigs: - description: DockerswarmSDConfigs defines a list of Dockerswarm service + description: dockerSwarmSDConfigs defines a list of Dockerswarm service discovery configurations. items: description: |- @@ -3022,12 +3060,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config properties: authorization: - description: Authorization header configuration to authenticate - against the target HTTP endpoint. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -3052,7 +3091,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -3060,11 +3099,12 @@ spec: type: string type: object basicAuth: - description: Optional HTTP basic authentication information. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -3090,7 +3130,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -3116,11 +3156,11 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filters: description: |- - Optional filters to limit the discovery process to a subset of available + filters defines the filters to limit the discovery process to a subset of available resources. The available filters are listed in the upstream documentation: Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList @@ -3131,10 +3171,10 @@ spec: process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -3150,16 +3190,16 @@ spec: - name x-kubernetes-list-type: map followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean host: - description: Address of the Docker daemon + description: host defines the address of the Docker daemon pattern: ^[a-zA-Z][a-zA-Z0-9+.-]*://.+$ type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3167,17 +3207,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3200,7 +3240,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3226,7 +3267,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3254,12 +3295,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3293,7 +3334,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3301,33 +3342,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3350,8 +3390,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -3376,12 +3416,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3404,8 +3444,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -3430,11 +3470,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -3459,7 +3500,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3470,7 +3511,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3480,12 +3521,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -3495,7 +3537,7 @@ spec: type: object port: description: |- - The port to scrape metrics from, when `role` is nodes, and for discovered + port defines the port to scrape metrics from. If using the public IP address, this must tasks and services that don't have published ports. format: int32 maximum: 65535 @@ -3529,7 +3571,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3537,21 +3579,22 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time after which the service discovery data - is refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: Role of the targets to retrieve. Must be `Services`, + description: role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`. enum: - Services @@ -3559,15 +3602,16 @@ spec: - Nodes type: string tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3590,7 +3634,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3615,11 +3660,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3642,7 +3688,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3667,11 +3714,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -3696,7 +3744,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3707,7 +3755,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3717,7 +3765,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -3726,7 +3775,7 @@ spec: type: object type: array ec2SDConfigs: - description: EC2SDConfigs defines a list of EC2 service discovery + description: ec2SDConfigs defines a list of EC2 service discovery configurations. items: description: |- @@ -3739,7 +3788,7 @@ spec: BasicAuth, Authorization and OAuth2 fields are not present on purpose. properties: accessKey: - description: AccessKey is the AWS API key. + description: accessKey defines the AWS API key. properties: key: description: The key of the secret to select from. Must @@ -3764,12 +3813,12 @@ spec: x-kubernetes-map-type: atomic enableHTTP2: description: |- - Whether to enable HTTP2. + enableHTTP2 defines whether to enable HTTP2. It requires Prometheus >= v2.41.0 type: boolean filters: description: |- - Filters can be used optionally to filter the instance list by other criteria. + filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html @@ -3779,10 +3828,10 @@ spec: process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -3799,12 +3848,12 @@ spec: x-kubernetes-list-type: map followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.41.0 type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3812,7 +3861,7 @@ spec: type: string port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 @@ -3846,7 +3895,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3854,29 +3903,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The AWS region. + description: region defines the AWS region. minLength: 1 type: string roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. + description: roleARN defines an alternative to using AWS API + keys. minLength: 1 type: string secretKey: - description: SecretKey is the AWS API secret. + description: secretKey defines the AWS API secret. properties: key: description: The key of the secret to select from. Must @@ -3901,16 +3952,16 @@ spec: x-kubernetes-map-type: atomic tlsConfig: description: |- - TLS configuration to connect to the AWS EC2 API. + tlsConfig defines the TLS configuration to connect to the Consul API. It requires Prometheus >= v2.41.0 properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3933,7 +3984,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3958,11 +4010,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3985,7 +4038,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4010,11 +4064,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4039,7 +4094,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4050,7 +4105,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4060,24 +4115,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array enableCompression: description: |- - When false, Prometheus will request uncompressed response from the scraped target. + enableCompression when false, Prometheus will request uncompressed response from the scraped target. It requires Prometheus >= v2.49.0. If unset, Prometheus uses true by default. type: boolean enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean eurekaSDConfigs: - description: EurekaSDConfigs defines a list of Eureka service discovery + description: eurekaSDConfigs defines a list of Eureka service discovery configurations. items: description: |- @@ -4086,11 +4142,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config properties: authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4115,7 +4173,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4123,11 +4181,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines the BasicAuth information to + use on every scrape request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4153,7 +4212,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4179,33 +4238,32 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization` or `basic_auth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4228,7 +4286,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4254,7 +4313,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4282,12 +4341,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4321,7 +4380,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4329,33 +4388,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4378,8 +4436,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -4404,12 +4462,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4432,8 +4490,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -4458,11 +4516,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4487,7 +4546,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4498,7 +4557,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4508,12 +4567,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -4549,7 +4609,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4557,32 +4617,37 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string server: - description: The URL to connect to the Eureka server. + description: server defines the URL to connect to the Eureka + server. minLength: 1 + pattern: ^http(s)?://.+$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4605,7 +4670,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4630,11 +4696,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4657,7 +4724,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4682,11 +4750,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4711,7 +4780,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4722,7 +4791,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4732,7 +4801,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -4741,7 +4811,7 @@ spec: type: array fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -4752,7 +4822,7 @@ spec: - PrometheusText1.0.0 type: string fileSDConfigs: - description: FileSDConfigs defines a list of file service discovery + description: fileSDConfigs defines a list of file service discovery configurations. items: description: |- @@ -4761,7 +4831,7 @@ spec: properties: files: description: |- - List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the + files defines the list of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. @@ -4773,8 +4843,9 @@ spec: type: array x-kubernetes-list-type: set refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will reload the content of the files. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string required: @@ -4782,7 +4853,7 @@ spec: type: object type: array gceSDConfigs: - description: GCESDConfigs defines a list of GCE service discovery + description: gceSDConfigs defines a list of GCE service discovery configurations. items: description: |- @@ -4802,36 +4873,37 @@ spec: properties: filter: description: |- - Filter can be used optionally to filter the instance list by other criteria + filter defines the filter that can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list minLength: 1 type: string port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 minimum: 0 type: integer project: - description: The Google Cloud Project ID + description: project defines the Google Cloud Project ID minLength: 1 type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tagSeparator: - description: The tag separator is used to separate the tags - on concatenation + description: tagSeparator defines the tag separator is used + to separate the tags on concatenation minLength: 1 type: string zone: - description: The zone of the scrape targets. If you need multiple - zones use multiple GCESDConfigs. + description: zone defines the zone of the scrape targets. If + you need multiple zones use multiple GCESDConfigs. minLength: 1 type: string required: @@ -4840,7 +4912,7 @@ spec: type: object type: array hetznerSDConfigs: - description: HetznerSDConfigs defines a list of Hetzner service discovery + description: hetznerSDConfigs defines a list of Hetzner service discovery configurations. items: description: |- @@ -4850,12 +4922,12 @@ spec: properties: authorization: description: |- - Authorization header configuration, required when role is hcloud. - Role robot does not support bearer token authentication. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4880,7 +4952,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4888,13 +4960,12 @@ spec: type: string type: object basicAuth: - description: |- - BasicAuth information to use on every scrape request, required when role is robot. - Role hcloud does not support basic auth. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4920,7 +4991,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4946,39 +5017,38 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean labelSelector: description: |- - Label selector used to filter the servers when fetching them from the API. + labelSelector defines the label selector used to filter the servers when fetching them from the API. It requires Prometheus >= v3.5.0. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be used at the same time as `basic_auth` or `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5001,7 +5071,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5027,7 +5098,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5055,12 +5126,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5094,7 +5165,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5102,33 +5173,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5151,8 +5221,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5177,12 +5247,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5205,8 +5275,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5231,11 +5301,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5260,7 +5331,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5271,7 +5342,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5281,12 +5352,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5295,7 +5367,11 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must + format: int32 + maximum: 65535 + minimum: 0 type: integer proxyConnectHeader: additionalProperties: @@ -5325,7 +5401,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5333,20 +5409,23 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time after which the servers are refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: The Hetzner role of entities that should be discovered. + description: role defines the Hetzner role of entities that + should be discovered. enum: - hcloud - Hcloud @@ -5354,15 +5433,16 @@ spec: - Robot type: string tlsConfig: - description: TLS configuration to use on every scrape request. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5385,7 +5465,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5410,11 +5491,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5437,7 +5519,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5462,11 +5545,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5491,7 +5575,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5502,7 +5586,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5512,7 +5596,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -5520,15 +5605,17 @@ spec: type: object type: array honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. + description: |- + honorLabels defines when true the metric's labels when they collide + with the target's labels. type: boolean honorTimestamps: - description: HonorTimestamps controls whether Prometheus respects - the timestamps present in scraped data. + description: |- + honorTimestamps defines whether Prometheus preserves the timestamps + when exposed by the target. type: boolean httpSDConfigs: - description: HTTPSDConfigs defines a list of HTTP service discovery + description: httpSDConfigs defines a list of HTTP service discovery configurations. items: description: |- @@ -5537,12 +5624,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the target HTTP endpoint. + authorization defines the authorization header configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `oAuth2`, or `basicAuth`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -5567,7 +5654,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5576,13 +5663,13 @@ spec: type: object basicAuth: description: |- - BasicAuth information to authenticate against the target HTTP endpoint. + basicAuth defines information to use on every scrape request. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oAuth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5608,7 +5695,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5634,15 +5721,15 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5650,17 +5737,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5683,7 +5770,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5709,7 +5797,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5737,12 +5825,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5776,7 +5864,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5784,33 +5872,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5833,8 +5920,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5859,12 +5946,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5887,8 +5974,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5913,11 +6000,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5942,7 +6030,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5953,7 +6041,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5963,12 +6051,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6004,7 +6093,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6012,30 +6101,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - RefreshInterval configures the refresh interval at which Prometheus will re-query the - endpoint to update the target list. + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6058,7 +6148,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6083,11 +6174,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6110,7 +6202,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6135,11 +6228,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6164,7 +6258,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6175,7 +6269,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6185,11 +6279,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: URL from which the targets are fetched. + description: url defines the URL from which the targets are + fetched. minLength: 1 pattern: ^http(s)?://.+$ type: string @@ -6198,7 +6294,7 @@ spec: type: object type: array ionosSDConfigs: - description: IonosSDConfigs defines a list of IONOS service discovery + description: ionosSDConfigs defines a list of IONOS service discovery configurations. items: description: |- @@ -6206,12 +6302,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ionos_sd_config properties: authorization: - description: Authorization` header configuration, required when - using IONOS. + description: |- + authorization defines the header configuration to authenticate against the IONOS. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6236,7 +6333,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6244,35 +6341,37 @@ spec: type: string type: object datacenterID: - description: The unique ID of the IONOS data center. + description: datacenterID defines the unique ID of the IONOS + data center. minLength: 1 type: string enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: Configure whether to enable OAuth2. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6295,7 +6394,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6321,7 +6421,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6349,12 +6449,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6388,7 +6488,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6396,33 +6496,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6445,8 +6544,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6471,12 +6570,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6499,8 +6598,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6525,11 +6624,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6554,7 +6654,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6565,7 +6665,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6575,12 +6675,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6589,7 +6690,8 @@ spec: - tokenUrl type: object port: - description: Port to scrape the metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -6622,7 +6724,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6630,29 +6732,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of resources. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration to use when connecting to the - IONOS API. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6675,7 +6779,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6700,11 +6805,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6727,7 +6833,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6752,11 +6859,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6781,7 +6889,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6792,7 +6900,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6802,7 +6910,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -6812,7 +6921,7 @@ spec: type: array jobName: description: |- - The value of the `job` label assigned to the scraped metrics by default. + jobName defines the value of the `job` label assigned to the scraped metrics by default. The `job_name` field in the rendered scrape configuration is always controlled by the operator to prevent duplicate job names, which Prometheus does not allow. Instead the @@ -6821,14 +6930,14 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. format: int64 type: integer kubernetesSDConfigs: - description: KubernetesSDConfigs defines a list of Kubernetes service + description: kubernetesSDConfigs defines a list of Kubernetes service discovery configurations. items: description: |- @@ -6837,7 +6946,7 @@ spec: properties: apiServer: description: |- - The API server address consisting of a hostname or IP address followed + apiServer defines the API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's @@ -6846,13 +6955,13 @@ spec: type: string attachMetadata: description: |- - Optional metadata to attach to discovered targets. + attachMetadata defines the metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 when using the `Pod` role and Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles. properties: node: description: |- - Attaches node metadata to discovered targets. + node attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles. @@ -6860,12 +6969,12 @@ spec: type: object authorization: description: |- - Authorization header to use on every scrape request. + authorization defines the authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6890,7 +6999,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6899,12 +7008,12 @@ spec: type: object basicAuth: description: |- - BasicAuth information to use on every scrape request. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6930,7 +7039,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6956,32 +7065,32 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespaces: - description: Optional namespace discovery. If omitted, Prometheus - discovers targets across all namespaces. + description: namespaces defines the namespace discovery. If + omitted, Prometheus discovers targets across all namespaces. properties: names: description: |- - List of namespaces where to watch for resources. + names defines a list of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces. items: type: string type: array x-kubernetes-list-type: set ownNamespace: - description: Includes the namespace in which the Prometheus - pod runs to the list of watched namespaces. + description: ownNamespace includes the namespace in which + the Prometheus pod runs to the list of watched namespaces. type: boolean type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6989,17 +7098,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7022,7 +7131,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7048,7 +7158,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7076,12 +7186,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7115,7 +7225,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7123,33 +7233,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7172,8 +7281,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7198,12 +7307,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7226,8 +7335,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7252,11 +7361,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7281,7 +7391,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7292,7 +7402,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7302,12 +7412,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -7343,7 +7454,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7351,17 +7462,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string role: description: |- - Role of the Kubernetes entities that should be discovered. + role defines the Kubernetes role of the entities that should be discovered. Role `Endpointslice` requires Prometheus >= v2.21.0 enum: - Pod @@ -7373,26 +7484,26 @@ spec: type: string selectors: description: |- - Selector to select objects. + selectors defines the selector to select objects. It requires Prometheus >= v2.17.0 items: description: K8SSelectorConfig is Kubernetes Selector Config properties: field: description: |- - An optional field selector to limit the service discovery to resources which have fields with specific values. + field defines an optional field selector to limit the service discovery to resources which have fields with specific values. e.g: `metadata.name=foobar` minLength: 1 type: string label: description: |- - An optional label selector to limit the service discovery to resources with specific labels and label values. + label defines an optional label selector to limit the service discovery to resources with specific labels and label values. e.g: `node.kubernetes.io/instance-type=master` minLength: 1 type: string role: description: |- - Role specifies the type of Kubernetes resource to limit the service discovery to. + role defines the type of Kubernetes resource to limit the service discovery to. Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress. enum: - Pod @@ -7410,16 +7521,16 @@ spec: - role x-kubernetes-list-type: map tlsConfig: - description: TLS configuration to connect to the Kubernetes - API. + description: tlsConfig defines the TLS configuration to connect + to the Kubernetes API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7442,7 +7553,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7467,11 +7579,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7494,7 +7607,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7519,11 +7633,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7548,7 +7663,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7559,7 +7674,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7569,7 +7684,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -7577,7 +7693,7 @@ spec: type: object type: array kumaSDConfigs: - description: KumaSDConfigs defines a list of Kuma service discovery + description: kumaSDConfigs defines a list of Kuma service discovery configurations. items: description: |- @@ -7585,11 +7701,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config properties: authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -7614,7 +7732,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7622,11 +7740,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7652,7 +7771,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7678,42 +7797,43 @@ spec: x-kubernetes-map-type: atomic type: object clientID: - description: Client id is used by Kuma Control Plane to compute - Monitoring Assignment for specific Prometheus backend. + description: |- + clientID is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend. + It requires Prometheus >= v2.50.0. + minLength: 1 type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean fetchTimeout: - description: The time after which the monitoring assignments - are refreshed. + description: fetchTimeout defines the time after which the monitoring + assignments are refreshed. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`, or `basicAuth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7736,7 +7856,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7762,7 +7883,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7790,12 +7911,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7829,7 +7950,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7837,33 +7958,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7886,8 +8006,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7912,12 +8032,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7940,8 +8060,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7966,11 +8086,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7995,7 +8116,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8006,7 +8127,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8016,12 +8137,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -8057,7 +8179,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8065,32 +8187,36 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time to wait between polling update requests. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string server: - description: Address of the Kuma Control Plane's MADS xDS server. - minLength: 1 + description: server defines the address of the Kuma Control + Plane's MADS xDS server. + pattern: ^https?://.+$ type: string tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8113,7 +8239,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8138,11 +8265,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8165,7 +8293,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8190,11 +8319,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8219,7 +8349,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8230,7 +8360,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8240,7 +8370,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8249,24 +8380,24 @@ spec: type: array labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer lightSailSDConfigs: - description: LightsailSDConfigs defines a list of Lightsail service + description: lightSailSDConfigs defines a list of Lightsail service discovery configurations. items: description: |- @@ -8274,7 +8405,7 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#lightsail_sd_config properties: accessKey: - description: AccessKey is the AWS API key. + description: accessKey defines the AWS API key. properties: key: description: The key of the secret to select from. Must @@ -8299,12 +8430,12 @@ spec: x-kubernetes-map-type: atomic authorization: description: |- - Optional `authorization` HTTP header configuration. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -8329,7 +8460,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8338,12 +8469,12 @@ spec: type: object basicAuth: description: |- - Optional HTTP basic authentication information. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -8369,7 +8500,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -8395,19 +8526,19 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean endpoint: - description: Custom endpoint to be used. + description: endpoint defines the custom endpoint to be used. minLength: 1 type: string followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8415,17 +8546,17 @@ spec: type: string oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8448,7 +8579,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8474,7 +8606,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8502,12 +8634,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8541,7 +8673,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8549,33 +8681,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8598,8 +8729,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -8624,12 +8755,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8652,8 +8783,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -8678,11 +8809,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8707,7 +8839,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8718,7 +8850,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8728,12 +8860,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -8742,9 +8875,8 @@ spec: - tokenUrl type: object port: - description: |- - Port to scrape the metrics from. - If using the public IP address, this must instead be specified in the relabeling rule. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -8777,7 +8909,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8785,27 +8917,30 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of instances. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The AWS region. + description: region defines the AWS region. minLength: 1 type: string roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. + description: roleARN defines the AWS Role ARN, an alternative + to using AWS API keys. type: string secretKey: - description: SecretKey is the AWS API secret. + description: secretKey defines the AWS API secret. properties: key: description: The key of the secret to select from. Must @@ -8829,15 +8964,16 @@ spec: type: object x-kubernetes-map-type: atomic tlsConfig: - description: TLS configuration to connect to the Puppet DB. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8860,7 +8996,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8885,11 +9022,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8912,7 +9050,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8937,11 +9076,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8966,7 +9106,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8977,7 +9117,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8987,13 +9127,14 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array linodeSDConfigs: - description: LinodeSDConfigs defines a list of Linode service discovery + description: linodeSDConfigs defines a list of Linode service discovery configurations. items: description: |- @@ -9001,11 +9142,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#linode_sd_config properties: authorization: - description: Authorization header configuration. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -9030,7 +9173,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9038,15 +9181,15 @@ spec: type: string type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9054,17 +9197,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. - Cannot be used at the same time as `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9087,7 +9230,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9113,7 +9257,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9141,12 +9285,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9180,7 +9324,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9188,33 +9332,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9237,8 +9380,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -9263,12 +9406,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9291,8 +9434,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -9317,11 +9460,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -9346,7 +9490,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9357,7 +9501,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9367,12 +9511,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -9381,7 +9526,8 @@ spec: - tokenUrl type: object port: - description: Default port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -9414,7 +9560,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9422,37 +9568,40 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Time after which the linode instances are refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: Optional region to filter on. + description: region defines the region to filter on. minLength: 1 type: string tagSeparator: - description: The string by which Linode Instance tags are joined - into the tag label. + description: tagSeparator defines the string by which Linode + Instance tags are joined into the tag label.el. minLength: 1 type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9475,7 +9624,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9500,11 +9650,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9527,7 +9678,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9552,11 +9704,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -9581,7 +9734,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9592,7 +9745,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9602,13 +9755,15 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. + description: metricRelabelings defines the metricRelabelings to apply + to samples before ingestion. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -9619,7 +9774,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -9651,40 +9806,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -9695,13 +9851,13 @@ spec: minItems: 1 type: array metricsPath: - description: MetricsPath HTTP path to scrape for metrics. If empty, - Prometheus uses the default value (e.g. /metrics). + description: metricsPath defines the HTTP path to scrape for metrics. + If empty, Prometheus uses the default value (e.g. /metrics). minLength: 1 type: string nameEscapingScheme: description: |- - Metric name escaping mode to request through content negotiation. + nameEscapingScheme defines the metric name escaping mode to request through content negotiation. It requires Prometheus >= v3.4.0. enum: @@ -9712,7 +9868,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v3.0.0. enum: @@ -9721,7 +9877,7 @@ spec: type: string nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -9731,21 +9887,21 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string nomadSDConfigs: - description: NomadSDConfigs defines a list of Nomad service discovery + description: nomadSDConfigs defines a list of Nomad service discovery configurations. items: description: |- @@ -9754,15 +9910,17 @@ spec: properties: allowStale: description: |- - The information to access the Nomad API. It is to be defined + allowStale defines the information to access the Nomad API. It is to be defined as the Nomad documentation requires. type: boolean authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -9787,7 +9945,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9795,11 +9953,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -9825,7 +9984,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -9851,35 +10010,37 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespace: + description: |- + namespace defines the Nomad namespace to query for service discovery. + When specified, only resources within this namespace will be discovered. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization` or `basic_auth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9902,7 +10063,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9928,7 +10090,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9956,12 +10118,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9995,7 +10157,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10003,33 +10165,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10052,8 +10213,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -10078,12 +10239,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10106,8 +10267,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -10132,11 +10293,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10161,7 +10323,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10172,7 +10334,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10182,12 +10344,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -10223,7 +10386,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10231,38 +10394,47 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function. - Supported units: y, w, d, h, m, s, ms - Examples: `30s`, `1m`, `1h20m15s`, `15d` + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: + description: |- + region defines the Nomad region to query for service discovery. + When specified, only resources within this region will be discovered. type: string server: + description: |- + server defines the Nomad server address to connect to for service discovery. + This should be the full URL including protocol (e.g., "https://nomad.example.com:4646/"). minLength: 1 type: string tagSeparator: + description: |- + tagSeparator defines the separator used to join multiple tags. + This determines how Nomad service tags are concatenated into Prometheus labels. type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10285,7 +10457,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10310,11 +10483,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10337,7 +10511,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10362,11 +10537,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10391,7 +10567,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10402,7 +10578,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10412,7 +10588,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -10420,15 +10597,17 @@ spec: type: object type: array oauth2: - description: OAuth2 configuration to use on every scrape request. + description: oauth2 defines the configuration to use on every scrape + request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -10451,7 +10630,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10477,7 +10657,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -10505,12 +10685,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -10544,7 +10724,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10552,32 +10732,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for the - token request.' + description: scopes defines the OAuth2 scopes used for the token + request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10600,7 +10780,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10625,11 +10806,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10652,7 +10834,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10677,11 +10860,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10706,7 +10890,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10717,7 +10901,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10727,12 +10911,12 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the token - from.' + description: tokenUrl defines the URL to fetch the token from. minLength: 1 type: string required: @@ -10741,7 +10925,7 @@ spec: - tokenUrl type: object openstackSDConfigs: - description: OpenStackSDConfigs defines a list of OpenStack service + description: openstackSDConfigs defines a list of OpenStack service discovery configurations. items: description: |- @@ -10750,15 +10934,15 @@ spec: properties: allTenants: description: |- - Whether the service discovery should list all instances for all projects. + allTenants defines whether the service discovery should list all instances for all projects. It is only relevant for the 'instance' role and usually requires admin permissions. type: boolean applicationCredentialId: - description: ApplicationCredentialID + description: applicationCredentialId defines the OpenStack applicationCredentialId. type: string applicationCredentialName: description: |- - The ApplicationCredentialID or ApplicationCredentialName fields are + applicationCredentialName defines the ApplicationCredentialID or ApplicationCredentialName fields are required if using an application credential to authenticate. Some providers allow you to create an application credential to authenticate rather than a password. @@ -10766,7 +10950,7 @@ spec: type: string applicationCredentialSecret: description: |- - The applicationCredentialSecret field is required if using an application + applicationCredentialSecret defines the required field if using an application credential to authenticate. properties: key: @@ -10791,7 +10975,8 @@ spec: type: object x-kubernetes-map-type: atomic availability: - description: Availability of the endpoint to connect to. + description: availability defines the availability of the endpoint + to connect to. enum: - Public - public @@ -10801,24 +10986,24 @@ spec: - internal type: string domainID: - description: DomainID + description: domainID defines The OpenStack domainID. minLength: 1 type: string domainName: description: |- - At most one of domainId and domainName must be provided if using username + domainName defines at most one of domainId and domainName that must be provided if using username with Identity V3. Otherwise, either are optional. minLength: 1 type: string identityEndpoint: description: |- - IdentityEndpoint specifies the HTTP endpoint that is required to work with + identityEndpoint defines the HTTP endpoint that is required to work with the Identity API of the appropriate version. pattern: ^http(s)?:\/\/.+$ type: string password: description: |- - Password for the Identity V2 and V3 APIs. Consult with your provider's + password defines the password for the Identity V2 and V3 APIs. Consult with your provider's control panel to discover your account's preferred method of authentication. properties: key: @@ -10844,35 +11029,37 @@ spec: x-kubernetes-map-type: atomic port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 minimum: 0 type: integer projectID: - description: ' ProjectID' + description: projectID defines the OpenStack projectID. minLength: 1 type: string projectName: description: |- - The ProjectId and ProjectName fields are optional for the Identity V2 API. + projectName defines an optional field for the Identity V2 API. Some providers allow you to specify a ProjectName instead of the ProjectId. Some require both. Your provider's authentication policies will determine how these fields influence authentication. minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The OpenStack Region. + description: region defines the OpenStack Region. minLength: 1 type: string role: description: |- - The OpenStack role of entities that should be discovered. + role defines the OpenStack role of entities that should be discovered. Note: The `LoadBalancer` role requires Prometheus >= v3.2.0. enum: @@ -10881,15 +11068,16 @@ spec: - LoadBalancer type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10912,7 +11100,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10937,11 +11126,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10964,7 +11154,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10989,11 +11180,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11018,7 +11210,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11029,7 +11221,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11039,16 +11231,17 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object userid: - description: UserID + description: userid defines the OpenStack userid. minLength: 1 type: string username: description: |- - Username is required if using Identity V2 API. Consult with your provider's + username defines the username required if using Identity V2 API. Consult with your provider's control panel to discover your account's username. In Identity V3, either userid or a combination of username and domainId or domainName are needed @@ -11060,7 +11253,7 @@ spec: type: object type: array ovhcloudSDConfigs: - description: OVHCloudSDConfigs defines a list of OVHcloud service + description: ovhcloudSDConfigs defines a list of OVHcloud service discovery configurations. items: description: |- @@ -11068,11 +11261,15 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ovhcloud_sd_config properties: applicationKey: - description: Access key to use. https://api.ovh.com. + description: |- + applicationKey defines the access key to use for OVHCloud API authentication. + This is obtained from the OVHCloud API credentials at https://api.ovh.com. minLength: 1 type: string applicationSecret: - description: SecretKeySelector selects a key of a Secret. + description: |- + applicationSecret defines the secret key for OVHCloud API authentication. + This contains the application secret obtained during OVHCloud API credential creation. properties: key: description: The key of the secret to select from. Must @@ -11096,7 +11293,9 @@ spec: type: object x-kubernetes-map-type: atomic consumerKey: - description: SecretKeySelector selects a key of a Secret. + description: |- + consumerKey defines the consumer key for OVHCloud API authentication. + This is the third component of OVHCloud's three-key authentication system. properties: key: description: The key of the secret to select from. Must @@ -11120,23 +11319,24 @@ spec: type: object x-kubernetes-map-type: atomic endpoint: - description: Custom endpoint to be used. + description: |- + endpoint defines a custom API endpoint to be used. + When not specified, defaults to the standard OVHCloud API endpoint for the region. minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the resources list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string service: - allOf: - - enum: - - VPS - - DedicatedServer - - enum: - - VPS - - DedicatedServer - description: Service of the targets to retrieve. Must be `VPS` - or `DedicatedServer`. + description: |- + service defines the service type of the targets to retrieve. + Must be either `VPS` or `DedicatedServer` to specify which OVHCloud resources to discover. + enum: + - VPS + - DedicatedServer type: string required: - applicationKey @@ -11150,7 +11350,7 @@ spec: items: type: string type: array - description: Optional HTTP URL parameters + description: params defines optional HTTP URL parameters type: object x-kubernetes-map-type: atomic proxyConnectHeader: @@ -11181,7 +11381,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11189,16 +11389,16 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string puppetDBSDConfigs: - description: PuppetDBSDConfigs defines a list of PuppetDB service + description: puppetDBSDConfigs defines a list of PuppetDB service discovery configurations. items: description: |- @@ -11207,12 +11407,12 @@ spec: properties: authorization: description: |- - Optional `authorization` HTTP header configuration. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -11237,7 +11437,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -11246,12 +11446,12 @@ spec: type: object basicAuth: description: |- - Optional HTTP basic authentication information. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -11277,7 +11477,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -11303,21 +11503,21 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean includeParameters: description: |- - Whether to include the parameters as meta labels. + includeParameters defines whether to include the parameters as meta labels. Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure that you don't have secrets exposed as parameters if you enable this. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11325,17 +11525,17 @@ spec: type: string oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11358,7 +11558,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11384,7 +11585,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -11412,12 +11613,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11451,7 +11652,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11459,33 +11660,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11508,8 +11708,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -11534,12 +11734,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11562,8 +11762,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -11588,11 +11788,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11617,7 +11818,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11628,7 +11829,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11638,12 +11839,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -11652,7 +11854,8 @@ spec: - tokenUrl type: object port: - description: Port to scrape the metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -11685,7 +11888,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11693,34 +11896,37 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string query: description: |- - Puppet Query Language (PQL) query. Only resources are supported. + query defines the Puppet Query Language (PQL) query. Only resources are supported. https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the list of resources. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration to connect to the Puppet DB. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11743,7 +11949,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11768,11 +11975,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11795,7 +12003,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11820,11 +12029,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11849,7 +12059,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11860,7 +12070,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11870,11 +12080,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the PuppetDB root query endpoint. + description: url defines the URL of the PuppetDB root query + endpoint. minLength: 1 pattern: ^http(s)?://.+$ type: string @@ -11885,7 +12097,7 @@ spec: type: array relabelings: description: |- - RelabelConfigs defines how to rewrite the target's labels before scraping. + relabelings defines how to rewrite the target's labels before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config @@ -11899,7 +12111,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -11931,40 +12143,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -11975,12 +12188,12 @@ spec: minItems: 1 type: array sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped + description: sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. format: int64 type: integer scalewaySDConfigs: - description: ScalewaySDConfigs defines a list of Scaleway instances + description: scalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations. items: description: |- @@ -11988,41 +12201,43 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config properties: accessKey: - description: Access key to use. https://console.scaleway.com/project/credentials + description: accessKey defines the access key to use. https://console.scaleway.com/project/credentials minLength: 1 type: string apiURL: - description: API URL to use when doing the server listing requests. + description: apiURL defines the API URL to use when doing the + server listing requests. pattern: ^http(s)?://.+$ type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean nameFilter: - description: NameFilter specify a name filter (works as a LIKE) + description: nameFilter defines a name filter (works as a LIKE) to apply on the server listing request. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 type: integer projectID: - description: Project ID of the targets. + description: projectID defines the Project ID of the targets. minLength: 1 type: string proxyConnectHeader: @@ -12053,7 +12268,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -12061,27 +12276,30 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of instances. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: Service of the targets to retrieve. Must be `Instance` - or `Baremetal`. + description: role defines the service of the targets to retrieve. + Must be `Instance` or `Baremetal`. enum: - Instance - Baremetal type: string secretKey: - description: Secret key to use when listing targets. + description: secretKey defines the secret key to use when listing + targets. properties: key: description: The key of the secret to select from. Must @@ -12105,7 +12323,7 @@ spec: type: object x-kubernetes-map-type: atomic tagsFilter: - description: TagsFilter specify a tag filter (a server needs + description: tagsFilter defines a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request. items: @@ -12115,15 +12333,16 @@ spec: type: array x-kubernetes-list-type: set tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12146,7 +12365,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12171,11 +12391,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12198,7 +12419,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12223,11 +12445,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -12252,7 +12475,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -12263,7 +12486,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -12273,12 +12496,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object zone: - description: Zone is the availability zone of your targets (e.g. - fr-par-1). + description: zone defines the availability zone of your targets + (e.g. fr-par-1). minLength: 1 type: string required: @@ -12290,30 +12514,31 @@ spec: type: array scheme: description: |- - Configures the protocol scheme used for requests. + scheme defines the protocol scheme used for requests. If empty, Prometheus uses HTTP by default. enum: - HTTP - HTTPS type: string scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeInterval: - description: ScrapeInterval is the interval between consecutive scrapes. + description: scrapeInterval defines the interval between consecutive + scrapes. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -12340,12 +12565,12 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - ScrapeTimeout is the number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string staticConfigs: - description: StaticConfigs defines a list of static targets with a + description: staticConfigs defines a list of static targets with a common label set. items: description: |- @@ -12355,12 +12580,13 @@ spec: labels: additionalProperties: type: string - description: Labels assigned to all metrics scraped from the - targets. + description: labels defines labels assigned to all metrics scraped + from the targets. type: object x-kubernetes-map-type: atomic targets: - description: List of targets for this static configuration. + description: targets defines the list of targets for this static + configuration. items: description: |- Target represents a target for Prometheus to scrape @@ -12374,19 +12600,21 @@ spec: type: object type: array targetLimit: - description: TargetLimit defines a limit on the number of scraped + description: targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to use on every + scrape request properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -12409,7 +12637,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12434,10 +12663,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -12460,7 +12691,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12485,10 +12717,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -12513,7 +12747,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -12524,7 +12758,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -12534,19 +12768,125 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object trackTimestampsStaleness: description: |- - TrackTimestampsStaleness whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. It requires Prometheus >= v2.48.0. type: boolean type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the ScrapeConfig. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml index ea3858da208b..3df958588134 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-servicemonitors.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: servicemonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -52,19 +52,19 @@ spec: type: object spec: description: |- - Specification of desired Service selection for target discovery by + spec defines the specification of desired Service selection for target discovery by Prometheus. properties: attachMetadata: description: |- - `attachMetadata` defines additional metadata which is added to the + attachMetadata defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.37.0. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -73,7 +73,7 @@ spec: type: object bodySizeLimit: description: |- - When defined, bodySizeLimit specifies a job level limit on the size + bodySizeLimit when defined, bodySizeLimit specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. @@ -81,12 +81,12 @@ spec: type: string convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean endpoints: description: |- - List of endpoints part of this ServiceMonitor. + endpoints defines the list of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. items: @@ -96,14 +96,14 @@ spec: properties: authorization: description: |- - `authorization` configures the Authorization header credentials to use when + authorization configures the Authorization header credentials to use when scraping the target. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -128,7 +128,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -137,14 +137,14 @@ spec: type: object basicAuth: description: |- - `basicAuth` configures the Basic Authentication credentials to use when + basicAuth defines the Basic Authentication credentials to use when scraping the target. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -170,7 +170,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -197,13 +197,13 @@ spec: type: object bearerTokenFile: description: |- - File to read bearer token for scraping the target. + bearerTokenFile defines the file to read bearer token for scraping the target. Deprecated: use `authorization` instead. type: string bearerTokenSecret: description: |- - `bearerTokenSecret` specifies a key of a Secret containing the bearer + bearerTokenSecret defines a key of a Secret containing the bearer token for scraping targets. The secret needs to be in the same namespace as the ServiceMonitor object and readable by the Prometheus Operator. @@ -231,12 +231,12 @@ spec: type: object x-kubernetes-map-type: atomic enableHttp2: - description: '`enableHttp2` can be used to disable HTTP2 when - scraping the target.' + description: enableHttp2 can be used to disable HTTP2 when scraping + the target. type: boolean filterRunning: description: |- - When true, the pods which are not running (e.g. either in Failed or + filterRunning when true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. @@ -245,29 +245,29 @@ spec: type: boolean followRedirects: description: |- - `followRedirects` defines whether the scrape requests should follow HTTP + followRedirects defines whether the scrape requests should follow HTTP 3xx redirects. type: boolean honorLabels: description: |- - When true, `honorLabels` preserves the metric's labels when they collide + honorLabels defines when true the metric's labels when they collide with the target's labels. type: boolean honorTimestamps: description: |- - `honorTimestamps` controls whether Prometheus preserves the timestamps + honorTimestamps defines whether Prometheus preserves the timestamps when exposed by the target. type: boolean interval: description: |- - Interval at which Prometheus scrapes the metrics from the target. + interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string metricRelabelings: description: |- - `metricRelabelings` configures the relabeling rules to apply to the + metricRelabelings defines the relabeling rules to apply to the samples before ingestion. items: description: |- @@ -279,7 +279,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -311,41 +311,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -356,7 +356,7 @@ spec: type: array noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -364,7 +364,7 @@ spec: type: string oauth2: description: |- - `oauth2` configures the OAuth2 settings to use when scraping the target. + oauth2 defines the OAuth2 settings to use when scraping the target. It requires Prometheus >= 2.27.0. @@ -372,12 +372,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -400,7 +400,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -426,7 +427,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -454,12 +455,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -493,7 +494,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -501,33 +502,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -550,8 +550,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -576,12 +576,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -604,8 +604,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -630,11 +630,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -659,7 +660,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -670,7 +671,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -680,12 +681,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -702,13 +704,13 @@ spec: type: object path: description: |- - HTTP path from which to scrape for metrics. + path defines the HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). type: string port: description: |- - Name of the Service port which this endpoint refers to. + port defines the name of the Service port which this endpoint refers to. It takes precedence over `targetPort`. type: string @@ -740,7 +742,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -748,17 +750,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: description: |- - `relabelings` configures the relabeling rules to apply the target's + relabelings defines the relabeling rules to apply the target's metadata labels. The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -776,7 +778,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -808,41 +810,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -853,7 +855,7 @@ spec: type: array scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. @@ -865,7 +867,7 @@ spec: type: string scrapeTimeout: description: |- - Timeout after which Prometheus considers the scrape to be failed. + scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. @@ -877,19 +879,20 @@ spec: - type: integer - type: string description: |- - Name or number of the target port of the `Pod` object behind the + targetPort defines the name or number of the target port of the `Pod` object behind the Service. The port must be specified with the container's port property. x-kubernetes-int-or-string: true tlsConfig: - description: TLS configuration to use when scraping the target. + description: tlsConfig defines the TLS configuration to use + when scraping the target. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -912,7 +915,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -937,15 +941,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -968,7 +973,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -993,19 +999,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1030,7 +1037,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1041,7 +1048,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1051,12 +1058,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object trackTimestampsStaleness: description: |- - `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. @@ -1066,7 +1074,7 @@ spec: type: array fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -1078,7 +1086,7 @@ spec: type: string jobLabel: description: |- - `jobLabel` selects the label from the associated Kubernetes `Service` + jobLabel selects the label from the associated Kubernetes `Service` object which will be used as the `job` label for all metrics. For example if `jobLabel` is set to `foo` and the Kubernetes `Service` @@ -1091,7 +1099,7 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -1099,44 +1107,45 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer namespaceSelector: description: |- - `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. + namespaceSelector defines in which namespace(s) Prometheus should discover the services. By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace names to + select from. items: type: string type: array type: object nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -1146,38 +1155,38 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true podTargetLabels: description: |- - `podTargetLabels` defines the labels which are transferred from the + podTargetLabels defines the labels which are transferred from the associated Kubernetes `Pod` object onto the ingested metrics. items: type: string type: array sampleLimit: description: |- - `sampleLimit` defines a per-scrape limit on the number of scraped samples + sampleLimit defines a per-scrape limit on the number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -1202,8 +1211,8 @@ spec: type: array x-kubernetes-list-type: set selector: - description: Label selector to select the Kubernetes `Endpoints` objects - to scrape metrics from. + description: selector defines the label selector to select the Kubernetes + `Endpoints` objects to scrape metrics from. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1250,7 +1259,7 @@ spec: x-kubernetes-map-type: atomic selectorMechanism: description: |- - Mechanism used to select the endpoints to scrape. + selectorMechanism defines the mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. @@ -1260,16 +1269,27 @@ spec: - RelabelConfig - RoleSelector type: string + serviceDiscoveryRole: + description: |- + serviceDiscoveryRole defines the service discovery role used to discover targets. + + If set, the value should be either "Endpoints" or "EndpointSlice". + Otherwise it defaults to the value defined in the + Prometheus/PrometheusAgent resource. + enum: + - Endpoints + - EndpointSlice + type: string targetLabels: description: |- - `targetLabels` defines the labels which are transferred from the + targetLabels defines the labels which are transferred from the associated Kubernetes `Service` object onto the ingested metrics. items: type: string type: array targetLimit: description: |- - `targetLimit` defines a limit on the number of scraped targets that will + targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer @@ -1279,7 +1299,7 @@ spec: type: object status: description: |- - This Status subresource is under active development and is updated only when the + status defines the status subresource. It is under active development and is updated only when the "StatusForConfigurationResources" feature gate is enabled. Most recent observed status of the ServiceMonitor. Read-only. @@ -1287,47 +1307,48 @@ spec: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bindings: - description: The list of workload resources (Prometheus or PrometheusAgent) - which select the configuration resource. + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. items: description: WorkloadBinding is a link between a configuration resource and a workload resource. properties: conditions: - description: The current state of the configuration resource - when bound to the referenced Prometheus object. + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. items: description: ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, - Alertmanager, or ThanosRuler. + Alertmanager or ThanosRuler. properties: lastTransitionTime: - description: LastTransitionTime is the time of the last - update to the current status property. + description: lastTransitionTime defines the time of the + last update to the current status property. format: date-time type: string message: - description: Human-readable message indicating details - for the condition's last transition. + description: message defines the human-readable message + indicating details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the object. format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: description: |- - Type of the condition being reported. + type of the condition being reported. Currently, only "Accepted" is supported. enum: - Accepted @@ -1343,24 +1364,27 @@ spec: - type x-kubernetes-list-type: map group: - description: The group of the referenced resource. + description: group defines the group of the referenced resource. enum: - monitoring.coreos.com type: string name: - description: The name of the referenced object. + description: name defines the name of the referenced object. minLength: 1 type: string namespace: - description: The namespace of the referenced object. + description: namespace defines the namespace of the referenced + object. minLength: 1 type: string resource: - description: The type of resource being referenced (e.g. Prometheus - or PrometheusAgent). + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). enum: - prometheuses - prometheusagents + - thanosrulers + - alertmanagers type: string required: - group @@ -1369,6 +1393,12 @@ spec: - resource type: object type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map type: object required: - spec diff --git a/charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml b/charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml index 6c73d9c4f5eb..03aa82ba70a0 100644 --- a/charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml +++ b/charts/kube-prometheus-stack/charts/crds/crds/crd-thanosrulers.yaml @@ -1,11 +1,11 @@ -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: thanosrulers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -76,12 +76,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the ThanosRuler cluster. More info: + spec defines the specification of the desired behavior of the ThanosRuler cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the ThanosRuler container. + additionalArgs defines how to add additional arguments for the ThanosRuler container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the ThanosRuler container which may cause issues if they are invalid or not supported @@ -93,19 +93,20 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array affinity: - description: If specified, the pod's scheduling constraints. + description: affinity defines when specified, the pod's scheduling + constraints. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -673,8 +674,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1018,7 +1019,7 @@ spec: type: object alertDropLabels: description: |- - Configures the label names which should be dropped in Thanos Ruler + alertDropLabels defines the label names which should be dropped in Thanos Ruler alerts. The replica label `thanos_ruler_replica` will always be dropped from the alerts. @@ -1027,13 +1028,13 @@ spec: type: array alertQueryUrl: description: |- - The external Query URL the Thanos Ruler will set in the 'Source' field + alertQueryUrl defines how Thanos Ruler will set in the 'Source' field of all alerts. Maps to the '--alert.query-url' CLI arg. type: string alertRelabelConfigFile: description: |- - Configures the path to the alert relabeling configuration file. + alertRelabelConfigFile defines the path to the alert relabeling configuration file. Alert relabel configuration must have the form as specified in the official Prometheus documentation: @@ -1045,7 +1046,7 @@ spec: type: string alertRelabelConfigs: description: |- - Configures alert relabeling in Thanos Ruler. + alertRelabelConfigs defines the alert relabeling in Thanos Ruler. Alert relabel configuration must have the form as specified in the official Prometheus documentation: @@ -1077,7 +1078,7 @@ spec: x-kubernetes-map-type: atomic alertmanagersConfig: description: |- - Configures the list of Alertmanager endpoints to send alerts to. + alertmanagersConfig defines the list of Alertmanager endpoints to send alerts to. The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. @@ -1109,7 +1110,7 @@ spec: x-kubernetes-map-type: atomic alertmanagersUrl: description: |- - Configures the list of Alertmanager endpoints to send alerts to. + alertmanagersUrl defines the list of Alertmanager endpoints to send alerts to. For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. @@ -1119,7 +1120,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator generated + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a @@ -1167,8 +1168,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -1226,6 +1228,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -1286,8 +1325,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -1314,8 +1353,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -1986,7 +2026,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -2040,10 +2080,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -2055,6 +2095,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -2554,11 +2647,12 @@ spec: type: object type: array dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines Defines the DNS configuration for the + pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -2567,7 +2661,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -2576,11 +2670,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -2591,7 +2685,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -2600,7 +2694,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -2609,7 +2703,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Thanos Ruler feature flags. By default, no features are enabled. + enableFeatures defines how to setup Thanos Ruler feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -2624,23 +2718,24 @@ spec: type: array x-kubernetes-list-type: set enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedNamespaceLabel: description: |- - EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + enforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created. type: string evaluationInterval: default: 15s - description: Interval between consecutive evaluations. + description: evaluationInterval defines the interval between consecutive + evaluations. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string excludedFromEnforcement: description: |- - List of references to PrometheusRule objects + excludedFromEnforcement defines the list of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true. items: @@ -2649,23 +2744,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -2680,23 +2775,24 @@ spec: type: array externalPrefix: description: |- - The external URL the Thanos Ruler instances will be available under. This is + externalPrefix defines the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. type: string grpcServerTlsConfig: description: |- - GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads + grpcServerTlsConfig defines the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the '--grpc-server-tls-*' CLI args. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -2719,7 +2815,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2744,14 +2841,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container to - use for the targets. + description: caFile defines the path to the CA cert in the Prometheus + container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -2774,7 +2873,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2799,18 +2899,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus container - for the targets. + description: certFile defines the path to the client cert file + in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus container - for the targets. + description: keyFile defines the path to the client key file in + the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -2835,7 +2937,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2846,7 +2948,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2856,23 +2958,24 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object hostAliases: - description: Pods' hostAliases configuration + description: hostAliases defines pods' hostAliases configuration items: description: |- HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -2884,7 +2987,7 @@ spec: x-kubernetes-list-type: map hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -2892,11 +2995,11 @@ spec: Starting Kubernetes 1.33, the feature is enabled by default. type: boolean image: - description: Thanos container image URL. + description: image defines Thanos container image URL. type: string imagePullPolicy: description: |- - Image pull policy for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -2906,7 +3009,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to secrets in the same namespace + imagePullSecrets defines an optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -2928,7 +3031,7 @@ spec: type: array initContainers: description: |- - InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + initContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ @@ -2976,8 +3079,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -3035,6 +3139,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3095,8 +3236,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3123,8 +3264,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3795,7 +3937,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3849,10 +3991,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3864,6 +4006,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4366,25 +4561,25 @@ spec: additionalProperties: type: string description: |- - Configures the external label pairs of the ThanosRuler resource. + labels defines the external label pairs of the ThanosRuler resource. A default replica label `thanos_ruler_replica` will be always added as a label with the value of the pod's name. type: object listenLocal: description: |- - ListenLocal makes the Thanos ruler listen on loopback, so that it + listenLocal defines the Thanos ruler listen on loopback, so that it does not bind against the Pod IP. type: boolean logFormat: - description: Log format for ThanosRuler to be configured with. + description: logFormat for ThanosRuler to be configured with. enum: - "" - logfmt - json type: string logLevel: - description: Log level for ThanosRuler to be configured with. + description: logLevel for ThanosRuler to be configured with. enum: - "" - debug @@ -4394,7 +4589,7 @@ spec: type: string minReadySeconds: description: |- - Minimum number of seconds for which a newly created pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -4404,13 +4599,12 @@ spec: nodeSelector: additionalProperties: type: string - description: Define which Nodes the Pods are scheduled on. + description: nodeSelector defines which Nodes the Pods are scheduled + on. type: object objectStorageConfig: description: |- - Configures object storage. - - The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + objectStorageConfig defines the configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage The operator performs no validation of the configuration. @@ -4438,7 +4632,7 @@ spec: x-kubernetes-map-type: atomic objectStorageConfigFile: description: |- - Configures the path of the object storage configuration file. + objectStorageConfigFile defines the path of the object storage configuration file. The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage @@ -4448,12 +4642,12 @@ spec: type: string paused: description: |- - When a ThanosRuler deployment is paused, no actions except for deletion + paused defines when a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the ThanosRuler pods. + podMetadata defines labels and annotations which are propagated to the ThanosRuler pods. The following items are reserved and cannot be overridden: * "app.kubernetes.io/name" label, set to "thanos-ruler". @@ -4466,7 +4660,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -4475,14 +4669,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -4493,15 +4687,16 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName defines the port name used for the pods and governing service. Defaults to `web`. type: string priorityClassName: - description: Priority class assigned to the Pods + description: priorityClassName defines the priority class assigned + to the Pods type: string prometheusRulesExcludedFromEnforce: description: |- - PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing + prometheusRulesExcludedFromEnforce defines a list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead. @@ -4512,10 +4707,12 @@ spec: namespace label for alerts and metrics. properties: ruleName: - description: Name of the excluded PrometheusRule object. + description: ruleName defines the name of the excluded PrometheusRule + object. type: string ruleNamespace: - description: Namespace of the excluded PrometheusRule object. + description: ruleNamespace defines the namespace of the excluded + PrometheusRule object. type: string required: - ruleName @@ -4524,7 +4721,7 @@ spec: type: array queryConfig: description: |- - Configures the list of Thanos Query endpoints from which to query metrics. + queryConfig defines the list of Thanos Query endpoints from which to query metrics. The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api @@ -4556,7 +4753,7 @@ spec: x-kubernetes-map-type: atomic queryEndpoints: description: |- - Configures the list of Thanos Query endpoints from which to query metrics. + queryEndpoints defines the list of Thanos Query endpoints from which to query metrics. For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. @@ -4566,7 +4763,7 @@ spec: type: array remoteWrite: description: |- - Defines the list of remote write configurations. + remoteWrite defines the list of remote write configurations. When the list isn't empty, the ruler is configured with stateless mode. @@ -4578,15 +4775,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4610,12 +4807,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4624,15 +4821,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -4640,32 +4837,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -4689,9 +4887,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -4702,29 +4900,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4750,7 +4948,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4777,23 +4975,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -4801,14 +4998,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -4825,37 +5022,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4863,7 +5060,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -4871,12 +5068,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4899,7 +5096,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4925,7 +5123,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4953,12 +5151,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4992,7 +5190,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5000,33 +5198,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5049,8 +5246,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5075,12 +5272,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5103,8 +5300,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5129,11 +5326,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5158,7 +5356,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5169,7 +5367,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5179,12 +5377,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5220,7 +5419,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5228,89 +5427,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -5318,14 +5516,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -5333,7 +5531,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -5358,18 +5556,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -5393,17 +5593,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5426,7 +5631,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5451,15 +5657,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5482,7 +5689,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5507,19 +5715,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5544,7 +5753,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5555,7 +5764,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5565,15 +5774,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -5584,7 +5796,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -5616,41 +5828,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -5664,17 +5876,18 @@ spec: type: object type: array replicas: - description: Number of thanos ruler instances to deploy. + description: replicas defines the number of thanos ruler instances + to deploy. format: int32 type: integer resendDelay: - description: Minimum amount of time to wait before resending an alert - to Alertmanager. + description: resendDelay defines the minimum amount of time to wait + before resending an alert to Alertmanager. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resources: description: |- - Resources defines the resource requirements for single Pods. + resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set properties: claims: @@ -5682,7 +5895,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -5736,7 +5949,7 @@ spec: retention: default: 24h description: |- - Time duration ThanosRuler shall retain data for. Default is '24h', and + retention defines the time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years). @@ -5745,26 +5958,26 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string routePrefix: - description: The route prefix ThanosRuler registers HTTP handlers - for. This allows thanos UI to be served on a sub-path. + description: routePrefix defines the route prefix ThanosRuler registers + HTTP handlers for. This allows thanos UI to be served on a sub-path. type: string ruleConcurrentEval: description: |- - How many rules can be evaluated concurrently. + ruleConcurrentEval defines how many rules can be evaluated concurrently. It requires Thanos >= v0.37.0. format: int32 minimum: 1 type: integer ruleGracePeriod: description: |- - Minimum duration between alert and restored "for" state. + ruleGracePeriod defines the minimum duration between alert and restored "for" state. This is maintained only for alerts with configured "for" time greater than grace period. It requires Thanos >= v0.30.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleNamespaceSelector: description: |- - Namespaces to be selected for Rules discovery. If unspecified, only + ruleNamespaceSelector defines the namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used. properties: matchExpressions: @@ -5812,19 +6025,19 @@ spec: x-kubernetes-map-type: atomic ruleOutageTolerance: description: |- - Max time to tolerate prometheus outage for restoring "for" state of alert. + ruleOutageTolerance defines the max time to tolerate prometheus outage for restoring "for" state of alert. It requires Thanos >= v0.30.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleQueryOffset: description: |- - The default rule group's query offset duration to use. + ruleQueryOffset defines the default rule group's query offset duration to use. It requires Thanos >= v0.38.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleSelector: description: |- - PrometheusRule objects to be selected for rule evaluation. An empty + ruleSelector defines the PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. properties: @@ -5873,7 +6086,7 @@ spec: x-kubernetes-map-type: atomic securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext defines the pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -6107,12 +6320,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName defines the name of the ServiceAccount to use to run the Thanos Ruler Pods. type: string serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `thanos-ruler-operated` for ThanosRuler resources. When deploying multiple ThanosRuler resources in the same namespace, it is recommended to specify a different value for each. @@ -6120,15 +6333,16 @@ spec: minLength: 1 type: string storage: - description: Storage spec to specify how storage shall be used. + description: storage defines the specification of how storage shall + be used. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -6155,7 +6369,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -6376,15 +6590,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6402,7 +6614,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -6422,14 +6634,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -6438,14 +6650,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -6455,7 +6667,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -6632,15 +6844,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6653,7 +6863,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -6802,13 +7012,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -6840,7 +7048,7 @@ spec: type: object terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -6849,7 +7057,7 @@ spec: minimum: 0 type: integer tolerations: - description: If specified, the pod's tolerations. + description: tolerations defines when specified, the pod's tolerations. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -6888,7 +7096,8 @@ spec: type: object type: array topologySpreadConstraints: - description: If specified, the pod's topology spread constraints. + description: topologySpreadConstraints defines the pod's topology + spread constraints. items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. @@ -7063,7 +7272,7 @@ spec: type: array tracingConfig: description: |- - Configures tracing. + tracingConfig defines the tracing configuration. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration @@ -7096,7 +7305,7 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: |- - Configures the path of the tracing configuration file. + tracingConfigFile defines the path of the tracing configuration file. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration @@ -7108,11 +7317,11 @@ spec: This field takes precedence over `tracingConfig`. type: string version: - description: Version of Thanos to be deployed. + description: version of Thanos to be deployed. type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + volumeMounts defines how the configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the ruler container, that are generated as a result of StorageSpec objects. items: @@ -7179,7 +7388,7 @@ spec: type: array volumes: description: |- - Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will + volumes defines how configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: description: Volume represents a named volume in a pod that may @@ -7852,15 +8061,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8042,12 +8249,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -8126,7 +8331,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -8546,6 +8751,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -8680,7 +8990,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -8964,22 +9273,24 @@ spec: type: object type: array web: - description: Defines the configuration of the ThanosRuler web server. + description: web defines the configuration of the ThanosRuler web + server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -8988,7 +9299,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -8997,7 +9308,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -9007,32 +9318,32 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9055,7 +9366,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9081,7 +9393,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -9089,7 +9401,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -9099,14 +9411,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9129,7 +9441,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9155,21 +9468,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -9179,7 +9492,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -9187,7 +9500,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -9215,14 +9528,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -9233,18 +9548,19 @@ spec: type: object status: description: |- - Most recent observed status of the ThanosRuler cluster. Read-only. + status defines the most recent observed status of the ThanosRuler cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this ThanosRuler deployment. format: int32 type: integer conditions: - description: The current state of the ThanosRuler object. + description: conditions defines the current state of the ThanosRuler + object. items: description: |- Condition represents the state of the resources associated with the @@ -9256,12 +9572,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -9269,14 +9585,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -9290,32 +9606,26 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this ThanosRuler deployment + replicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment (their labels match the selector). format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this ThanosRuler - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this ThanosRuler deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this ThanosRuler deployment + updatedReplicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/kube-prometheus-stack/charts/crds/files/crds.bz2 b/charts/kube-prometheus-stack/charts/crds/files/crds.bz2 index e9fa6502663a..6ce149c104eb 100644 Binary files a/charts/kube-prometheus-stack/charts/crds/files/crds.bz2 and b/charts/kube-prometheus-stack/charts/crds/files/crds.bz2 differ diff --git a/charts/kube-prometheus-stack/hack/sync_grafana_dashboards.py b/charts/kube-prometheus-stack/hack/sync_grafana_dashboards.py index 271d1f726071..c0a4fe4f1bde 100755 --- a/charts/kube-prometheus-stack/hack/sync_grafana_dashboards.py +++ b/charts/kube-prometheus-stack/hack/sync_grafana_dashboards.py @@ -29,11 +29,11 @@ def new_representer(dumper, data): refs = { # renovate: git-refs=https://github.com/prometheus-operator/kube-prometheus branch=main - 'ref.kube-prometheus': '79c461255e5f44315a3cce70012aa7614b42b915', + 'ref.kube-prometheus': '6828741a34a392e58d28e484364234fe191da65c', # renovate: git-refs=https://github.com/kubernetes-monitoring/kubernetes-mixin branch=master - 'ref.kubernetes-mixin': 'd6556e52d2762de47dc28ac0f9f2ffe93a50e785', + 'ref.kubernetes-mixin': '40ad8e9a35e08e4e49a587036e8f747230f876ca', # renovate: git-refs=https://github.com/etcd-io/etcd branch=main - 'ref.etcd': '841b593a3a76edc5b75d26a63dd3c2f2b9ee94c7', + 'ref.etcd': '116cacabeada58ddd332944e929f3cf913a9264d', } # Source files list diff --git a/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py b/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py index 199dca460461..a844f2688268 100755 --- a/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py +++ b/charts/kube-prometheus-stack/hack/sync_prometheus_rules.py @@ -29,11 +29,11 @@ def new_representer(dumper, data): refs = { # renovate: git-refs=https://github.com/prometheus-operator/kube-prometheus branch=main - 'ref.kube-prometheus': '79c461255e5f44315a3cce70012aa7614b42b915', + 'ref.kube-prometheus': '6828741a34a392e58d28e484364234fe191da65c', # renovate: git-refs=https://github.com/kubernetes-monitoring/kubernetes-mixin branch=master - 'ref.kubernetes-mixin': 'd6556e52d2762de47dc28ac0f9f2ffe93a50e785', + 'ref.kubernetes-mixin': '40ad8e9a35e08e4e49a587036e8f747230f876ca', # renovate: git-refs=https://github.com/etcd-io/etcd branch=main - 'ref.etcd': '841b593a3a76edc5b75d26a63dd3c2f2b9ee94c7', + 'ref.etcd': '116cacabeada58ddd332944e929f3cf913a9264d', } # Source files list diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/alertmanager-overview.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/alertmanager-overview.yaml index 767a43e37b05..2ab2a85a00c8 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/alertmanager-overview.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/alertmanager-overview.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'alertmanager-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'alertmanager-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/apiserver.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/apiserver.yaml index 53584d6b2cd6..1baccd736d4f 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/apiserver.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/apiserver.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'apiserver' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'apiserver' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/cluster-total.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/cluster-total.yaml index fe448597c319..ced03a681956 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/cluster-total.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/cluster-total.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'cluster-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'cluster-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/controller-manager.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/controller-manager.yaml index 214c7a1cba88..aec46b8f72de 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/controller-manager.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/controller-manager.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'controller-manager' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'controller-manager' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/grafana-overview.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/grafana-overview.yaml index 84364fdb98d1..3180fb2f7329 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/grafana-overview.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/grafana-overview.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'grafana-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'grafana-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml index 4002c8dc3011..1e0cfd077012 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-cluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-cluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml index 523212479b59..b0387c36f14c 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-multicluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-multicluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml index 750fef2b1807..2e5f9cfc2bce 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-node.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-node.yaml index fed3ac05337f..3a43c1ea8d5e 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-node.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-node.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-node' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-node' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml index b783a9ba8721..92dae4b99992 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml index 22dd58795523..da862c49bc52 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml index 32aba3b2a671..33f3965e931b 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'k8s-resources-workloads-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'k8s-resources-workloads-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/kubelet.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/kubelet.yaml index f4b3905f55da..540717800850 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/kubelet.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/kubelet.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'kubelet' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'kubelet' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-pod.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-pod.yaml index cad9ff2d9687..2eb9d997fd80 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-pod.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-pod.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'namespace-by-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'namespace-by-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-workload.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-workload.yaml index 62f93e6d45c1..134a094248e3 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-workload.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/namespace-by-workload.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'namespace-by-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'namespace-by-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml index 61b7a2afe4a7..45265bedfa70 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'node-cluster-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'node-cluster-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-rsrc-use.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-rsrc-use.yaml index 4f787f7615c4..ee82630bebe1 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-rsrc-use.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/node-rsrc-use.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'node-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'node-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-aix.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-aix.yaml index aabeb3b65af4..406a84991838 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-aix.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-aix.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'nodes-aix' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'nodes-aix' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-darwin.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-darwin.yaml index c4b707e46e13..e04fd6a08b1e 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-darwin.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes-darwin.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'nodes-darwin' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'nodes-darwin' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes.yaml index 63795d5b6d36..25143afe18c6 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/nodes.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'nodes' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'nodes' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml index 701868f72344..d39626006a7c 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'persistentvolumesusage' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'persistentvolumesusage' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/pod-total.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/pod-total.yaml index ee8fae7a4f9d..6ef9406335ae 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/pod-total.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/pod-total.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'pod-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'pod-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml index cfb055ca87e6..4e30447156bc 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'prometheus-remote-write' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'prometheus-remote-write' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus.yaml index ee80bff82923..ec95dba80945 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/prometheus.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'prometheus' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'prometheus' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/proxy.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/proxy.yaml index 6df18a46dd63..a91d397640c9 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/proxy.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/proxy.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'proxy' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'proxy' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/scheduler.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/scheduler.yaml index bb96cd6c8d74..1b2bae0b5e23 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/scheduler.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/scheduler.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'scheduler' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'scheduler' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/workload-total.yaml b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/workload-total.yaml index 203a343a185a..4c8feb972686 100644 --- a/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/workload-total.yaml +++ b/charts/kube-prometheus-stack/templates/grafana/dashboards-1.14/workload-total.yaml @@ -1,5 +1,5 @@ {{- /* -Generated from 'workload-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/79c461255e5f44315a3cce70012aa7614b42b915/manifests/grafana-dashboardDefinitions.yaml +Generated from 'workload-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/6828741a34a392e58d28e484364234fe191da65c/manifests/grafana-dashboardDefinitions.yaml Do not change in-place! In order to change this file first read following link: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack */ -}} diff --git a/charts/kube-prometheus-stack/templates/prometheus-operator/clusterrole.yaml b/charts/kube-prometheus-stack/templates/prometheus-operator/clusterrole.yaml index 65d58ec879e7..da2d57f99ed7 100644 --- a/charts/kube-prometheus-stack/templates/prometheus-operator/clusterrole.yaml +++ b/charts/kube-prometheus-stack/templates/prometheus-operator/clusterrole.yaml @@ -23,10 +23,13 @@ rules: - thanosrulers/finalizers - thanosrulers/status - scrapeconfigs + - scrapeconfigs/status - servicemonitors - servicemonitors/status - podmonitors + - podmonitors/status - probes + - probes/status - prometheusrules verbs: - '*' diff --git a/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/alertmanager.rules.yaml index 815d10bd7ec5..3bc1f3112e49 100644 --- a/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/alertmanager.rules.yaml +++ b/charts/kube-prometheus-stack/templates/prometheus/rules-1.14/alertmanager.rules.yaml @@ -41,7 +41,7 @@ spec: expr: |- # Without max_over_time, failed scrapes could create false negatives, see # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details. - max_over_time(alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) == 0 + max_over_time(alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[5m]) == 0 for: {{ dig "AlertmanagerFailedReload" "for" "10m" .Values.customRules }} {{- with .Values.defaultRules.keepFiringFor }} keep_firing_for: "{{ . }}" @@ -72,9 +72,9 @@ spec: expr: |- # Without max_over_time, failed scrapes could create false negatives, see # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details. - max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) + max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[5m]) < on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) group_left - count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])) + count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[5m])) for: {{ dig "AlertmanagerMembersInconsistent" "for" "15m" .Values.customRules }} {{- with .Values.defaultRules.keepFiringFor }} keep_firing_for: "{{ . }}" @@ -104,9 +104,9 @@ spec: summary: An Alertmanager instance failed to send notifications. expr: |- ( - rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[15m]) + rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[15m]) / - ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[15m]) + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[15m]) ) > 0.01 for: {{ dig "AlertmanagerFailedToSendAlerts" "for" "5m" .Values.customRules }} @@ -138,9 +138,9 @@ spec: summary: All Alertmanager instances in a cluster failed to send notifications to a critical integration. expr: |- min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) ( - rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[15m]) + rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}", integration=~`.*`}[15m]) / - ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[15m]) + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}", integration=~`.*`}[15m]) ) > 0.01 for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }} @@ -172,9 +172,9 @@ spec: summary: All Alertmanager instances in a cluster failed to send notifications to a non-critical integration. expr: |- min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) ( - rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[15m]) + rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}", integration!~`.*`}[15m]) / - ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[15m]) + ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}", integration!~`.*`}[15m]) ) > 0.01 for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }} @@ -206,7 +206,7 @@ spec: summary: Alertmanager instances within the same cluster have different configurations. expr: |- count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ( - count_values by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}) + count_values by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}) ) != 1 for: {{ dig "AlertmanagerConfigInconsistent" "for" "20m" .Values.customRules }} @@ -239,11 +239,11 @@ spec: expr: |- ( count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ( - avg_over_time(up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) < 0.5 + avg_over_time(up{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[5m]) < 0.5 ) / count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ( - up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} + up{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"} ) ) >= 0.5 @@ -277,11 +277,11 @@ spec: expr: |- ( count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ( - changes(process_start_time_seconds{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[10m]) > 4 + changes(process_start_time_seconds{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"}[10m]) > 4 ) / count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ( - up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} + up{job="{{ $alertmanagerJob }}",container="alertmanager",namespace="{{ $namespace }}"} ) ) >= 0.5 diff --git a/charts/prometheus-blackbox-exporter/Chart.yaml b/charts/prometheus-blackbox-exporter/Chart.yaml index 576b3d3e210c..c4be1d13da5e 100644 --- a/charts/prometheus-blackbox-exporter/Chart.yaml +++ b/charts/prometheus-blackbox-exporter/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: Prometheus Blackbox Exporter name: prometheus-blackbox-exporter -version: 11.3.1 +version: 11.4.0 # renovate: github=prometheus/blackbox_exporter appVersion: v0.27.0 kubeVersion: ">=1.21.0-0" diff --git a/charts/prometheus-blackbox-exporter/values.yaml b/charts/prometheus-blackbox-exporter/values.yaml index 9ebbc882f9e3..7760180d56cb 100644 --- a/charts/prometheus-blackbox-exporter/values.yaml +++ b/charts/prometheus-blackbox-exporter/values.yaml @@ -449,7 +449,7 @@ configReloader: image: registry: quay.io repository: prometheus-operator/prometheus-config-reloader - tag: "v0.85.0" + tag: "v0.86.0" pullPolicy: IfNotPresent digest: "" securityContext: diff --git a/charts/prometheus-operator-admission-webhook/Chart.yaml b/charts/prometheus-operator-admission-webhook/Chart.yaml index df79c459c9ec..89edfc158f52 100644 --- a/charts/prometheus-operator-admission-webhook/Chart.yaml +++ b/charts/prometheus-operator-admission-webhook/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 description: Prometheus Operator Admission Webhook name: prometheus-operator-admission-webhook -version: 0.31.1 +version: 0.32.0 # renovate: github=prometheus-operator/prometheus-operator -appVersion: 0.85.0 +appVersion: 0.86.0 home: https://github.com/prometheus-operator/prometheus-operator icon: https://github.com/prometheus-operator/prometheus-operator/raw/main/Documentation/logos/prometheus-operator-logo.png keywords: diff --git a/charts/prometheus-operator-crds/Chart.yaml b/charts/prometheus-operator-crds/Chart.yaml index 7b8742a00f15..1e0ff0a2536a 100644 --- a/charts/prometheus-operator-crds/Chart.yaml +++ b/charts/prometheus-operator-crds/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 type: application -version: 23.0.0 +version: 24.0.0 name: prometheus-operator-crds icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png description: | @@ -10,7 +10,7 @@ keywords: - prometheus - crds # renovate: github=prometheus-operator/prometheus-operator -appVersion: v0.85.0 +appVersion: v0.86.0 kubeVersion: ">=1.16.0-0" sources: - https://github.com/prometheus-community/helm-charts diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml index 8009c67a8518..a4f0c8ba0308 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagerconfigs.yaml @@ -1,5 +1,5 @@ {{- if .Values.alertmanagerconfigs.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: alertmanagerconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -49,17 +49,11 @@ spec: metadata: type: object spec: - description: |- - AlertmanagerConfigSpec is a specification of the desired behavior of the - Alertmanager configuration. - By default, the Alertmanager configuration only applies to alerts for which - the `namespace` label is equal to the namespace of the AlertmanagerConfig - resource (see the `.spec.alertmanagerConfigMatcherStrategy` field of the - Alertmanager CRD). + description: spec defines the specification of AlertmanagerConfigSpec properties: inhibitRules: description: |- - List of inhibition rules. The rules will only apply to alerts matching + inhibitRules defines the list of inhibition rules. The rules will only apply to alerts matching the resource's namespace. items: description: |- @@ -69,23 +63,24 @@ spec: properties: equal: description: |- - Labels that must have an equal value in the source and target alert for - the inhibition to take effect. + equal defines labels that must have an equal value in the source and target alert + for the inhibition to take effect. This ensures related alerts are properly grouped. items: type: string type: array sourceMatch: description: |- - Matchers for which one or more alerts have to exist for the inhibition - to take effect. The operator enforces that the alert matches the - resource's namespace. + sourceMatch defines matchers for which one or more alerts have to exist for the inhibition + to take effect. The operator enforces that the alert matches the resource's namespace. + These are the "trigger" alerts that cause other alerts to be inhibited. items: description: Matcher defines how to match on alert's labels. properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -93,16 +88,20 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name @@ -110,15 +109,17 @@ spec: type: array targetMatch: description: |- - Matchers that have to be fulfilled in the alerts to be muted. The - operator enforces that the alert matches the resource's namespace. + targetMatch defines matchers that have to be fulfilled in the alerts to be muted. + The operator enforces that the alert matches the resource's namespace. + When these conditions are met, matching alerts will be inhibited (silenced). items: description: Matcher defines how to match on alert's labels. properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -126,16 +127,20 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name @@ -144,40 +149,40 @@ spec: type: object type: array muteTimeIntervals: - description: List of MuteTimeInterval specifying when the routes should - be muted. + description: muteTimeIntervals defines the list of MuteTimeInterval + specifying when the routes should be muted. items: description: MuteTimeInterval specifies the periods in time when notifications will be muted properties: name: - description: Name of the time interval + description: name of the time interval type: string timeIntervals: - description: TimeIntervals is a list of TimeInterval + description: timeIntervals defines a list of TimeInterval items: description: TimeInterval describes intervals of time properties: daysOfMonth: - description: DaysOfMonth is a list of DayOfMonthRange + description: daysOfMonth defines a list of DayOfMonthRange items: description: DayOfMonthRange is an inclusive range of days of the month beginning at 1 properties: end: - description: End of the inclusive range + description: end of the inclusive range maximum: 31 minimum: -31 type: integer start: - description: Start of the inclusive range + description: start of the inclusive range maximum: 31 minimum: -31 type: integer type: object type: array months: - description: Months is a list of MonthRange + description: months defines a list of MonthRange items: description: |- MonthRange is an inclusive range of months of the year beginning in January @@ -186,24 +191,25 @@ spec: type: string type: array times: - description: Times is a list of TimeRange + description: times defines a list of TimeRange items: description: TimeRange defines a start and end time in 24hr format properties: endTime: - description: EndTime is the end time in 24hr format. + description: endTime defines the end time in 24hr + format. pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) type: string startTime: - description: StartTime is the start time in 24hr - format. + description: startTime defines the start time in + 24hr format. pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) type: string type: object type: array weekdays: - description: Weekdays is a list of WeekdayRange + description: weekdays defines a list of WeekdayRange items: description: |- WeekdayRange is an inclusive range of days of the week beginning on Sunday @@ -212,7 +218,7 @@ spec: type: string type: array years: - description: Years is a list of YearRange + description: years defines a list of YearRange items: description: YearRange is an inclusive range of years pattern: ^2\d{3}(?::2\d{3}|$) @@ -225,12 +231,12 @@ spec: type: object type: array receivers: - description: List of receivers. + description: receivers defines the list of receivers. items: description: Receiver defines one or more notification integrations. properties: discordConfigs: - description: List of Discord configurations. + description: discordConfigs defines the list of Slack configurations. items: description: |- DiscordConfig configures notifications via Discord. @@ -238,7 +244,7 @@ spec: properties: apiURL: description: |- - The secret's key that contains the Discord webhook URL. + apiURL defines the secret's key that contains the Discord webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -264,25 +270,27 @@ spec: type: object x-kubernetes-map-type: atomic avatarURL: - description: The avatar url of the message sender. + description: avatarURL defines the avatar url of the message + sender. pattern: ^https?://.+$ type: string content: - description: The template of the content's body. + description: content defines the template of the content's + body. minLength: 1 type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -307,7 +315,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -316,12 +324,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -347,7 +355,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -374,7 +382,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -400,30 +408,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -446,8 +459,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -474,7 +487,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -502,12 +515,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -543,7 +556,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -551,33 +564,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -600,8 +613,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -627,12 +640,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -655,8 +668,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -682,11 +695,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -712,7 +726,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -723,7 +737,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -733,13 +747,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -776,7 +790,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -784,31 +798,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -831,8 +846,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -858,12 +873,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -886,8 +901,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -913,11 +928,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -942,7 +958,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -953,7 +969,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -963,22 +979,26 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: The template of the message's body. + description: message defines the template of the message's + body. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean title: - description: The template of the message's title. + description: title defines the template of the message's + title. type: string username: - description: The username of the message sender. + description: username defines the username of the message + sender. minLength: 1 type: string required: @@ -986,16 +1006,18 @@ spec: type: object type: array emailConfigs: - description: List of Email configurations. + description: emailConfigs defines the list of Email configurations. items: description: EmailConfig configures notifications via Email. properties: authIdentity: - description: The identity to use for authentication. + description: |- + authIdentity defines the identity to use for SMTP authentication. + This is typically used with PLAIN authentication mechanism. type: string authPassword: description: |- - The secret's key that contains the password to use for authentication. + authPassword defines the secret's key that contains the password to use for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -1022,7 +1044,8 @@ spec: x-kubernetes-map-type: atomic authSecret: description: |- - The secret's key that contains the CRAM-MD5 secret. + authSecret defines the secret's key that contains the CRAM-MD5 secret. + This is used for CRAM-MD5 authentication mechanism. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -1048,24 +1071,32 @@ spec: type: object x-kubernetes-map-type: atomic authUsername: - description: The username to use for authentication. + description: |- + authUsername defines the username to use for SMTP authentication. + This is used for SMTP AUTH when the server requires authentication. type: string from: - description: The sender address. + description: |- + from defines the sender address for email notifications. + This appears as the "From" field in the email header. type: string headers: description: |- - Further headers email header key/value pairs. Overrides any headers - previously set by the notification implementation. + headers defines additional email header key/value pairs. + These override any headers previously set by the notification implementation. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -1073,36 +1104,46 @@ spec: type: object type: array hello: - description: The hostname to identify to the SMTP server. + description: |- + hello defines the hostname to identify to the SMTP server. + This is used in the SMTP HELO/EHLO command during the connection handshake. type: string html: - description: The HTML body of the email notification. + description: |- + html defines the HTML body of the email notification. + This allows for rich formatting in the email content. type: string requireTLS: description: |- - The SMTP TLS requirement. + requireTLS defines the SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean smarthost: - description: The SMTP host and port through which emails - are sent. E.g. example.com:25 + description: |- + smarthost defines the SMTP host and port through which emails are sent. + Format should be "hostname:port", e.g. "smtp.example.com:587". type: string text: - description: The text body of the email notification. + description: |- + text defines the plain text body of the email notification. + This provides a fallback for email clients that don't support HTML. type: string tlsConfig: - description: TLS configuration + description: |- + tlsConfig defines the TLS configuration for SMTP connections. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1125,8 +1166,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1151,12 +1192,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1179,8 +1220,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1205,11 +1246,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1234,7 +1276,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1245,7 +1287,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1255,17 +1297,20 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object to: - description: The email address to send notifications to. + description: |- + to defines the email address to send notifications to. + This is the recipient address for alert notifications. type: string type: object type: array msteamsConfigs: description: |- - List of MSTeams configurations. + msteamsConfigs defines the list of MSTeams configurations. It requires Alertmanager >= 0.26.0. items: description: |- @@ -1273,17 +1318,18 @@ spec: It requires Alertmanager >= 0.26.0. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Teams webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -1308,7 +1354,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1317,12 +1363,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1348,7 +1394,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1375,7 +1421,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -1401,30 +1447,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1447,8 +1498,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1475,7 +1526,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1503,12 +1554,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1544,7 +1595,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1552,33 +1603,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1601,8 +1652,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -1628,12 +1679,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1656,8 +1707,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -1683,11 +1734,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -1713,7 +1765,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1724,7 +1776,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1734,13 +1786,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -1777,7 +1829,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1785,31 +1837,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1832,8 +1885,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1859,12 +1912,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1887,8 +1940,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1914,11 +1967,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -1943,7 +1997,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1954,7 +2008,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1964,27 +2018,35 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean summary: description: |- - Message summary template. + summary defines the message summary template for Teams notifications. + This provides a brief overview that appears in Teams notification previews. It requires Alertmanager >= 0.27.0. type: string text: - description: Message body template. + description: |- + text defines the message body template for Teams notifications. + This contains the detailed content of the Teams message. type: string title: - description: Message title template. + description: |- + title defines the message title template for Teams notifications. + This appears as the main heading of the Teams message card. type: string webhookUrl: - description: MSTeams webhook URL. + description: |- + webhookUrl defines the MSTeams webhook URL for sending notifications. + This is the incoming webhook URL configured in your Teams channel. properties: key: description: The key of the secret to select from. Must @@ -2013,26 +2075,27 @@ spec: type: array msteamsv2Configs: description: |- - List of MSTeamsV2 configurations. + msteamsv2Configs defines the list of MSTeamsV2 configurations. It requires Alertmanager >= 0.28.0. items: description: |- - MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows + MSTeamsV2Config configures notifications via Microsoft Teams using the new message format with adaptive cards as required by flows. See https://prometheus.io/docs/alerting/latest/configuration/#msteamsv2_config It requires Alertmanager >= 0.28.0. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Teams webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -2057,7 +2120,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2066,12 +2129,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2097,7 +2160,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2124,7 +2187,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -2150,30 +2213,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2196,8 +2264,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2224,7 +2292,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -2252,12 +2320,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -2293,7 +2361,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2301,33 +2369,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2350,8 +2418,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -2377,12 +2445,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2405,8 +2473,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -2432,11 +2500,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -2462,7 +2531,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2473,7 +2542,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2483,13 +2552,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -2526,7 +2595,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2534,31 +2603,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2581,8 +2651,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2608,12 +2678,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -2636,8 +2706,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -2663,11 +2733,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -2692,7 +2763,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2703,7 +2774,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2713,24 +2784,31 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean text: - description: Message body template. + description: |- + text defines the message body template for adaptive card notifications. + This contains the detailed content displayed in the Teams adaptive card format. minLength: 1 type: string title: - description: Message title template. + description: |- + title defines the message title template for adaptive card notifications. + This appears as the main heading in the Teams adaptive card. minLength: 1 type: string webhookURL: - description: MSTeams incoming webhook URL. + description: |- + webhookURL defines the MSTeams incoming webhook URL for adaptive card notifications. + This webhook must support the newer adaptive cards format required by Teams flows. properties: key: description: The key of the secret to select from. Must @@ -2756,24 +2834,25 @@ spec: type: object type: array name: - description: Name of the receiver. Must be unique across all - items from the list. + description: name defines the name of the receiver. Must be + unique across all items from the list. minLength: 1 type: string opsgenieConfigs: - description: List of OpsGenie configurations. + description: opsgenieConfigs defines the list of OpsGenie configurations. items: description: |- OpsGenieConfig configures notifications via OpsGenie. See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config properties: actions: - description: Comma separated list of actions that will - be available for the alert. + description: |- + actions defines a comma separated list of actions that will be available for the alert. + These appear as action buttons in the OpsGenie interface. type: string apiKey: description: |- - The secret's key that contains the OpsGenie API key. + apiKey defines the secret's key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -2799,23 +2878,32 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The URL to send OpsGenie API requests to. + description: |- + apiURL defines the URL to send OpsGenie API requests to. + When not specified, defaults to the standard OpsGenie API endpoint. type: string description: - description: Description of the incident. + description: |- + description defines the detailed description of the incident. + This provides additional context beyond the message field. type: string details: - description: A set of arbitrary key/value pairs that provide - further detail about the incident. + description: |- + details defines a set of arbitrary key/value pairs that provide further detail about the incident. + These appear as additional fields in the OpsGenie alert. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -2823,21 +2911,23 @@ spec: type: object type: array entity: - description: Optional field that can be used to specify - which domain alert is related to. + description: |- + entity defines an optional field that can be used to specify which domain alert is related to. + This helps group related alerts together in OpsGenie. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for OpsGenie API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -2862,7 +2952,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2871,12 +2961,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2902,7 +2992,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2929,7 +3019,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -2955,30 +3045,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3001,8 +3096,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3029,7 +3124,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3057,12 +3152,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3098,7 +3193,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3106,33 +3201,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3155,8 +3250,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3182,12 +3277,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3210,8 +3305,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3237,11 +3332,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -3267,7 +3363,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3278,7 +3374,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3288,13 +3384,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -3331,7 +3427,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3339,31 +3435,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3386,8 +3483,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3413,12 +3510,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3441,8 +3538,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3468,11 +3565,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -3497,7 +3595,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3508,7 +3606,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3518,97 +3616,129 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Alert text limited to 130 characters. + description: |- + message defines the alert text limited to 130 characters. + This appears as the main alert title in OpsGenie. type: string note: - description: Additional alert note. + description: |- + note defines an additional alert note. + This provides supplementary information about the alert. type: string priority: - description: Priority level of alert. Possible values - are P1, P2, P3, P4, and P5. + description: |- + priority defines the priority level of alert. + Possible values are P1, P2, P3, P4, and P5, where P1 is highest priority. type: string responders: - description: List of responders responsible for notifications. + description: |- + responders defines the list of responders responsible for notifications. + These determine who gets notified when the alert is created. items: description: |- OpsGenieConfigResponder defines a responder to an incident. One of `id`, `name` or `username` has to be defined. properties: id: - description: ID of the responder. + description: |- + id defines the unique identifier of the responder. + This corresponds to the responder's ID within OpsGenie. type: string name: - description: Name of the responder. + description: |- + name defines the display name of the responder. + This is used when the responder is identified by name rather than ID. type: string type: - description: Type of responder. + description: |- + type defines the type of responder. + Valid values include "user", "team", "schedule", and "escalation". + This determines how OpsGenie interprets the other identifier fields. + enum: + - team + - teams + - user + - escalation + - schedule minLength: 1 type: string username: - description: Username of the responder. + description: |- + username defines the username of the responder. + This is typically used for user-type responders when identifying by username. type: string required: - type type: object type: array sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean source: - description: Backlink to the sender of the notification. + description: |- + source defines the backlink to the sender of the notification. + This helps identify where the alert originated from. type: string tags: - description: Comma separated list of tags attached to - the notifications. + description: |- + tags defines a comma separated list of tags attached to the notifications. + These help categorize and filter alerts within OpsGenie. type: string updateAlerts: description: |- - Whether to update message and description of the alert in OpsGenie if it already exists + updateAlerts defines Whether to update message and description of the alert in OpsGenie if it already exists By default, the alert is never updated in OpsGenie, the new message only appears in activity log. type: boolean type: object type: array pagerdutyConfigs: - description: List of PagerDuty configurations. + description: pagerdutyConfigs defines the List of PagerDuty + configurations. items: description: |- PagerDutyConfig configures notifications via PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config properties: class: - description: The class/type of the event. + description: class defines the class/type of the event. type: string client: - description: Client identification. + description: client defines the client identification. type: string clientURL: - description: Backlink to the sender of notification. + description: clientURL defines the backlink to the sender + of notification. type: string component: - description: The part or component of the affected system - that is broken. + description: component defines the part or component of + the affected system that is broken. type: string description: - description: Description of the incident. + description: description of the incident. type: string details: - description: Arbitrary key/value pairs that provide further - detail about the incident. + description: details defines the arbitrary key/value pairs + that provide further detail about the incident. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -3616,20 +3746,20 @@ spec: type: object type: array group: - description: A cluster or grouping of sources. + description: group defines a cluster or grouping of sources. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -3654,7 +3784,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -3663,12 +3793,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -3694,7 +3824,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -3721,7 +3851,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -3747,30 +3877,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3793,8 +3928,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -3821,7 +3956,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3849,12 +3984,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3890,7 +4025,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3898,33 +4033,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -3947,8 +4082,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -3974,12 +4109,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4002,8 +4137,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4029,11 +4164,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -4059,7 +4195,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4070,7 +4206,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4080,13 +4216,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -4123,7 +4259,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4131,31 +4267,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4178,8 +4315,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4205,12 +4342,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4233,8 +4370,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4260,11 +4397,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -4289,7 +4427,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4300,7 +4438,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4310,51 +4448,55 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object pagerDutyImageConfigs: - description: A list of image details to attach that provide - further detail about an incident. + description: pagerDutyImageConfigs defines a list of image + details to attach that provide further detail about + an incident. items: description: PagerDutyImageConfig attaches images to an incident properties: alt: - description: Alt is the optional alternative text + description: alt is the optional alternative text for the image. type: string href: - description: Optional URL; makes the image a clickable - link. + description: href defines the optional URL; makes + the image a clickable link. type: string src: - description: Src of the image being attached to + description: src of the image being attached to the incident type: string type: object type: array pagerDutyLinkConfigs: - description: A list of link details to attach that provide - further detail about an incident. + description: pagerDutyLinkConfigs defines a list of link + details to attach that provide further detail about + an incident. items: description: PagerDutyLinkConfig attaches text links to an incident properties: alt: - description: Text that describes the purpose of - the link, and can be used as the link's text. + description: alt defines the text that describes + the purpose of the link, and can be used as the + link's text. type: string href: - description: Href is the URL of the link to be attached + description: href defines the URL of the link to + be attached type: string type: object type: array routingKey: description: |- - The secret's key that contains the PagerDuty integration key (when using + routingKey defines the secret's key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -4381,11 +4523,12 @@ spec: type: object x-kubernetes-map-type: atomic sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean serviceKey: description: |- - The secret's key that contains the PagerDuty service key (when using + serviceKey defines the secret's key that contains the PagerDuty service key (when using integration type "Prometheus"). Either this field or `routingKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig @@ -4413,49 +4556,53 @@ spec: type: object x-kubernetes-map-type: atomic severity: - description: Severity of the incident. + description: severity of the incident. type: string source: - description: Unique location of the affected system. + description: source defines the unique location of the + affected system. type: string url: - description: The URL to send requests to. + description: url defines the URL to send requests to. type: string type: object type: array pushoverConfigs: - description: List of Pushover configurations. + description: pushoverConfigs defines the list of Pushover configurations. items: description: |- PushoverConfig configures notifications via Pushover. See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config properties: device: - description: The name of a device to send the notification - to + description: |- + device defines the name of a specific device to send the notification to. + If not specified, the notification is sent to all user's devices. type: string expire: description: |- - How long your notification will continue to be retried for, unless the user - acknowledges the notification. + expire defines how long your notification will continue to be retried for, + unless the user acknowledges the notification. Only applies to priority 2 notifications. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string html: - description: Whether notification message is HTML or plain - text. + description: |- + html defines whether notification message is HTML or plain text. + When true, the message can include HTML formatting tags. type: boolean httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Pushover API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -4480,7 +4627,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4489,12 +4636,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4520,7 +4667,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4547,7 +4694,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -4573,30 +4720,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4619,8 +4771,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -4647,7 +4799,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4675,12 +4827,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4716,7 +4868,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4724,33 +4876,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4773,8 +4925,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4800,12 +4952,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -4828,8 +4980,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -4855,11 +5007,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -4885,7 +5038,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4896,7 +5049,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4906,13 +5059,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -4949,7 +5102,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4957,31 +5110,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5004,8 +5158,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5031,12 +5185,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5059,8 +5213,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5086,11 +5240,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -5115,7 +5270,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5126,7 +5281,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5136,37 +5291,45 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Notification message. + description: |- + message defines the notification message content. + This is the main body text of the Pushover notification. type: string priority: - description: Priority, see https://pushover.net/api#priority + description: |- + priority defines the notification priority level. + See https://pushover.net/api#priority for valid values and behavior. type: string retry: description: |- - How often the Pushover servers will send the same notification to the user. - Must be at least 30 seconds. + retry defines how often the Pushover servers will send the same notification to the user. + Must be at least 30 seconds. Only applies to priority 2 notifications. pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean sound: - description: The name of one of the sounds supported by - device clients to override the user's default sound - choice + description: |- + sound defines the name of one of the sounds supported by device clients. + This overrides the user's default sound choice for this notification. type: string title: - description: Notification title. + description: |- + title defines the notification title displayed in the Pushover message. + This appears as the bold header text in the notification. type: string token: description: |- - The secret's key that contains the registered application's API token, see https://pushover.net/apps. + token defines the secret's key that contains the registered application's API token. + See https://pushover.net/apps for application registration. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. Either `token` or `tokenFile` is required. @@ -5194,25 +5357,30 @@ spec: x-kubernetes-map-type: atomic tokenFile: description: |- - The token file that contains the registered application's API token, see https://pushover.net/apps. + tokenFile defines the token file that contains the registered application's API token. + See https://pushover.net/apps for application registration. Either `token` or `tokenFile` is required. It requires Alertmanager >= v0.26.0. type: string ttl: - description: The time to live definition for the alert - notification + description: |- + ttl defines the time to live for the alert notification. + This determines how long the notification remains active before expiring. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string url: - description: A supplementary URL shown alongside the message. + description: |- + url defines a supplementary URL shown alongside the message. + This creates a clickable link within the Pushover notification. type: string urlTitle: - description: A title for supplementary URL, otherwise - just the URL is shown + description: |- + urlTitle defines a title for the supplementary URL. + If not specified, the raw URL is shown instead. type: string userKey: description: |- - The secret's key that contains the recipient user's user key. + userKey defines the secret's key that contains the recipient user's user key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. Either `userKey` or `userKeyFile` is required. @@ -5240,7 +5408,7 @@ spec: x-kubernetes-map-type: atomic userKeyFile: description: |- - The user key file that contains the recipient user's user key. + userKeyFile defines the user key file that contains the recipient user's user key. Either `userKey` or `userKeyFile` is required. It requires Alertmanager >= v0.26.0. type: string @@ -5248,7 +5416,7 @@ spec: type: array rocketchatConfigs: description: |- - List of RocketChat configurations. + rocketchatConfigs defines the list of RocketChat configurations. It requires Alertmanager >= 0.28.0. items: description: |- @@ -5256,22 +5424,29 @@ spec: It requires Alertmanager >= 0.28.0. properties: actions: - description: Actions to include in the message. + description: |- + actions defines interactive actions to include in the message. + These appear as buttons that users can click to trigger responses. items: description: RocketChatActionConfig defines actions for RocketChat messages. properties: msg: - description: The message to send when the button - is clicked. + description: |- + msg defines the message to send when the button is clicked. + This allows the button to post a predefined message to the channel. minLength: 1 type: string text: - description: The button text. + description: |- + text defines the button text displayed to users. + This is the label that appears on the interactive button. minLength: 1 type: string url: - description: The URL the button links to. + description: |- + url defines the URL the button links to when clicked. + This creates a clickable button that opens the specified URL. pattern: ^https?://.+$ type: string type: object @@ -5279,57 +5454,69 @@ spec: type: array apiURL: description: |- - The API URL for RocketChat. + apiURL defines the API URL for RocketChat. Defaults to https://open.rocket.chat/ if not specified. pattern: ^https?://.+$ type: string channel: - description: The channel to send alerts to. + description: |- + channel defines the channel to send alerts to. + This can be a channel name (e.g., "#alerts") or a direct message recipient. minLength: 1 type: string color: - description: The message color. + description: |- + color defines the message color displayed in RocketChat. + This appears as a colored bar alongside the message. minLength: 1 type: string emoji: - description: If provided, the avatar will be displayed - as an emoji. + description: |- + emoji defines the emoji to be displayed as an avatar. + If provided, this emoji will be used instead of the default avatar or iconURL. minLength: 1 type: string fields: - description: Additional fields for the message. + description: |- + fields defines additional fields for the message attachment. + These appear as structured key-value pairs within the message. items: description: RocketChatFieldConfig defines additional fields for RocketChat messages. properties: short: - description: Whether this field should be a short - field. + description: |- + short defines whether this field should be a short field. + When true, the field may be displayed inline with other short fields to save space. type: boolean title: - description: The title of this field. + description: |- + title defines the title of this field. + This appears as bold text labeling the field content. minLength: 1 type: string value: - description: The value of this field, displayed - underneath the title value. + description: |- + value defines the value of this field, displayed underneath the title. + This contains the actual data or content for the field. minLength: 1 type: string type: object minItems: 1 type: array httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for RocketChat API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -5354,7 +5541,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5363,12 +5550,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5394,7 +5581,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5421,7 +5608,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -5447,30 +5634,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5493,8 +5685,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5521,7 +5713,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5549,12 +5741,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5590,7 +5782,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5598,33 +5790,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5647,8 +5839,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -5674,12 +5866,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5702,8 +5894,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -5729,11 +5921,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -5759,7 +5952,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5770,7 +5963,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5780,13 +5973,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -5823,7 +6016,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5831,31 +6024,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5878,8 +6072,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5905,12 +6099,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -5933,8 +6127,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -5960,11 +6154,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -5989,7 +6184,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6000,7 +6195,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6010,47 +6205,65 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object iconURL: - description: Icon URL for the message. + description: |- + iconURL defines the icon URL for the message avatar. + This displays a custom image as the message sender's avatar. pattern: ^https?://.+$ type: string imageURL: - description: Image URL for the message. + description: |- + imageURL defines the image URL to display within the message. + This embeds an image directly in the message attachment. pattern: ^https?://.+$ type: string linkNames: - description: Whether to enable link names. + description: |- + linkNames defines whether to enable automatic linking of usernames and channels. + When true, @username and #channel references become clickable links. type: boolean sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean shortFields: - description: Whether to use short fields. + description: |- + shortFields defines whether to use short fields in the message layout. + When true, fields may be displayed side by side to save space. type: boolean text: - description: The message text to send, it is optional - because of attachments. + description: |- + text defines the message text to send. + This is optional because attachments can be used instead of or alongside text. minLength: 1 type: string thumbURL: - description: Thumbnail URL for the message. + description: |- + thumbURL defines the thumbnail URL for the message. + This displays a small thumbnail image alongside the message content. pattern: ^https?://.+$ type: string title: - description: The message title. + description: |- + title defines the message title displayed prominently in the message. + This appears as bold text at the top of the message attachment. minLength: 1 type: string titleLink: - description: The title link for the message. + description: |- + titleLink defines the URL that the title will link to when clicked. + This makes the message title clickable in the RocketChat interface. minLength: 1 type: string token: - description: The sender token. + description: |- + token defines the sender token for RocketChat authentication. + This is the personal access token or bot token used to authenticate API requests. properties: key: description: The key of the secret to select from. Must @@ -6074,7 +6287,9 @@ spec: type: object x-kubernetes-map-type: atomic tokenID: - description: The sender token ID. + description: |- + tokenID defines the sender token ID for RocketChat authentication. + This is the user ID associated with the token used for API requests. properties: key: description: The key of the secret to select from. Must @@ -6103,15 +6318,15 @@ spec: type: object type: array slackConfigs: - description: List of Slack configurations. + description: slackConfigs defines the list of Slack configurations. items: description: |- SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config properties: actions: - description: A list of Slack actions that are sent with - each notification. + description: actions defines a list of Slack actions that + are sent with each notification. items: description: |- SlackAction configures a single Slack action that is sent with each @@ -6121,37 +6336,64 @@ spec: properties: confirm: description: |- - SlackConfirmationField protect users from destructive actions or - particularly distinguished decisions by asking them to confirm their button - click one more time. - See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields - for more information. + confirm defines an optional confirmation dialog that appears before the action is executed. + When set, users must confirm their intent before the action proceeds. properties: dismissText: + description: |- + dismissText defines the label for the cancel button in the dialog. + When not specified, defaults to "Cancel". This button cancels the action. type: string okText: + description: |- + okText defines the label for the confirmation button in the dialog. + When not specified, defaults to "Okay". This button proceeds with the action. type: string text: + description: |- + text defines the main message displayed in the confirmation dialog. + This should be a clear question or statement asking the user to confirm their action. minLength: 1 type: string title: + description: |- + title defines the title text displayed at the top of the confirmation dialog. + When not specified, a default title will be used. type: string required: - text type: object name: + description: |- + name defines a unique identifier for the action within the message. + This value is sent back to your application when the action is triggered. type: string style: + description: |- + style defines the visual appearance of the action element. + Valid values include "default", "primary" (green), and "danger" (red). type: string text: + description: |- + text defines the user-visible label displayed on the action element. + For buttons, this is the button text. For select menus, this is the placeholder text. minLength: 1 type: string type: + description: |- + type defines the type of interactive component. + Common values include "button" for clickable buttons and "select" for dropdown menus. minLength: 1 type: string url: + description: |- + url defines the URL to open when the action is triggered. + Only applicable for button-type actions. When set, clicking the button opens this URL. type: string value: + description: |- + value defines the payload sent when the action is triggered. + This data is included in the callback sent to your application. type: string required: - text @@ -6160,7 +6402,7 @@ spec: type: array apiURL: description: |- - The secret's key that contains the Slack webhook URL. + apiURL defines the secret's key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -6186,18 +6428,25 @@ spec: type: object x-kubernetes-map-type: atomic callbackId: + description: callbackId defines an identifier for the + message used in interactive components. type: string channel: - description: The channel or user to send notifications - to. + description: channel defines the channel or user to send + notifications to. type: string color: + description: |- + color defines the color of the left border of the Slack message attachment. + Can be a hex color code (e.g., "#ff0000") or a predefined color name. type: string fallback: + description: fallback defines a plain-text summary of + the attachment for clients that don't support attachments. type: string fields: - description: A list of Slack fields that are sent with - each notification. + description: fields defines a list of Slack fields that + are sent with each notification. items: description: |- SlackField configures a single Slack field that is sent with each notification. @@ -6206,11 +6455,21 @@ spec: See https://api.slack.com/docs/message-attachments#fields for more information. properties: short: + description: |- + short determines whether this field can be displayed alongside other short fields. + When true, Slack may display this field side by side with other short fields. + When false or not specified, the field takes the full width of the message. type: boolean title: + description: |- + title defines the label or header text displayed for this field. + This appears as bold text above the field value in the Slack message. minLength: 1 type: string value: + description: |- + value defines the content or data displayed for this field. + This appears below the title and can contain plain text or Slack markdown. minLength: 1 type: string required: @@ -6219,19 +6478,21 @@ spec: type: object type: array footer: + description: footer defines small text displayed at the + bottom of the message attachment. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -6256,7 +6517,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6265,12 +6526,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6296,7 +6557,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6323,7 +6584,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -6349,30 +6610,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6395,8 +6661,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6423,7 +6689,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6451,12 +6717,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6492,7 +6758,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6500,33 +6766,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6549,8 +6815,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -6576,12 +6842,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6604,8 +6870,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -6631,11 +6897,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -6661,7 +6928,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6672,7 +6939,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6682,13 +6949,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -6725,7 +6992,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6733,31 +7000,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6780,8 +7048,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6807,12 +7075,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -6835,8 +7103,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -6862,11 +7130,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -6891,7 +7160,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6902,7 +7171,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6912,44 +7181,72 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object iconEmoji: + description: iconEmoji defines the emoji to use as the + bot's avatar (e.g., ":ghost:"). type: string iconURL: + description: iconURL defines the URL to an image to use + as the bot's avatar. type: string imageURL: + description: imageURL defines the URL to an image file + that will be displayed inside the message attachment. type: string linkNames: + description: |- + linkNames enables automatic linking of channel names and usernames in the message. + When true, @channel and @username will be converted to clickable links. type: boolean mrkdwnIn: + description: |- + mrkdwnIn defines which fields should be parsed as Slack markdown. + Valid values include "pretext", "text", and "fields". items: type: string type: array pretext: + description: pretext defines optional text that appears + above the message attachment block. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean shortFields: + description: |- + shortFields determines whether fields are displayed in a compact format. + When true, fields are shown side by side when possible. type: boolean text: + description: text defines the main text content of the + Slack message attachment. type: string thumbURL: + description: |- + thumbURL defines the URL to an image file that will be displayed as a thumbnail + on the right side of the message attachment. type: string title: + description: title defines the title text displayed in + the Slack message attachment. type: string titleLink: + description: titleLink defines the URL that the title + will link to when clicked. type: string username: + description: username defines the slack bot user name. type: string type: object type: array snsConfigs: - description: List of SNS configurations + description: snsConfigs defines the list of SNS configurations items: description: |- SNSConfig configures notifications via AWS SNS. @@ -6957,26 +7254,29 @@ spec: properties: apiURL: description: |- - The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + apiURL defines the SNS API URL, e.g. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used. type: string attributes: additionalProperties: type: string - description: SNS message attributes. + description: |- + attributes defines SNS message attributes as key-value pairs. + These provide additional metadata that can be used for message filtering and routing. type: object httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for SNS API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -7001,7 +7301,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7010,12 +7310,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7041,7 +7341,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7068,7 +7368,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -7094,30 +7394,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7140,8 +7445,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7168,7 +7473,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7196,12 +7501,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7237,7 +7542,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7245,33 +7550,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7294,8 +7599,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -7321,12 +7626,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7349,8 +7654,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -7376,11 +7681,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -7406,7 +7712,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7417,7 +7723,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7427,13 +7733,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -7470,7 +7776,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7478,31 +7784,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7525,8 +7832,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7552,12 +7859,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7580,8 +7887,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -7607,11 +7914,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -7636,7 +7944,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7647,7 +7955,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7657,29 +7965,33 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: The message content of the SNS notification. + description: |- + message defines the message content of the SNS notification. + This is the actual notification text that will be sent to subscribers. type: string phoneNumber: description: |- - Phone number if message is delivered via SMS in E.164 format. + phoneNumber defines the phone number if message is delivered via SMS in E.164 format. If you don't specify this value, you must specify a value for the TopicARN or TargetARN. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean sigv4: - description: Configures AWS's Signature Verification 4 - signing process to sign requests. + description: |- + sigv4 configures AWS's Signature Verification 4 signing process to sign requests. + This includes AWS credentials and region configuration for authentication. properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -7704,20 +8016,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used - to authenticate. + description: profile defines the named AWS profile + used to authenticate. type: string region: - description: Region is the AWS region. If blank, the - region from the default credentials chain used. + description: region defines the AWS region. If blank, + the region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used - to authenticate. + description: roleArn defines the named AWS profile + used to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -7741,25 +8053,31 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object subject: - description: Subject line when the message is delivered - to email endpoints. + description: |- + subject defines the subject line when the message is delivered to email endpoints. + This field is only used when sending to email subscribers of an SNS topic. type: string targetARN: description: |- - The mobile platform endpoint ARN if message is delivered via mobile notifications. - If you don't specify this value, you must specify a value for the topic_arn or PhoneNumber. + targetARN defines the mobile platform endpoint ARN if message is delivered via mobile notifications. + If you don't specify this value, you must specify a value for the TopicARN or PhoneNumber. type: string topicARN: description: |- - SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + topicARN defines the SNS topic ARN, e.g. arn:aws:sns:us-east-2:698519295917:My-Topic. If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN. type: string type: object type: array telegramConfigs: - description: List of Telegram configurations. + description: telegramConfigs defines the list of Telegram configurations. items: description: |- TelegramConfig configures notifications via Telegram. @@ -7767,15 +8085,14 @@ spec: properties: apiURL: description: |- - The Telegram API URL i.e. https://api.telegram.org. - If not specified, default API URL will be used. + apiURL defines the Telegram API URL, e.g. https://api.telegram.org. + If not specified, the default Telegram API URL will be used. type: string botToken: description: |- - Telegram bot token. It is mutually exclusive with `botTokenFile`. + botToken defines the Telegram bot token. It is mutually exclusive with `botTokenFile`. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. - Either `botToken` or `botTokenFile` is required. properties: key: @@ -7801,30 +8118,35 @@ spec: x-kubernetes-map-type: atomic botTokenFile: description: |- - File to read the Telegram bot token from. It is mutually exclusive with `botToken`. + botTokenFile defines the file to read the Telegram bot token from. + It is mutually exclusive with `botToken`. Either `botToken` or `botTokenFile` is required. - It requires Alertmanager >= v0.26.0. type: string chatID: - description: The Telegram chat ID. + description: |- + chatID defines the Telegram chat ID where messages will be sent. + This can be a user ID, group ID, or channel ID (with @ prefix for public channels). format: int64 type: integer disableNotifications: - description: Disable telegram notifications + description: |- + disableNotifications controls whether Telegram notifications are sent silently. + When true, users will receive the message without notification sounds. type: boolean httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for Telegram API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -7849,7 +8171,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7858,12 +8180,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7889,7 +8211,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7916,7 +8238,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -7942,30 +8264,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -7988,8 +8315,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8016,7 +8343,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8044,12 +8371,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8085,7 +8412,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8093,33 +8420,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8142,8 +8469,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8169,12 +8496,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8197,8 +8524,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8224,11 +8551,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -8254,7 +8582,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8265,7 +8593,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8275,13 +8603,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -8318,7 +8646,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8326,31 +8654,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8373,8 +8702,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8400,12 +8729,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8428,8 +8757,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8455,11 +8784,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -8484,7 +8814,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8495,7 +8825,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8505,36 +8835,44 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Message template + description: |- + message defines the message template for the Telegram notification. + This is the content that will be sent to the specified chat. type: string messageThreadID: description: |- - The Telegram Group Topic ID. + messageThreadID defines the Telegram Group Topic ID for threaded messages. + This allows sending messages to specific topics within Telegram groups. It requires Alertmanager >= 0.26.0. format: int64 type: integer parseMode: - description: Parse mode for telegram message + description: |- + parseMode defines the parse mode for telegram message formatting. + Valid values are "MarkdownV2", "Markdown", and "HTML". + This determines how text formatting is interpreted in the message. enum: - MarkdownV2 - Markdown - HTML type: string sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean required: - chatID type: object type: array victoropsConfigs: - description: List of VictorOps configurations. + description: victoropsConfigs defines the list of VictorOps + configurations. items: description: |- VictorOpsConfig configures notifications via VictorOps. @@ -8542,7 +8880,7 @@ spec: properties: apiKey: description: |- - The secret's key that contains the API key to use when talking to the VictorOps API. + apiKey defines the secret's key that contains the API key to use when talking to the VictorOps API. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -8568,19 +8906,27 @@ spec: type: object x-kubernetes-map-type: atomic apiUrl: - description: The VictorOps API URL. + description: |- + apiUrl defines the VictorOps API URL. + When not specified, defaults to the standard VictorOps API endpoint. type: string customFields: - description: Additional custom fields for notification. + description: |- + customFields defines additional custom fields for notification. + These provide extra metadata that will be included with the VictorOps incident. items: description: KeyValue defines a (key, value) tuple. properties: key: - description: Key of the tuple. + description: |- + key defines the key of the tuple. + This is the identifier or name part of the key-value pair. minLength: 1 type: string value: - description: Value of the tuple. + description: |- + value defines the value of the tuple. + This is the data or content associated with the key. type: string required: - key @@ -8588,20 +8934,23 @@ spec: type: object type: array entityDisplayName: - description: Contains summary of the alerted problem. + description: |- + entityDisplayName contains a summary of the alerted problem. + This appears as the main title or identifier for the incident. type: string httpConfig: - description: The HTTP client's configuration. + description: httpConfig defines the HTTP client's configuration + for VictorOps API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -8626,7 +8975,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8635,12 +8984,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -8666,7 +9015,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -8693,7 +9042,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -8719,30 +9068,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8765,8 +9119,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -8793,7 +9147,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8821,12 +9175,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8862,7 +9216,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8870,33 +9224,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8919,8 +9273,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -8946,12 +9300,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -8974,8 +9328,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -9001,11 +9355,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -9031,7 +9386,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9042,7 +9397,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9052,13 +9407,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -9095,7 +9450,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9103,31 +9458,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9150,8 +9506,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9177,12 +9533,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9205,8 +9561,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9232,11 +9588,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -9261,7 +9618,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9272,7 +9629,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9282,58 +9639,61 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object messageType: - description: Describes the behavior of the alert (CRITICAL, - WARNING, INFO). + description: |- + messageType describes the behavior of the alert. + Valid values are "CRITICAL", "WARNING", and "INFO". type: string monitoringTool: - description: The monitoring tool the state message is - from. + description: |- + monitoringTool defines the monitoring tool the state message is from. + This helps identify the source system that generated the alert. type: string routingKey: - description: A key used to map the alert to a team. + description: |- + routingKey defines a key used to map the alert to a team. + This determines which VictorOps team will receive the alert notification. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean stateMessage: - description: Contains long explanation of the alerted - problem. + description: |- + stateMessage contains a long explanation of the alerted problem. + This provides detailed context about the incident. type: string type: object type: array webexConfigs: - description: List of Webex configurations. + description: webexConfigs defines the list of Webex configurations. items: description: |- WebexConfig configures notification via Cisco Webex See https://prometheus.io/docs/alerting/latest/configuration/#webex_config properties: apiURL: - description: |- - The Webex Teams API URL i.e. https://webexapis.com/v1/messages - Provide if different from the default API URL. + description: apiURL defines the Webex Teams API URL i.e. + https://webexapis.com/v1/messages pattern: ^https?://.+$ type: string httpConfig: - description: |- - The HTTP client's configuration. - You must supply the bot token via the `httpConfig.authorization` field. + description: httpConfig defines the HTTP client's configuration. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -9358,7 +9718,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9367,12 +9727,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -9398,7 +9758,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -9425,7 +9785,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -9451,30 +9811,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9497,8 +9862,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9525,7 +9890,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9553,12 +9918,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9594,7 +9959,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9602,33 +9967,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9651,8 +10016,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -9678,12 +10043,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9706,8 +10071,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -9733,11 +10098,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -9763,7 +10129,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9774,7 +10140,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9784,13 +10150,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -9827,7 +10193,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9835,31 +10201,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9882,8 +10249,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9909,12 +10276,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -9937,8 +10304,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -9964,11 +10331,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -9993,7 +10361,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10004,7 +10372,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10014,45 +10382,47 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: Message template + description: message defines the message template type: string roomID: - description: ID of the Webex Teams room where to send - the messages. + description: roomID defines the ID of the Webex Teams + room where to send the messages. minLength: 1 type: string sendResolved: - description: Whether to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean required: - roomID type: object type: array webhookConfigs: - description: List of webhook configurations. + description: webhookConfigs defines the List of webhook configurations. items: description: |- WebhookConfig configures notifications via a generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for webhook requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -10077,7 +10447,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -10086,12 +10456,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -10117,7 +10487,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -10144,7 +10514,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -10170,30 +10540,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10216,8 +10591,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10244,7 +10619,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -10272,12 +10647,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -10313,7 +10688,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10321,33 +10696,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10370,8 +10745,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -10397,12 +10772,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10425,8 +10800,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -10452,11 +10827,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -10482,7 +10858,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10493,7 +10869,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10503,13 +10879,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -10546,7 +10922,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10554,31 +10930,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10601,8 +10978,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10628,12 +11005,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -10656,8 +11033,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -10683,11 +11060,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -10712,7 +11090,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10723,7 +11101,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10733,37 +11111,38 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object maxAlerts: - description: Maximum number of alerts to be sent per webhook - message. When 0, all alerts are included. + description: |- + maxAlerts defines the maximum number of alerts to be sent per webhook message. + When 0, all alerts are included in the webhook payload. format: int32 minimum: 0 type: integer sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean timeout: description: |- - The maximum time to wait for a webhook request to complete, before failing the - request and allowing it to be retried. + timeout defines the maximum time to wait for a webhook request to complete, + before failing the request and allowing it to be retried. It requires Alertmanager >= v0.28.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string url: description: |- - The URL to send HTTP POST requests to. `urlSecret` takes precedence over - `url`. One of `urlSecret` and `url` should be defined. + url defines the URL to send HTTP POST requests to. + urlSecret takes precedence over url. One of urlSecret and url should be defined. type: string urlSecret: description: |- - The secret's key that contains the webhook URL to send HTTP requests to. - `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` - should be defined. + urlSecret defines the secret's key that contains the webhook URL to send HTTP requests to. + urlSecret takes precedence over url. One of urlSecret and url should be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -10791,17 +11170,20 @@ spec: type: object type: array wechatConfigs: - description: List of WeChat configurations. + description: wechatConfigs defines the list of WeChat configurations. items: description: |- WeChatConfig configures notifications via WeChat. See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config properties: agentID: + description: |- + agentID defines the application agent ID within WeChat Work. + This identifies which WeChat Work application will send the notifications. type: string apiSecret: description: |- - The secret's key that contains the WeChat API key. + apiSecret defines the secret's key that contains the WeChat API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. properties: @@ -10827,23 +11209,28 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The WeChat API URL. + description: |- + apiURL defines the WeChat API URL. + When not specified, defaults to the standard WeChat Work API endpoint. type: string corpID: - description: The corp id for authentication. + description: |- + corpID defines the corp id for authentication. + This is the unique identifier for your WeChat Work organization. type: string httpConfig: - description: HTTP client configuration. + description: httpConfig defines the HTTP client configuration + for WeChat API requests. properties: authorization: description: |- - Authorization header configuration for the client. + authorization defines the authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. properties: credentials: - description: Selects a key of a Secret in the - namespace that contains the credentials for - authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials + for authentication. properties: key: description: The key of the secret to select @@ -10868,7 +11255,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -10877,12 +11264,12 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. + basicAuth defines the basic authentication credentials for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -10908,7 +11295,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -10935,7 +11322,7 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client + bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -10961,30 +11348,35 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the - client should follow HTTP 3xx redirects. + description: |- + followRedirects specifies whether the client should follow HTTP 3xx redirects. + When true, the client will automatically follow redirect responses. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch - a token for the targets. + description: |- + oauth2 defines the OAuth2 client credentials used to fetch a token for the targets. + This enables OAuth2 authentication flow for HTTP requests. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11007,8 +11399,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11035,7 +11427,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -11063,12 +11455,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11104,7 +11496,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11112,33 +11504,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy - server to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes - used for the token request.' + description: scopes defines the OAuth2 scopes + used for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when - verifying server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11161,8 +11553,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -11188,12 +11580,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present - when doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data - to use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11216,8 +11608,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to - use for the targets. + description: secret defines the Secret + containing data to use for the targets. properties: key: description: The key of the secret @@ -11243,11 +11635,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how + to disable target certificate validation. type: boolean keySecret: - description: Secret containing the client - key file for the targets. + description: keySecret defines the Secret + containing the client key file for the targets. properties: key: description: The key of the secret to @@ -11273,7 +11666,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11284,7 +11677,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11294,13 +11687,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for - the targets. + description: serverName is used to verify + the hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to - fetch the token from.' + description: tokenUrl defines the URL to fetch + the token from. minLength: 1 type: string required: @@ -11337,7 +11730,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11345,31 +11738,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyURL: description: |- - Optional proxy URL. - + proxyURL defines an optional proxy URL for HTTP requests. If defined, this field takes precedence over `proxyUrl`. type: string proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: |- + tlsConfig defines the TLS configuration for the client. + This includes settings for certificates, CA validation, and TLS protocol options. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11392,8 +11786,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11419,12 +11813,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -11447,8 +11841,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -11474,11 +11868,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -11503,7 +11898,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11514,7 +11909,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11524,25 +11919,39 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object type: object message: - description: API request data as defined by the WeChat - API. + description: |- + message defines the API request data as defined by the WeChat API. + This contains the actual notification content to be sent. type: string messageType: + description: |- + messageType defines the type of message to send. + Valid values include "text", "markdown", and other WeChat Work supported message types. type: string sendResolved: - description: Whether or not to notify about resolved alerts. + description: sendResolved defines whether or not to notify + about resolved alerts. type: boolean toParty: + description: |- + toParty defines the target department(s) to receive the notification. + Can be a single department ID or multiple department IDs separated by '|'. type: string toTag: + description: |- + toTag defines the target tag(s) to receive the notification. + Can be a single tag ID or multiple tag IDs separated by '|'. type: string toUser: + description: |- + toUser defines the target user(s) to receive the notification. + Can be a single user ID or multiple user IDs separated by '|'. type: string type: object type: array @@ -11552,25 +11961,25 @@ spec: type: array route: description: |- - The Alertmanager route definition for alerts matching the resource's + route defines the Alertmanager route definition for alerts matching the resource's namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route. properties: activeTimeIntervals: - description: ActiveTimeIntervals is a list of MuteTimeInterval + description: activeTimeIntervals is a list of MuteTimeInterval names when this route should be active. items: type: string type: array continue: description: |- - Boolean indicating whether an alert should continue matching subsequent + continue defines the boolean indicating whether an alert should continue matching subsequent sibling nodes. It will always be overridden to true for the first-level route by the Prometheus operator. type: boolean groupBy: description: |- - List of labels to group by. + groupBy defines the list of labels to group by. Labels must not be repeated (unique list). Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list. items: @@ -11578,19 +11987,19 @@ spec: type: array groupInterval: description: |- - How long to wait before sending an updated notification. + groupInterval defines how long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "5m" type: string groupWait: description: |- - How long to wait before sending the initial notification. + groupWait defines how long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "30s" type: string matchers: description: |- - List of matchers that the alert's labels should match. For the first + matchers defines the list of matchers that the alert's labels should match. For the first level route, the operator removes any existing equality and regexp matcher on the `namespace` label and adds a `namespace: ` matcher. @@ -11599,8 +12008,9 @@ spec: properties: matchType: description: |- - Match operation available with AlertManager >= v0.22.0 and - takes precedence over Regex (deprecated) if non-empty. + matchType defines the match operation available with AlertManager >= v0.22.0. + Takes precedence over Regex (deprecated) if non-empty. + Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match). enum: - '!=' - = @@ -11608,47 +12018,44 @@ spec: - '!~' type: string name: - description: Label to match. + description: |- + name defines the label to match. + This specifies which alert label should be evaluated. minLength: 1 type: string regex: description: |- - Whether to match on equality (false) or regular-expression (true). + regex defines whether to match on equality (false) or regular-expression (true). Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead. type: boolean value: - description: Label value to match. + description: |- + value defines the label value to match. + This is the expected value for the specified label. type: string required: - name type: object type: array muteTimeIntervals: - description: |- - Note: this comment applies to the field definition above but appears - below otherwise it gets included in the generated manifest. - CRD schema doesn't support self-referential types for now (see - https://github.com/kubernetes/kubernetes/issues/62872). We have to use - an alternative type to circumvent the limitation. The downside is that - the Kube API can't validate the data beyond the fact that it is a valid - JSON representation. - MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, + description: muteTimeIntervals is a list of MuteTimeInterval names + that will mute this route when matched, items: type: string type: array receiver: description: |- - Name of the receiver for this route. If not empty, it should be listed in + receiver defines the name of the receiver for this route. If not empty, it should be listed in the `receivers` field. type: string repeatInterval: description: |- - How long to wait before repeating the last notification. + repeatInterval defines how long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "4h" type: string routes: - description: Child routes. + description: routes defines the child routes. items: x-kubernetes-preserve-unknown-fields: true type: array diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml index 127d60f246bb..2b0922550095 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-alertmanagers.yaml @@ -1,5 +1,5 @@ {{- if .Values.alertmanagers.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: alertmanagers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -80,12 +80,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Alertmanager cluster. More info: + spec defines the specification of the desired behavior of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'Alertmanager' container. + additionalArgs allows setting additional arguments for the 'Alertmanager' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the Alertmanager container which may cause issues if they are invalid or not supported @@ -94,25 +94,25 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array additionalPeers: - description: AdditionalPeers allows injecting a set of additional + description: additionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. items: type: string type: array affinity: - description: If specified, the pod's scheduling constraints. + description: affinity defines the pod's scheduling constraints. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -680,8 +680,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1025,13 +1025,13 @@ spec: type: object alertmanagerConfigMatcherStrategy: description: |- - AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects + alertmanagerConfigMatcherStrategy defines how AlertmanagerConfig objects process incoming alerts. properties: type: default: OnNamespace description: |- - AlertmanagerConfigMatcherStrategyType defines the strategy used by + type defines the strategy used by AlertmanagerConfig objects to match alerts in the routes and inhibition rules. @@ -1044,7 +1044,7 @@ spec: type: object alertmanagerConfigNamespaceSelector: description: |- - Namespaces to be selected for AlertmanagerConfig discovery. If nil, only + alertmanagerConfigNamespaceSelector defines the namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. properties: matchExpressions: @@ -1091,8 +1091,8 @@ spec: type: object x-kubernetes-map-type: atomic alertmanagerConfigSelector: - description: AlertmanagerConfigs to be selected for to merge and configure - Alertmanager with. + description: alertmanagerConfigSelector defines the selector to be + used for to merge and configure Alertmanager with. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1139,7 +1139,7 @@ spec: x-kubernetes-map-type: atomic alertmanagerConfiguration: description: |- - alertmanagerConfiguration specifies the configuration of Alertmanager. + alertmanagerConfiguration defines the configuration of Alertmanager. If defined, it takes precedence over the `configSecret` field. @@ -1147,20 +1147,23 @@ spec: in a breaking way. properties: global: - description: Defines the global parameters of the Alertmanager + description: global defines the global parameters of the Alertmanager configuration. properties: httpConfig: - description: HTTP client configuration. + description: httpConfig defines the default HTTP configuration. properties: authorization: description: |- - Authorization header configuration for the client. - This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + authorization configures the Authorization header credentials used by + the client. + + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret + in the namespace that contains the credentials for + authentication. properties: key: description: The key of the secret to select from. Must @@ -1185,7 +1188,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1194,12 +1197,14 @@ spec: type: object basicAuth: description: |- - BasicAuth for the client. - This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. + basicAuth defines the Basic Authentication credentials used by the + client. + + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1225,7 +1230,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1252,10 +1257,14 @@ spec: type: object bearerTokenSecret: description: |- - The secret's key that contains the bearer token to be used by the client - for authentication. - The secret needs to be in the same namespace as the Alertmanager - object and accessible by the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. + + Deprecated: use `authorization` instead. properties: key: description: The key of the secret to select from. Must @@ -1278,30 +1287,38 @@ spec: - key type: object x-kubernetes-map-type: atomic + enableHttp2: + description: enableHttp2 can be used to disable HTTP2. + type: boolean followRedirects: - description: FollowRedirects specifies whether the client - should follow HTTP 3xx redirects. + description: |- + followRedirects defines whether the client should follow HTTP 3xx + redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: OAuth2 client credentials used to fetch a - token for the targets. + description: |- + oauth2 defines the OAuth2 settings used by the client. + + It requires Prometheus >= 2.27.0. + + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1324,8 +1341,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1351,7 +1368,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1379,12 +1396,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1419,7 +1436,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1427,33 +1444,33 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server + to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used - for the token request.' + description: scopes defines the OAuth2 scopes used + for the token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1476,8 +1493,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1503,12 +1520,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when - doing client-authentication. + description: cert defines the Client certificate + to present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to - use for the targets. + description: configMap defines the ConfigMap + containing data to use for the targets. properties: key: description: The key to select. @@ -1531,8 +1548,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use - for the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to @@ -1558,11 +1575,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to + disable target certificate validation. type: boolean keySecret: - description: Secret containing the client key - file for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select @@ -1587,7 +1605,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1598,7 +1616,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1608,13 +1626,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the - targets. + description: serverName is used to verify the + hostname for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch - the token from.' + description: tokenUrl defines the URL to fetch the + token from. minLength: 1 type: string required: @@ -1651,7 +1669,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1659,25 +1677,26 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server - to use.' + description: proxyUrl defines the HTTP proxy server to + use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS configuration for the client. + description: tlsConfig defines the TLS configuration used + by the client. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1700,8 +1719,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1726,12 +1745,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1754,8 +1773,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1780,11 +1799,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1809,7 +1829,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1820,7 +1840,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1830,23 +1850,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object type: object jira: - description: The default configuration for Jira. + description: jira defines the default configuration for Jira. properties: apiURL: description: |- - The default Jira API URL. + apiURL defines the default Jira API URL. It requires Alertmanager >= v0.28.0. pattern: ^(http|https)://.+$ type: string type: object opsGenieApiKey: - description: The default OpsGenie API Key. + description: opsGenieApiKey defines the default OpsGenie API + Key. properties: key: description: The key of the secret to select from. Must @@ -1870,7 +1892,8 @@ spec: type: object x-kubernetes-map-type: atomic opsGenieApiUrl: - description: The default OpsGenie API URL. + description: opsGenieApiUrl defines the default OpsGenie API + URL. properties: key: description: The key of the secret to select from. Must @@ -1894,28 +1917,30 @@ spec: type: object x-kubernetes-map-type: atomic pagerdutyUrl: - description: The default Pagerduty URL. + description: pagerdutyUrl defines the default Pagerduty URL. + pattern: ^(http|https)://.+$ type: string resolveTimeout: description: |- - ResolveTimeout is the default value used by alertmanager if the alert does + resolveTimeout defines the default value used by alertmanager if the alert does not include EndsAt, after this time passes it can declare the alert as resolved if it has not been updated. This has no impact on alerts from Prometheus, as they always include EndsAt. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string rocketChat: - description: The default configuration for Rocket Chat. + description: rocketChat defines the default configuration + for Rocket Chat. properties: apiURL: description: |- - The default Rocket Chat API URL. + apiURL defines the default Rocket Chat API URL. It requires Alertmanager >= v0.28.0. pattern: ^(http|https)://.+$ type: string token: description: |- - The default Rocket Chat token. + token defines the default Rocket Chat token. It requires Alertmanager >= v0.28.0. properties: @@ -1942,7 +1967,7 @@ spec: x-kubernetes-map-type: atomic tokenID: description: |- - The default Rocket Chat Token ID. + tokenID defines the default Rocket Chat Token ID. It requires Alertmanager >= v0.28.0. properties: @@ -1969,7 +1994,7 @@ spec: x-kubernetes-map-type: atomic type: object slackApiUrl: - description: The default Slack API URL. + description: slackApiUrl defines the default Slack API URL. properties: key: description: The key of the secret to select from. Must @@ -1993,13 +2018,14 @@ spec: type: object x-kubernetes-map-type: atomic smtp: - description: Configures global SMTP parameters. + description: smtp defines global SMTP parameters. properties: authIdentity: - description: SMTP Auth using PLAIN + description: authIdentity represents SMTP Auth using PLAIN type: string authPassword: - description: SMTP Auth using LOGIN and PLAIN. + description: authPassword represents SMTP Auth using LOGIN + and PLAIN. properties: key: description: The key of the secret to select from. Must @@ -2023,7 +2049,7 @@ spec: type: object x-kubernetes-map-type: atomic authSecret: - description: SMTP Auth using CRAM-MD5. + description: authSecret represents SMTP Auth using CRAM-MD5. properties: key: description: The key of the secret to select from. Must @@ -2047,34 +2073,35 @@ spec: type: object x-kubernetes-map-type: atomic authUsername: - description: SMTP Auth using CRAM-MD5, LOGIN and PLAIN. - If empty, Alertmanager doesn't authenticate to the SMTP - server. + description: authUsername represents SMTP Auth using CRAM-MD5, + LOGIN and PLAIN. If empty, Alertmanager doesn't authenticate + to the SMTP server. type: string from: - description: The default SMTP From header field. + description: from defines the default SMTP From header + field. type: string hello: - description: The default hostname to identify to the SMTP - server. + description: hello defines the default hostname to identify + to the SMTP server. type: string requireTLS: description: |- - The default SMTP TLS requirement. + requireTLS defines the default SMTP TLS requirement. Note that Go does not support unencrypted connections to remote SMTP endpoints. type: boolean smartHost: - description: The default SMTP smarthost used for sending - emails. + description: smartHost defines the default SMTP smarthost + used for sending emails. properties: host: - description: Defines the host's address, it can be - a DNS name or a literal IP address. + description: host defines the host's address, it can + be a DNS name or a literal IP address. minLength: 1 type: string port: - description: Defines the host's port, it can be a - literal port number or a port name. + description: port defines the host's port, it can + be a literal port number or a port name. minLength: 1 type: string required: @@ -2082,15 +2109,16 @@ spec: - port type: object tlsConfig: - description: The default TLS configuration for SMTP receivers + description: tlsConfig defines the default TLS configuration + for SMTP receivers properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority + used when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2113,8 +2141,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2139,12 +2167,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use - for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2167,8 +2195,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for - the targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2193,11 +2221,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file - for the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2222,7 +2251,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2233,7 +2262,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2243,26 +2272,29 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object type: object telegram: - description: The default Telegram config + description: telegram defines the default Telegram config properties: apiURL: description: |- - The default Telegram API URL. + apiURL defines he default Telegram API URL. It requires Alertmanager >= v0.24.0. pattern: ^(http|https)://.+$ type: string type: object victorops: - description: The default configuration for VictorOps. + description: victorops defines the default configuration for + VictorOps. properties: apiKey: - description: The default VictorOps API Key. + description: apiKey defines the default VictorOps API + Key. properties: key: description: The key of the secret to select from. Must @@ -2286,30 +2318,33 @@ spec: type: object x-kubernetes-map-type: atomic apiURL: - description: The default VictorOps API URL. + description: apiURL defines the default VictorOps API + URL. pattern: ^(http|https)://.+$ type: string type: object webex: - description: The default configuration for Jira. + description: webex defines the default configuration for Jira. properties: apiURL: description: |- - The default Webex API URL. + apiURL defines the is the default Webex API URL. It requires Alertmanager >= v0.25.0. pattern: ^(http|https)://.+$ type: string type: object wechat: - description: The default WeChat Config + description: wechat defines the default WeChat Config properties: apiCorpID: - description: The default WeChat API Corporate ID. + description: apiCorpID defines the default WeChat API + Corporate ID. minLength: 1 type: string apiSecret: - description: The default WeChat API Secret. + description: apiSecret defines the default WeChat API + Secret. properties: key: description: The key of the secret to select from. Must @@ -2334,7 +2369,7 @@ spec: x-kubernetes-map-type: atomic apiURL: description: |- - The default WeChat API URL. + apiURL defines he default WeChat API URL. The default value is "https://qyapi.weixin.qq.com/cgi-bin/" pattern: ^(http|https)://.+$ type: string @@ -2342,19 +2377,20 @@ spec: type: object name: description: |- - The name of the AlertmanagerConfig resource which is used to generate the Alertmanager configuration. + name defines the name of the AlertmanagerConfig custom resource which is used to generate the Alertmanager configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules. minLength: 1 type: string templates: - description: Custom notification templates. + description: templates defines the custom notification templates. items: description: SecretOrConfigMap allows to specify data as a Secret or ConfigMap. Fields are mutually exclusive. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2377,7 +2413,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2405,53 +2442,56 @@ spec: type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the service account has `automountServiceAccountToken: true`, set the field to `false` to opt out of automounting API credentials. type: boolean baseImage: description: |- - Base image that is used to deploy pods, without tag. + baseImage that is used to deploy pods, without tag. Deprecated: use 'image' instead. type: string clusterAdvertiseAddress: description: |- - ClusterAdvertiseAddress is the explicit address to advertise in cluster. + clusterAdvertiseAddress defines the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918 type: string clusterGossipInterval: - description: Interval between gossip attempts. + description: clusterGossipInterval defines the interval between gossip + attempts. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterLabel: description: |- - Defines the identifier that uniquely identifies the Alertmanager cluster. + clusterLabel defines the identifier that uniquely identifies the Alertmanager cluster. You should only set it when the Alertmanager cluster includes Alertmanager instances which are external to this Alertmanager resource. In practice, the addresses of the external instances are provided via the `.spec.additionalPeers` field. type: string clusterPeerTimeout: - description: Timeout for cluster peering. + description: clusterPeerTimeout defines the timeout for cluster peering. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterPushpullInterval: - description: Interval between pushpull attempts. + description: clusterPushpullInterval defines the interval between + pushpull attempts. pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string clusterTLS: description: |- - Configures the mutual TLS configuration for the Alertmanager cluster's gossip protocol. + clusterTLS defines the mutual TLS configuration for the Alertmanager cluster's gossip protocol. It requires Alertmanager >= 0.24.0. properties: client: - description: Client-side configuration for mutual TLS. + description: client defines the client-side configuration for + mutual TLS. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2474,7 +2514,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2499,11 +2540,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2526,7 +2568,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2551,11 +2594,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2580,7 +2624,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2591,7 +2635,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2601,23 +2645,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object server: - description: Server-side configuration for mutual TLS. + description: server defines the server-side configuration for + mutual TLS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2640,7 +2686,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2666,7 +2713,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -2674,7 +2721,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -2684,14 +2731,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2714,7 +2761,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2740,21 +2788,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -2764,7 +2812,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -2772,7 +2820,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -2800,14 +2848,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -2820,7 +2870,7 @@ spec: type: object configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager + configMaps defines a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into `/etc/alertmanager/configmaps/` in the 'alertmanager' container. @@ -2829,7 +2879,7 @@ spec: type: array configSecret: description: |- - ConfigSecret is the name of a Kubernetes Secret in the same namespace as the + configSecret defines the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to `alertmanager-`. @@ -2844,7 +2894,7 @@ spec: type: string containers: description: |- - Containers allows injecting additional containers. This is meant to + containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. Containers described here modify an operator generated container if they share the same name and modifications are done via a strategic merge @@ -2893,8 +2943,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -2952,6 +3003,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3012,8 +3100,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3040,8 +3128,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3712,7 +3801,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3766,10 +3855,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3781,6 +3870,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4280,11 +4422,11 @@ spec: type: object type: array dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -4293,7 +4435,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -4302,11 +4444,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -4317,7 +4459,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -4326,7 +4468,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -4335,7 +4477,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Alertmanager feature flags. By default, no features are enabled. + enableFeatures defines the Alertmanager's feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. @@ -4345,34 +4487,34 @@ spec: type: string type: array enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean externalUrl: description: |- - The external URL the Alertmanager instances will be available under. This is + externalUrl defines the URL used to access the Alertmanager web service. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. type: string forceEnableClusterMode: description: |- - ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. + forceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. type: boolean hostAliases: - description: Pods' hostAliases configuration + description: hostAliases Pods configuration items: description: |- HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -4384,7 +4526,7 @@ spec: x-kubernetes-list-type: map hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -4393,14 +4535,14 @@ spec: type: boolean image: description: |- - Image if specified has precedence over baseImage, tag and sha + image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured. type: string imagePullPolicy: description: |- - Image pull policy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy for the 'alertmanager', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -4410,7 +4552,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to secrets in the same namespace + imagePullSecrets An optional list of references to secrets in the same namespace to use for pulling prometheus and alertmanager images from registries see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ items: @@ -4432,7 +4574,7 @@ spec: type: array initContainers: description: |- - InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + initContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the Alertmanager configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ InitContainers described here modify an operator @@ -4482,8 +4624,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -4541,6 +4684,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -4601,8 +4781,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -4629,8 +4809,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -5301,7 +5482,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -5355,10 +5536,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -5370,6 +5551,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -5869,18 +6103,19 @@ spec: type: object type: array limits: - description: Defines the limits command line flags when starting Alertmanager. + description: limits defines the limits command line flags when starting + Alertmanager. properties: maxPerSilenceBytes: description: |- - The maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's + maxPerSilenceBytes defines the maximum size of an individual silence as stored on disk. This corresponds to the Alertmanager's `--silences.max-per-silence-bytes` flag. It requires Alertmanager >= v0.28.0. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string maxSilences: description: |- - The maximum number active and pending silences. This corresponds to the + maxSilences defines the maximum number active and pending silences. This corresponds to the Alertmanager's `--silences.max-silences` flag. It requires Alertmanager >= v0.28.0. format: int32 @@ -5889,19 +6124,19 @@ spec: type: object listenLocal: description: |- - ListenLocal makes the Alertmanager server listen on loopback, so that it + listenLocal defines the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication. type: boolean logFormat: - description: Log format for Alertmanager to be configured with. + description: logFormat for Alertmanager to be configured with. enum: - "" - logfmt - json type: string logLevel: - description: Log level for Alertmanager to be configured with. + description: logLevel for Alertmanager to be configured with. enum: - "" - debug @@ -5911,7 +6146,7 @@ spec: type: string minReadySeconds: description: |- - Minimum number of seconds for which a newly created pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -5921,16 +6156,17 @@ spec: nodeSelector: additionalProperties: type: string - description: Define which Nodes the Pods are scheduled on. + description: nodeSelector defines which Nodes the Pods are scheduled + on. type: object paused: description: |- - If set to true all actions on the underlying managed objects are not + paused if set to true all actions on the underlying managed objects are not going to be performed, except for delete actions. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -5953,7 +6189,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Alertmanager pods. + podMetadata defines labels and annotations which are propagated to the Alertmanager pods. The following items are reserved and cannot be overridden: * "alertmanager" label, set to the name of the Alertmanager instance. @@ -5967,7 +6203,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -5976,14 +6212,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -5994,28 +6230,29 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName defines the port's name for the pods and governing service. Defaults to `web`. type: string priorityClassName: - description: Priority class assigned to the Pods + description: priorityClassName assigned to the Pods type: string replicas: description: |- - Size is the expected size of the alertmanager cluster. The controller will + replicas defines the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size. format: int32 type: integer resources: - description: Define resources requests and limits for single Pods. + description: resources defines the resource requests and limits of + the Pods. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -6069,20 +6306,20 @@ spec: retention: default: 120h description: |- - Time duration Alertmanager shall retain data for. Default is '120h', + retention defines the time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` (milliseconds seconds minutes hours). pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string routePrefix: description: |- - The route prefix Alertmanager registers HTTP handlers for. This is useful, + routePrefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Alertmanager + secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into `/etc/alertmanager/secrets/` in the 'alertmanager' container. @@ -6091,7 +6328,7 @@ spec: type: array securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -6325,37 +6562,37 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Alertmanager resource in the same namespace and it must define a selector that matches the pod labels. - If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alermanager resources. + If empty, the operator will create and manage a headless service named `alertmanager-operated` for Alertmanager resources. When deploying multiple Alertmanager resources in the same namespace, it is recommended to specify a different value for each. See https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id for more details. minLength: 1 type: string sha: description: |- - SHA of Alertmanager container image to be deployed. Defaults to the value of `version`. + sha of Alertmanager container image to be deployed. Defaults to the value of `version`. Similar to a tag, but the SHA explicitly deploys an immutable container image. Version and Tag are ignored if SHA is set. Deprecated: use 'image' instead. The image digest can be specified as part of the image URL. type: string storage: description: |- - Storage is the definition of how storage will be used by the Alertmanager + storage defines the definition of how storage will be used by the Alertmanager instances. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -6382,7 +6619,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -6603,15 +6840,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6629,7 +6864,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -6649,14 +6884,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -6665,14 +6900,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -6682,7 +6917,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -6859,15 +7094,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6880,7 +7113,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -7029,13 +7262,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -7067,13 +7298,13 @@ spec: type: object tag: description: |- - Tag of Alertmanager container image to be deployed. Defaults to the value of `version`. + tag of Alertmanager container image to be deployed. Defaults to the value of `version`. Version is ignored if Tag is set. Deprecated: use 'image' instead. The image tag can be specified as part of the image URL. type: string terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the Optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -7082,7 +7313,7 @@ spec: minimum: 0 type: integer tolerations: - description: If specified, the pod's tolerations. + description: tolerations defines the pod's tolerations. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -7121,7 +7352,8 @@ spec: type: object type: array topologySpreadConstraints: - description: If specified, the pod's topology spread constraints. + description: topologySpreadConstraints defines the Pod's topology + spread constraints. items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. @@ -7295,11 +7527,11 @@ spec: type: object type: array version: - description: Version the cluster should be on. + description: version the cluster should be on. type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + volumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, that are generated as a result of StorageSpec objects. items: @@ -7366,7 +7598,7 @@ spec: type: array volumes: description: |- - Volumes allows configuration of additional volumes on the output StatefulSet definition. + volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -8040,15 +8272,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8230,12 +8460,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -8314,7 +8542,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -8734,6 +8962,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -8868,7 +9201,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -9152,28 +9484,30 @@ spec: type: object type: array web: - description: Defines the web command line flags when starting Alertmanager. + description: web defines the web command line flags when starting + Alertmanager. properties: getConcurrency: description: |- - Maximum number of GET requests processed concurrently. This corresponds to the + getConcurrency defines the maximum number of GET requests processed concurrently. This corresponds to the Alertmanager's `--web.get-concurrency` flag. format: int32 type: integer httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -9182,7 +9516,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -9191,7 +9525,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -9201,38 +9535,38 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object timeout: description: |- - Timeout for HTTP requests. This corresponds to the Alertmanager's + timeout for HTTP requests. This corresponds to the Alertmanager's `--web.timeout` flag. format: int32 type: integer tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9255,7 +9589,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9281,7 +9616,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -9289,7 +9624,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -9299,14 +9634,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9329,7 +9664,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9355,21 +9691,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -9379,7 +9715,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -9387,7 +9723,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -9415,14 +9751,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -9433,18 +9771,19 @@ spec: type: object status: description: |- - Most recent observed status of the Alertmanager cluster. Read-only. + status defines the most recent observed status of the Alertmanager cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Alertmanager cluster. format: int32 type: integer conditions: - description: The current state of the Alertmanager object. + description: conditions defines the current state of the Alertmanager + object. items: description: |- Condition represents the state of the resources associated with the @@ -9456,12 +9795,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -9469,14 +9808,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -9490,36 +9829,30 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Alertmanager + replicas defines the total number of non-terminated pods targeted by this Alertmanager object (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Alertmanager object. + description: selector used to match the pods targeted by this Alertmanager + object. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this Alertmanager - object. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Alertmanager object. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Alertmanager + updatedReplicas defines the total number of non-terminated pods targeted by this Alertmanager object that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml index ae591c14fa2e..14c5f972e9a8 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-podmonitors.yaml @@ -1,5 +1,5 @@ {{- if .Values.podmonitors.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: podmonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -55,19 +55,19 @@ spec: metadata: type: object spec: - description: Specification of desired Pod selection for target discovery - by Prometheus. + description: spec defines the specification of desired Pod selection for + target discovery by Prometheus. properties: attachMetadata: description: |- - `attachMetadata` defines additional metadata which is added to the + attachMetadata defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.35.0. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -76,7 +76,7 @@ spec: type: object bodySizeLimit: description: |- - When defined, bodySizeLimit specifies a job level limit on the size + bodySizeLimit when defined specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. @@ -84,12 +84,12 @@ spec: type: string convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -101,7 +101,7 @@ spec: type: string jobLabel: description: |- - The label to use to retrieve the job name from. + jobLabel defines the label to use to retrieve the job name from. `jobLabel` selects the label from the associated Kubernetes `Pod` object which will be used as the `job` label for all metrics. @@ -114,7 +114,7 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -122,44 +122,45 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer namespaceSelector: description: |- - `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. + namespaceSelector defines in which namespace(s) Prometheus should discover the pods. By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace names to + select from. items: type: string type: array type: object nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -169,13 +170,14 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true podMetricsEndpoints: - description: Defines how to scrape metrics from the selected pods. + description: podMetricsEndpoints defines how to scrape metrics from + the selected pods. items: description: |- PodMetricsEndpoint defines an endpoint serving Prometheus metrics to be scraped by @@ -183,14 +185,14 @@ spec: properties: authorization: description: |- - `authorization` configures the Authorization header credentials to use when - scraping the target. + authorization configures the Authorization header credentials used by + the client. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + Cannot be set at the same time as `basicAuth`, `bearerTokenSecret` or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -215,7 +217,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -224,14 +226,14 @@ spec: type: object basicAuth: description: |- - `basicAuth` configures the Basic Authentication credentials to use when - scraping the target. + basicAuth defines the Basic Authentication credentials used by the + client. - Cannot be set at the same time as `authorization`, or `oauth2`. + Cannot be set at the same time as `authorization`, `bearerTokenSecret` or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -257,7 +259,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -284,9 +286,12 @@ spec: type: object bearerTokenSecret: description: |- - `bearerTokenSecret` specifies a key of a Secret containing the bearer - token for scraping targets. The secret needs to be in the same namespace - as the PodMonitor object and readable by the Prometheus Operator. + bearerTokenSecret defines a key of a Secret containing the bearer token + used by the client for authentication. The secret needs to be in the + same namespace as the custom resource and readable by the Prometheus + Operator. + + Cannot be set at the same time as `authorization`, `basicAuth` or `oauth2`. Deprecated: use `authorization` instead. properties: @@ -312,12 +317,11 @@ spec: type: object x-kubernetes-map-type: atomic enableHttp2: - description: '`enableHttp2` can be used to disable HTTP2 when - scraping the target.' + description: enableHttp2 can be used to disable HTTP2. type: boolean filterRunning: description: |- - When true, the pods which are not running (e.g. either in Failed or + filterRunning when true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. @@ -326,29 +330,29 @@ spec: type: boolean followRedirects: description: |- - `followRedirects` defines whether the scrape requests should follow HTTP - 3xx redirects. + followRedirects defines whether the client should follow HTTP 3xx + redirects. type: boolean honorLabels: description: |- - When true, `honorLabels` preserves the metric's labels when they collide + honorLabels when true preserves the metric's labels when they collide with the target's labels. type: boolean honorTimestamps: description: |- - `honorTimestamps` controls whether Prometheus preserves the timestamps + honorTimestamps defines whether Prometheus preserves the timestamps when exposed by the target. type: boolean interval: description: |- - Interval at which Prometheus scrapes the metrics from the target. + interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string metricRelabelings: description: |- - `metricRelabelings` configures the relabeling rules to apply to the + metricRelabelings defines the relabeling rules to apply to the samples before ingestion. items: description: |- @@ -360,7 +364,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -392,41 +396,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -437,7 +441,7 @@ spec: type: array noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -445,20 +449,20 @@ spec: type: string oauth2: description: |- - `oauth2` configures the OAuth2 settings to use when scraping the target. + oauth2 defines the OAuth2 settings used by the client. It requires Prometheus >= 2.27.0. - Cannot be set at the same time as `authorization`, or `basicAuth`. + Cannot be set at the same time as `authorization`, `basicAuth` or `bearerTokenSecret`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -481,7 +485,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -507,7 +512,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -535,12 +540,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -574,7 +579,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -582,33 +587,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -631,8 +635,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -657,12 +661,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -685,8 +689,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -711,11 +715,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -740,7 +745,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -751,7 +756,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -761,12 +766,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -779,22 +785,23 @@ spec: items: type: string type: array - description: '`params` define optional HTTP URL parameters.' + description: params define optional HTTP URL parameters. type: object path: description: |- - HTTP path from which to scrape for metrics. + path defines the HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). type: string port: description: |- - The `Pod` port name which exposes the endpoint. + port defines the `Pod` port name which exposes the endpoint. It takes precedence over the `portNumber` and `targetPort` fields. type: string portNumber: - description: The `Pod` port number which exposes the endpoint. + description: portNumber defines the `Pod` port number which + exposes the endpoint. format: int32 maximum: 65535 minimum: 1 @@ -827,7 +834,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -835,17 +842,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: description: |- - `relabelings` configures the relabeling rules to apply the target's + relabelings defines the relabeling rules to apply the target's metadata labels. The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -863,7 +870,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -895,41 +902,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -940,7 +947,7 @@ spec: type: array scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. @@ -952,7 +959,7 @@ spec: type: string scrapeTimeout: description: |- - Timeout after which Prometheus considers the scrape to be failed. + scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. @@ -964,21 +971,22 @@ spec: - type: integer - type: string description: |- - Name or number of the target port of the `Pod` object behind the Service, the + targetPort defines the name or number of the target port of the `Pod` object behind the Service, the port must be specified with container port property. Deprecated: use 'port' or 'portNumber' instead. x-kubernetes-int-or-string: true tlsConfig: - description: TLS configuration to use when scraping the target. + description: tlsConfig defines the TLS configuration used by + the client. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1001,7 +1009,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1026,11 +1035,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1053,7 +1063,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1078,11 +1089,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1107,7 +1119,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1118,7 +1130,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1128,12 +1140,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object trackTimestampsStaleness: description: |- - `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. @@ -1143,31 +1156,31 @@ spec: type: array podTargetLabels: description: |- - `podTargetLabels` defines the labels which are transferred from the + podTargetLabels defines the labels which are transferred from the associated Kubernetes `Pod` object onto the ingested metrics. items: type: string type: array sampleLimit: description: |- - `sampleLimit` defines a per-scrape limit on the number of scraped samples + sampleLimit defines a per-scrape limit on the number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -1192,8 +1205,8 @@ spec: type: array x-kubernetes-list-type: set selector: - description: Label selector to select the Kubernetes `Pod` objects - to scrape metrics from. + description: selector defines the label selector to select the Kubernetes + `Pod` objects to scrape metrics from. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1240,7 +1253,7 @@ spec: x-kubernetes-map-type: atomic selectorMechanism: description: |- - Mechanism used to select the endpoints to scrape. + selectorMechanism defines the mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. @@ -1252,16 +1265,121 @@ spec: type: string targetLimit: description: |- - `targetLimit` defines a limit on the number of scraped targets that will + targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer required: - selector type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the PodMonitor. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} {{- end -}} diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml index 904edf9fc170..6bb092de45d8 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-probes.yaml @@ -1,5 +1,5 @@ {{- if .Values.probes.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: probes.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -54,15 +54,15 @@ spec: metadata: type: object spec: - description: Specification of desired Ingress selection for target discovery - by Prometheus. + description: spec defines the specification of desired Ingress selection + for target discovery by Prometheus. properties: authorization: - description: Authorization section for this endpoint + description: authorization section for this endpoint properties: credentials: - description: Selects a key of a Secret in the namespace that contains - the credentials for authentication. + description: credentials defines a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -87,7 +87,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -96,12 +96,12 @@ spec: type: object basicAuth: description: |- - BasicAuth allow an endpoint to authenticate over basic authentication. + basicAuth allow an endpoint to authenticate over basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -127,7 +127,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -154,7 +154,7 @@ spec: type: object bearerTokenSecret: description: |- - Secret to mount to read bearer token for scraping targets. The secret + bearerTokenSecret defines the secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the probe and accessible by the Prometheus Operator. properties: @@ -180,12 +180,12 @@ spec: x-kubernetes-map-type: atomic convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -197,16 +197,16 @@ spec: type: string interval: description: |- - Interval at which targets are probed using the configured prober. + interval at which targets are probed using the configured prober. If not specified Prometheus' global scrape interval is used. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string jobName: - description: The job name assigned to scraped metrics by default. + description: jobName assigned to scraped metrics by default. type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -214,24 +214,25 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. + description: metricRelabelings defines the RelabelConfig to apply + to samples before ingestion. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -242,7 +243,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -274,40 +275,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -318,13 +320,13 @@ spec: type: array module: description: |- - The module to use for probing specifying how to probe the target. + module to use for probing specifying how to probe the target. Example module configuring in the blackbox exporter: https://github.com/prometheus/blackbox_exporter/blob/master/example.yml type: string nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -334,22 +336,23 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true oauth2: - description: OAuth2 for the URL. Only valid in Prometheus versions + description: oauth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -372,7 +375,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -398,7 +402,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -426,12 +430,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -465,7 +469,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -473,32 +477,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for the - token request.' + description: scopes defines the OAuth2 scopes used for the token + request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -521,7 +525,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -546,11 +551,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -573,7 +579,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -598,11 +605,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -627,7 +635,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -638,7 +646,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -648,12 +656,12 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the token - from.' + description: tokenUrl defines the URL to fetch the token from. minLength: 1 type: string required: @@ -663,7 +671,7 @@ spec: type: object params: description: |- - The list of HTTP query parameters for the scrape. + params defines the list of HTTP query parameters for the scrape. Please note that the `.spec.module` field takes precedence over the `module` parameter from this list when both are defined. The module name must be added using Module under ProbeSpec. items: @@ -671,11 +679,11 @@ spec: for a Probe. properties: name: - description: The parameter name + description: name defines the parameter name minLength: 1 type: string values: - description: The parameter values + description: values defines the parameter values items: minLength: 1 type: string @@ -691,12 +699,12 @@ spec: x-kubernetes-list-type: map prober: description: |- - Specification for the prober to use for probing targets. + prober defines the specification for the prober to use for probing targets. The prober.URL parameter is required. Targets cannot be probed if left empty. properties: noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -705,7 +713,7 @@ spec: path: default: /probe description: |- - Path to collect metrics from. + path to collect metrics from. Defaults to `/probe`. type: string proxyConnectHeader: @@ -736,7 +744,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -744,17 +752,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. If empty, Prometheus uses the default value `http`. enum: @@ -762,30 +770,30 @@ spec: - https type: string url: - description: Mandatory URL of the prober. + description: url defines the mandatory URL of the prober. type: string required: - url type: object sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped + description: sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -811,18 +819,18 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Timeout for scraping metrics from the Prometheus exporter. + scrapeTimeout defines the timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape timeout is used. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string targetLimit: - description: TargetLimit defines a limit on the number of scraped + description: targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer targets: - description: Targets defines a set of static or dynamically discovered + description: targets defines a set of static or dynamically discovered targets to probe. properties: ingress: @@ -832,22 +840,24 @@ spec: If `staticConfig` is also defined, `staticConfig` takes precedence. properties: namespaceSelector: - description: From which namespaces to select Ingress objects. + description: namespaceSelector defines from which namespaces + to select Ingress objects. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace + names to select from. items: type: string type: array type: object relabelingConfigs: description: |- - RelabelConfigs to apply to the label set of the target before it gets + relabelingConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the @@ -864,7 +874,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -896,41 +906,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -940,7 +950,7 @@ spec: type: object type: array selector: - description: Selector to select the Ingress objects. + description: selector to select the Ingress objects. properties: matchExpressions: description: matchExpressions is a list of label selector @@ -996,12 +1006,12 @@ spec: labels: additionalProperties: type: string - description: Labels assigned to all metrics scraped from the - targets. + description: labels defines all labels assigned to all metrics + scraped from the targets. type: object relabelingConfigs: description: |- - RelabelConfigs to apply to the label set of the targets before it gets + relabelingConfigs defines relabelings to be apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config items: @@ -1014,7 +1024,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1046,41 +1056,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1090,21 +1100,23 @@ spec: type: object type: array static: - description: The list of hosts to probe. + description: static defines the list of hosts to probe. items: type: string type: array type: object type: object tlsConfig: - description: TLS configuration to use when scraping the endpoint. + description: tlsConfig defines the TLS configuration to use when scraping + the endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -1127,7 +1139,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1152,10 +1165,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -1178,7 +1193,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1203,10 +1219,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -1231,7 +1249,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1242,7 +1260,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1252,13 +1270,119 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the Probe. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} {{- end -}} diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml index 6ad3091c4cd2..c6c1b0063b9d 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusagents.yaml @@ -1,5 +1,5 @@ {{- if .Values.prometheusagents.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheusagents.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -78,12 +78,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Prometheus agent. More info: + spec defines the specification of the desired behavior of the Prometheus agent. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'prometheus' container. + additionalArgs allows setting additional arguments for the 'prometheus' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the @@ -97,12 +97,12 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name @@ -110,7 +110,7 @@ spec: type: array additionalScrapeConfigs: description: |- - AdditionalScrapeConfigs allows specifying a key of a Secret containing + additionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified @@ -143,7 +143,8 @@ spec: type: object x-kubernetes-map-type: atomic affinity: - description: Defines the Pods' affinity scheduling rules if specified. + description: affinity defines the Pods' affinity scheduling rules + if specified. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -711,8 +712,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1056,7 +1057,7 @@ spec: type: object apiserverConfig: description: |- - APIServerConfig allows specifying a host and auth methods to access the + apiserverConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod's CA certificate @@ -1064,14 +1065,14 @@ spec: properties: authorization: description: |- - Authorization section for the API server. + authorization section for the API server. Cannot be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`. properties: credentials: - description: Selects a key of a Secret in the namespace that - contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1095,12 +1096,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a secret + from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1109,14 +1110,14 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the API server. + basicAuth configuration for the API server. Cannot be set at the same time as `authorization`, `bearerToken`, or `bearerTokenFile`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1142,7 +1143,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1169,14 +1170,13 @@ spec: type: object bearerToken: description: |- - *Warning: this field shouldn't be used because the token value appears + bearerToken is deprecated: this will be removed in a future release. + *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File to read bearer token for accessing apiserver. + bearerTokenFile defines the file to read bearer token for accessing apiserver. Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. @@ -1184,12 +1184,12 @@ spec: type: string host: description: |- - Kubernetes API address consisting of a hostname or IP address followed + host defines the Kubernetes API address consisting of a hostname or IP address followed by an optional port number. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1223,7 +1223,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1231,24 +1231,24 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS Config to use for the API server. + description: tlsConfig to use for the API server. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1271,7 +1271,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1296,15 +1297,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1327,7 +1329,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1352,19 +1355,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1389,7 +1393,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1400,7 +1404,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1410,7 +1414,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -1418,7 +1423,7 @@ spec: type: object arbitraryFSAccessThroughSMs: description: |- - When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + arbitraryFSAccessThroughSMs when true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value @@ -1430,11 +1435,16 @@ spec: `spec.bearerTokenSecret` field. properties: deny: + description: |- + deny prevents service monitors from accessing arbitrary files on the file system. + When true, service monitors cannot use file-based configurations like BearerTokenFile + that could potentially access sensitive files. When false (default), such access is allowed. + Setting this to true enhances security by preventing potential credential theft attacks. type: boolean type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the field isn't set, the operator mounts the service account token by default. **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. @@ -1442,7 +1452,7 @@ spec: type: boolean bodySizeLimit: description: |- - BodySizeLimit defines per-scrape on response body size. + bodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -1451,7 +1461,7 @@ spec: type: string configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + configMaps defines a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. @@ -1460,7 +1470,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated @@ -1516,8 +1526,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -1575,6 +1586,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -1635,8 +1683,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -1663,8 +1711,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -2335,7 +2384,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -2389,10 +2438,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -2404,6 +2453,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -2904,17 +3006,17 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. type: boolean dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -2923,7 +3025,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -2932,11 +3034,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -2947,7 +3049,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -2956,7 +3058,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -2965,7 +3067,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Prometheus feature flags. By default, no features are enabled. + enableFeatures enables access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -2979,7 +3081,7 @@ spec: x-kubernetes-list-type: set enableOTLPReceiver: description: |- - Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + enableOTLPReceiver defines the Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. @@ -2987,7 +3089,7 @@ spec: type: boolean enableRemoteWriteReceiver: description: |- - Enable Prometheus to be used as a receiver for the Prometheus remote + enableRemoteWriteReceiver defines the Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. @@ -2999,12 +3101,12 @@ spec: It requires Prometheus >= v2.33.0. type: boolean enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedBodySizeLimit: description: |- - When defined, enforcedBodySizeLimit specifies a global limit on the size + enforcedBodySizeLimit when defined specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. @@ -3020,7 +3122,7 @@ spec: type: string enforcedKeepDroppedTargets: description: |- - When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + enforcedKeepDroppedTargets when defined specifies a global limit on the number of targets dropped by relabeling that will be kept in memory. The value overrides any `spec.keepDroppedTargets` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is @@ -3037,7 +3139,7 @@ spec: type: integer enforcedLabelLimit: description: |- - When defined, enforcedLabelLimit specifies a global limit on the number + enforcedLabelLimit when defined specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. @@ -3053,7 +3155,7 @@ spec: type: integer enforcedLabelNameLengthLimit: description: |- - When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + enforcedLabelNameLengthLimit when defined specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. @@ -3069,7 +3171,7 @@ spec: type: integer enforcedLabelValueLengthLimit: description: |- - When not null, enforcedLabelValueLengthLimit defines a global limit on the length + enforcedLabelValueLengthLimit when not null defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. @@ -3085,7 +3187,7 @@ spec: type: integer enforcedNamespaceLabel: description: |- - When not empty, a label will be added to: + enforcedNamespaceLabel when not empty, a label will be added to: 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. @@ -3100,7 +3202,7 @@ spec: type: string enforcedSampleLimit: description: |- - When defined, enforcedSampleLimit specifies a global limit on the number + enforcedSampleLimit when defined specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than @@ -3118,7 +3220,7 @@ spec: type: integer enforcedTargetLimit: description: |- - When defined, enforcedTargetLimit specifies a global limit on the number + enforcedTargetLimit when defined specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. @@ -3135,7 +3237,7 @@ spec: type: integer excludedFromEnforcement: description: |- - List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + excludedFromEnforcement defines the list of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if `spec.enforcedNamespaceLabel` set to true. @@ -3145,23 +3247,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -3178,20 +3280,20 @@ spec: additionalProperties: type: string description: |- - The labels to add to any time series or alerts when communicating with + externalLabels defines the labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list. type: object externalUrl: description: |- - The external URL under which the Prometheus service is externally + externalUrl defines the external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). type: string hostAliases: description: |- - Optional list of hosts and IPs that will be injected into the Pod's + hostAliases defines the optional list of hosts and IPs that will be injected into the Pod's hosts file if specified. items: description: |- @@ -3199,12 +3301,12 @@ spec: pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -3216,7 +3318,7 @@ spec: x-kubernetes-list-type: map hostNetwork: description: |- - Use the host's network namespace if true. + hostNetwork defines the host's network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). @@ -3227,7 +3329,7 @@ spec: type: boolean hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -3236,14 +3338,14 @@ spec: type: boolean ignoreNamespaceSelectors: description: |- - When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + ignoreNamespaceSelectors when true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object. type: boolean image: description: |- - Container image name for Prometheus. If specified, it takes precedence + image defines the container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. Specifying `spec.version` is still necessary to ensure the Prometheus @@ -3255,7 +3357,7 @@ spec: type: string imagePullPolicy: description: |- - Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines the image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -3265,7 +3367,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to Secrets in the same namespace + imagePullSecrets defines an optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -3287,7 +3389,7 @@ spec: type: array initContainers: description: |- - InitContainers allows injecting initContainers to the Pod definition. Those + initContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: @@ -3343,8 +3445,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -3402,6 +3505,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3462,8 +3602,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3490,8 +3630,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -4162,7 +4303,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -4216,10 +4357,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -4231,6 +4372,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4731,7 +4925,7 @@ spec: type: array keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -4742,7 +4936,7 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4751,7 +4945,7 @@ spec: type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4760,7 +4954,7 @@ spec: type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -4769,11 +4963,11 @@ spec: type: integer listenLocal: description: |- - When true, the Prometheus server listens on the loopback address + listenLocal when true, the Prometheus server listens on the loopback address instead of the Pod IP's address. type: boolean logFormat: - description: Log format for Log level for Prometheus and the config-reloader + description: logFormat for Log level for Prometheus and the config-reloader sidecar. enum: - "" @@ -4781,7 +4975,7 @@ spec: - json type: string logLevel: - description: Log level for Prometheus and the config-reloader sidecar. + description: logLevel for Prometheus and the config-reloader sidecar. enum: - "" - debug @@ -4791,14 +4985,14 @@ spec: type: string maximumStartupDurationSeconds: description: |- - Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. - If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). + maximumStartupDurationSeconds defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 900 seconds (15 minutes). format: int32 minimum: 60 type: integer minReadySeconds: description: |- - Minimum number of seconds for which a newly created Pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -4807,7 +5001,7 @@ spec: type: integer mode: description: |- - Mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). + mode defines how the Prometheus operator deploys the PrometheusAgent pod(s). (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled. enum: @@ -4816,7 +5010,7 @@ spec: type: string nameEscapingScheme: description: |- - Specifies the character escaping scheme that will be requested when scraping + nameEscapingScheme defines the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. @@ -4829,7 +5023,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. enum: @@ -4839,21 +5033,21 @@ spec: nodeSelector: additionalProperties: type: string - description: Defines on which Nodes the Pods are scheduled. + description: nodeSelector defines on which Nodes the Pods are scheduled. type: object otlp: description: |- - Settings related to the OTLP receiver feature. + otlp defines the settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. properties: convertHistogramsToNHCB: description: |- - Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. + convertHistogramsToNHCB defines optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. It requires Prometheus >= v3.4.0. type: boolean ignoreResourceAttributes: description: |- - List of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. + ignoreResourceAttributes defines the list of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. It requires `promoteAllResourceAttributes` to be true. It requires Prometheus >= v3.5.0. @@ -4865,21 +5059,21 @@ spec: x-kubernetes-list-type: set keepIdentifyingResourceAttributes: description: |- - Enables adding `service.name`, `service.namespace` and `service.instance.id` + keepIdentifyingResourceAttributes enables adding `service.name`, `service.namespace` and `service.instance.id` resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. It requires Prometheus >= v3.1.0. type: boolean promoteAllResourceAttributes: description: |- - Promote all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. + promoteAllResourceAttributes promotes all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. Cannot be true when `promoteResourceAttributes` is defined. It requires Prometheus >= v3.5.0. type: boolean promoteResourceAttributes: description: |- - List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + promoteResourceAttributes defines the list of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. Cannot be defined when `promoteAllResourceAttributes` is true. items: minLength: 1 @@ -4887,39 +5081,46 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + promoteScopeMetadata: + description: |- + promoteScopeMetadata controls whether to promote OpenTelemetry scope metadata (i.e. name, version, schema URL, and attributes) to metric labels. + As per the OpenTelemetry specification, the aforementioned scope metadata should be identifying, i.e. made into metric labels. + It requires Prometheus >= v3.6.0. + type: boolean translationStrategy: description: |- - Configures how the OTLP receiver endpoint translates the incoming metrics. + translationStrategy defines how the OTLP receiver endpoint translates the incoming metrics. It requires Prometheus >= v3.0.0. enum: - NoUTF8EscapingWithSuffixes - UnderscoreEscapingWithSuffixes - NoTranslation + - UnderscoreEscapingWithoutSuffixes type: string type: object overrideHonorLabels: description: |- - When true, Prometheus resolves label conflicts by renaming the labels in the scraped data + overrideHonorLabels when true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from ServiceMonitor, PodMonitor and ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies. - In practice,`overrideHonorLaels:true` enforces `honorLabels:false` + In practice,`OverrideHonorLabels:true` enforces `honorLabels:false` for all ServiceMonitor, PodMonitor and ScrapeConfig objects. type: boolean overrideHonorTimestamps: description: |- - When true, Prometheus ignores the timestamps for all the targets created + overrideHonorTimestamps when true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. type: boolean paused: description: |- - When a Prometheus deployment is paused, no actions except for deletion + paused defines when a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy defines the field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -4942,7 +5143,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + podMetadata defines labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * "prometheus" label, set to the name of the Prometheus object. @@ -4958,7 +5159,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -4967,14 +5168,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -4984,7 +5185,7 @@ spec: type: object podMonitorNamespaceSelector: description: |- - Namespaces to match for PodMonitors discovery. An empty label selector + podMonitorNamespaceSelector defines the namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -5033,7 +5234,7 @@ spec: x-kubernetes-map-type: atomic podMonitorSelector: description: |- - PodMonitors to be selected for target discovery. An empty label selector + podMonitorSelector defines the podMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5090,7 +5291,7 @@ spec: x-kubernetes-map-type: atomic podTargetLabels: description: |- - PodTargetLabels are appended to the `spec.podTargetLabels` field of all + podTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects. items: type: string @@ -5098,15 +5299,15 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName used for the pods and governing service. Default: "web" type: string priorityClassName: - description: Priority class assigned to the Pods. + description: priorityClassName assigned to the Pods. type: string probeNamespaceSelector: description: |- - Namespaces to match for Probe discovery. An empty label + probeNamespaceSelector defines the namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -5155,7 +5356,7 @@ spec: x-kubernetes-map-type: atomic probeSelector: description: |- - Probes to be selected for target discovery. An empty label selector + probeSelector defines the probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5212,7 +5413,7 @@ spec: x-kubernetes-map-type: atomic prometheusExternalLabelName: description: |- - Name of Prometheus external label used to denote the Prometheus instance + prometheusExternalLabelName defines the name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -5220,14 +5421,14 @@ spec: type: string reloadStrategy: description: |- - Defines the strategy used to reload the Prometheus configuration. + reloadStrategy defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. enum: - HTTP - ProcessSignal type: string remoteWrite: - description: Defines the list of remote write configurations. + description: remoteWrite defines the list of remote write configurations. items: description: |- RemoteWriteSpec defines the configuration to write samples from Prometheus @@ -5235,15 +5436,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -5267,12 +5468,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5281,15 +5482,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -5297,32 +5498,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -5346,9 +5548,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -5359,29 +5561,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5407,7 +5609,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5434,23 +5636,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -5458,14 +5659,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -5482,37 +5683,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5520,7 +5721,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -5528,12 +5729,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5556,7 +5757,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5582,7 +5784,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5610,12 +5812,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5649,7 +5851,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5657,33 +5859,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5706,8 +5907,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5732,12 +5933,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5760,8 +5961,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5786,11 +5987,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5815,7 +6017,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5826,7 +6028,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5836,12 +6038,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5877,7 +6080,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5885,89 +6088,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -5975,14 +6177,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -5990,7 +6192,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -6015,18 +6217,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -6050,17 +6254,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6083,7 +6292,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6108,15 +6318,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6139,7 +6350,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6164,19 +6376,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6201,7 +6414,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6212,7 +6425,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6222,15 +6435,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -6241,7 +6457,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6273,41 +6489,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6322,7 +6538,7 @@ spec: type: array remoteWriteReceiverMessageVersions: description: |- - List of the protobuf message versions to accept when receiving the + remoteWriteReceiverMessageVersions list of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. @@ -6336,7 +6552,7 @@ spec: x-kubernetes-list-type: set replicaExternalLabelName: description: |- - Name of Prometheus external label used to denote the replica name. + replicaExternalLabelName defines the name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -6344,7 +6560,7 @@ spec: type: string replicas: description: |- - Number of replicas of each shard to deploy for a Prometheus deployment. + replicas defines the number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. @@ -6352,15 +6568,15 @@ spec: format: int32 type: integer resources: - description: Defines the resources requests and limits of the 'prometheus' - container. + description: resources defines the resources requests and limits of + the 'prometheus' container. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -6413,7 +6629,7 @@ spec: type: object routePrefix: description: |- - The route prefix Prometheus registers HTTP handlers for. + routePrefix defines the route prefix Prometheus registers HTTP handlers for. This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but @@ -6421,12 +6637,12 @@ spec: for use with `kubectl proxy`. type: string runtime: - description: RuntimeConfig configures the values for the Prometheus - process behavior + description: runtime defines the values for the Prometheus process + behavior properties: goGC: description: |- - The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + goGC defines the Go garbage collection target percentage. Lowering this number may increase the CPU usage. See: https://tip.golang.org/doc/gc-guide#GOGC format: int32 minimum: -1 @@ -6434,7 +6650,7 @@ spec: type: object sampleLimit: description: |- - SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -6443,7 +6659,7 @@ spec: type: integer scrapeClasses: description: |- - List of scrape classes to expose to scraping objects such as + scrapeClasses defines the list of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an *experimental feature*, it may change in any upcoming release @@ -6452,13 +6668,13 @@ spec: properties: attachMetadata: description: |- - AttachMetadata configures additional metadata to the discovered targets. + attachMetadata defines additional metadata to the discovered targets. When the scrape object defines its own configuration, it takes precedence over the scrape class configuration. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -6467,12 +6683,12 @@ spec: type: object authorization: description: |- - Authorization section for the ScrapeClass. + authorization section for the ScrapeClass. It will only apply if the scrape resource doesn't specify any Authorization. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6496,12 +6712,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6510,14 +6726,14 @@ spec: type: object default: description: |- - Default indicates that the scrape applies to all scrape objects that + default defines that the scrape applies to all scrape objects that don't configure an explicit scrape class name. Only one scrape class can be set as the default. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol It requires Prometheus >= v3.0.0. @@ -6530,7 +6746,7 @@ spec: type: string metricRelabelings: description: |- - MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. + metricRelabelings defines the relabeling rules to apply to all samples before ingestion. The Operator adds the scrape class metric relabelings defined here. Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. @@ -6547,7 +6763,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6579,41 +6795,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6623,12 +6839,12 @@ spec: type: object type: array name: - description: Name of the scrape class. + description: name of the scrape class. minLength: 1 type: string relabelings: description: |- - Relabelings configures the relabeling rules to apply to all scrape targets. + relabelings defines the relabeling rules to apply to all scrape targets. The Operator automatically adds relabelings for a few standard Kubernetes fields like `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. @@ -6646,7 +6862,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -6678,41 +6894,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -6723,19 +6939,19 @@ spec: type: array tlsConfig: description: |- - TLSConfig defines the TLS settings to use for the scrape. When the + tlsConfig defines the TLS settings to use for the scrape. When the scrape objects define their own CA, certificate and/or key, they take precedence over the corresponding scrape class fields. For now only the `caFile`, `certFile` and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6758,7 +6974,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6783,15 +7000,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6814,7 +7032,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6839,19 +7058,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6876,7 +7096,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6887,7 +7107,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6897,7 +7117,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -6909,7 +7130,7 @@ spec: x-kubernetes-list-type: map scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. @@ -6917,7 +7138,7 @@ spec: type: boolean scrapeConfigNamespaceSelector: description: |- - Namespaces to match for ScrapeConfig discovery. An empty label selector + scrapeConfigNamespaceSelector defines the namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. @@ -6968,7 +7189,7 @@ spec: x-kubernetes-map-type: atomic scrapeConfigSelector: description: |- - ScrapeConfigs to be selected for target discovery. An empty label + scrapeConfigSelector defines the scrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -7027,7 +7248,7 @@ spec: x-kubernetes-map-type: atomic scrapeFailureLogFile: description: |- - File to which scrape failures are logged. + scrapeFailureLogFile defines the file to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. 'file.log', The Prometheus Pods @@ -7040,14 +7261,14 @@ spec: scrapeInterval: default: 30s description: |- - Interval between consecutive scrapes. + scrapeInterval defines interval between consecutive scrapes. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -7075,13 +7296,13 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Prometheus + secrets defines a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. @@ -7091,7 +7312,7 @@ spec: x-kubernetes-list-type: set securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -7325,12 +7546,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceDiscoveryRole: description: |- - Defines the service discovery role used to discover targets from + serviceDiscoveryRole defines the service discovery role used to discover targets from `ServiceMonitor` objects and Alertmanager endpoints. If set, the value should be either "Endpoints" or "EndpointSlice". @@ -7341,7 +7562,7 @@ spec: type: string serviceMonitorNamespaceSelector: description: |- - Namespaces to match for ServicedMonitors discovery. An empty label selector + serviceMonitorNamespaceSelector defines the namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -7390,7 +7611,7 @@ spec: x-kubernetes-map-type: atomic serviceMonitorSelector: description: |- - ServiceMonitors to be selected for target discovery. An empty label + serviceMonitorSelector defines the serviceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -7447,7 +7668,7 @@ spec: x-kubernetes-map-type: atomic serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, or `prometheus-agent-operated` for PrometheusAgent resources. @@ -7457,7 +7678,7 @@ spec: type: string shards: description: |- - Number of shards to distribute the scraped targets onto. + shards defines the number of shards to distribute the scraped targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods being created. @@ -7486,15 +7707,15 @@ spec: format: int32 type: integer storage: - description: Storage defines the storage used by Prometheus. + description: storage defines the storage used by Prometheus. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -7521,7 +7742,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -7742,15 +7963,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -7768,7 +7987,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -7788,14 +8007,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -7804,14 +8023,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -7821,7 +8040,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -7998,15 +8217,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8019,7 +8236,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -8168,13 +8385,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -8206,7 +8421,7 @@ spec: type: object targetLimit: description: |- - TargetLimit defines a limit on the number of scraped targets that will be accepted. + targetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -8215,7 +8430,7 @@ spec: type: integer terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -8224,7 +8439,7 @@ spec: minimum: 0 type: integer tolerations: - description: Defines the Pods' tolerations if specified. + description: tolerations defines the Pods' tolerations if specified. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -8263,12 +8478,14 @@ spec: type: object type: array topologySpreadConstraints: - description: Defines the pod's topology spread constraints if specified. + description: topologySpreadConstraints defines the pod's topology + spread constraints if specified. items: properties: additionalLabelSelectors: - description: Defines what Prometheus Operator managed labels - should be added to labelSelector on the topologySpreadConstraint. + description: additionalLabelSelectors Defines what Prometheus + Operator managed labels should be added to labelSelector on + the topologySpreadConstraint. enum: - OnResource - OnShard @@ -8443,61 +8660,62 @@ spec: type: array tracingConfig: description: |- - TracingConfig configures tracing in Prometheus. + tracingConfig defines tracing in Prometheus. This is an *experimental feature*, it may change in any upcoming release in a breaking way. properties: clientType: - description: Client used to export the traces. Supported values - are `http` or `grpc`. + description: clientType defines the client used to export the + traces. Supported values are `http` or `grpc`. enum: - http - grpc type: string compression: - description: Compression key for supported compression types. + description: compression key for supported compression types. The only supported value is `gzip`. enum: - gzip type: string endpoint: - description: Endpoint to send the traces to. Should be provided + description: endpoint to send the traces to. Should be provided in format :. minLength: 1 type: string headers: additionalProperties: type: string - description: Key-value pairs to be used as headers associated - with gRPC or HTTP requests. + description: headers defines the key-value pairs to be used as + headers associated with gRPC or HTTP requests. type: object insecure: - description: If disabled, the client will use a secure connection. + description: insecure if disabled, the client will use a secure + connection. type: boolean samplingFraction: anyOf: - type: integer - type: string - description: Sets the probability a given trace will be sampled. - Must be a float from 0 through 1. + description: samplingFraction defines the probability a given + trace will be sampled. Must be a float from 0 through 1. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true timeout: - description: Maximum time the exporter will wait for each batch - export. + description: timeout defines the maximum time the exporter will + wait for each batch export. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use when sending traces. + description: tlsConfig to use when sending traces. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8520,7 +8738,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8545,15 +8764,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8576,7 +8796,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8601,19 +8822,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8638,7 +8860,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8649,7 +8871,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8659,7 +8881,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8667,12 +8890,12 @@ spec: type: object tsdb: description: |- - Defines the runtime reloadable configuration of the timeseries database(TSDB). + tsdb defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. properties: outOfOrderTimeWindow: description: |- - Configures how old an out-of-order/out-of-bounds sample can be with + outOfOrderTimeWindow defines how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as @@ -8687,7 +8910,7 @@ spec: type: object version: description: |- - Version of Prometheus being deployed. The operator uses this information + version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of @@ -8696,7 +8919,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows the configuration of additional VolumeMounts. + volumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects. @@ -8764,7 +8987,7 @@ spec: type: array volumes: description: |- - Volumes allows the configuration of additional volumes on the output + volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -9438,15 +9661,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9628,12 +9849,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -9712,7 +9931,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -10132,6 +10351,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -10266,7 +10590,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -10551,29 +10874,30 @@ spec: type: array walCompression: description: |- - Configures compression of the write-ahead log (WAL) using Snappy. + walCompression defines the compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. type: boolean web: - description: Defines the configuration of the Prometheus web server. + description: web defines the configuration of the Prometheus web server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -10582,7 +10906,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -10591,7 +10915,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -10601,42 +10925,42 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object maxConnections: description: |- - Defines the maximum number of simultaneous connections + maxConnections defines the maximum number of simultaneous connections A zero value means that Prometheus doesn't accept any incoming connection. format: int32 minimum: 0 type: integer pageTitle: - description: The prometheus web page title. + description: pageTitle defines the prometheus web page title. type: string tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10659,7 +10983,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10685,7 +11010,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -10693,7 +11018,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -10703,14 +11028,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10733,7 +11058,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10759,21 +11085,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -10783,7 +11109,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -10791,7 +11117,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -10819,14 +11145,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -10852,18 +11180,19 @@ spec: rule: '!(has(self.mode) && self.mode == ''DaemonSet'' && has(self.probeSelector))' status: description: |- - Most recent observed status of the Prometheus cluster. Read-only. + status defines the most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. format: int32 type: integer conditions: - description: The current state of the Prometheus deployment. + description: conditions defines the current state of the Prometheus + deployment. items: description: |- Condition represents the state of the resources associated with the @@ -10875,12 +11204,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -10888,14 +11217,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -10909,45 +11238,46 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + replicas defines the total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Prometheus resource. + description: selector used to match the pods targeted by this Prometheus + resource. type: string shardStatuses: - description: The list has one entry per shard. Each entry provides - a summary of the shard status. + description: shardStatuses defines the list has one entry per shard. + Each entry provides a summary of the shard status. items: properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this shard. format: int32 type: integer replicas: - description: Total number of pods targeted by this shard. + description: replicas defines the total number of pods targeted + by this shard. format: int32 type: integer shardID: - description: Identifier of the shard. + description: shardID defines the identifier of the shard. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this - shard. + description: unavailableReplicas defines the Total number of + unavailable pods targeted by this shard. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this shard + updatedReplicas defines the total number of non-terminated pods targeted by this shard that have the desired spec. format: int32 type: integer @@ -10963,26 +11293,20 @@ spec: - shardID x-kubernetes-list-type: map shards: - description: Shards is the most recently observed number of shards. + description: shards defines the most recently observed number of shards. format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this Prometheus - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Prometheus deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + updatedReplicas defines the total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml index 21b417ba79ef..3cf884772e58 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheuses.yaml @@ -1,5 +1,5 @@ {{- if .Values.prometheuses.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheuses.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -82,12 +82,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the Prometheus cluster. More info: + spec defines the specification of the desired behavior of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalAlertManagerConfigs: description: |- - AdditionalAlertManagerConfigs specifies a key of a Secret containing + additionalAlertManagerConfigs defines a key of a Secret containing additional Prometheus Alertmanager configurations. The Alertmanager configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official @@ -124,7 +124,7 @@ spec: x-kubernetes-map-type: atomic additionalAlertRelabelConfigs: description: |- - AdditionalAlertRelabelConfigs specifies a key of a Secret containing + additionalAlertRelabelConfigs defines a key of a Secret containing additional Prometheus alert relabel configurations. The alert relabel configurations are appended to the configuration generated by the Prometheus Operator. They must be formatted according to the official @@ -161,7 +161,7 @@ spec: x-kubernetes-map-type: atomic additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the 'prometheus' container. + additionalArgs allows setting additional arguments for the 'prometheus' container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the @@ -175,12 +175,12 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name @@ -188,7 +188,7 @@ spec: type: array additionalScrapeConfigs: description: |- - AdditionalScrapeConfigs allows specifying a key of a Secret containing + additionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator. Job configurations specified must have the form as specified @@ -221,7 +221,8 @@ spec: type: object x-kubernetes-map-type: atomic affinity: - description: Defines the Pods' affinity scheduling rules if specified. + description: affinity defines the Pods' affinity scheduling rules + if specified. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -789,8 +790,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1133,10 +1134,10 @@ spec: type: object type: object alerting: - description: Defines the settings related to Alertmanager. + description: alerting defines the settings related to Alertmanager. properties: alertmanagers: - description: Alertmanager endpoints where Prometheus should send + description: alertmanagers endpoints where Prometheus should send alerts to. items: description: |- @@ -1145,7 +1146,7 @@ spec: properties: alertRelabelings: description: |- - Relabeling configs applied before sending alerts to a specific Alertmanager. + alertRelabelings defines the relabeling configs applied before sending alerts to a specific Alertmanager. It requires Prometheus >= v2.51.0. items: description: |- @@ -1157,7 +1158,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1189,41 +1190,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the - extracted value is matched. + description: regex defines the regular expression + against which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated - SourceLabels. + description: separator defines the string between + concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1234,7 +1235,7 @@ spec: type: array apiVersion: description: |- - Version of the Alertmanager API that Prometheus uses to send alerts. + apiVersion defines the version of the Alertmanager API that Prometheus uses to send alerts. It can be "V1" or "V2". The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. enum: @@ -1245,13 +1246,13 @@ spec: type: string authorization: description: |- - Authorization section for Alertmanager. + authorization section for Alertmanager. Cannot be set at the same time as `basicAuth`, `bearerTokenFile` or `sigv4`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in + the namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1276,7 +1277,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1285,13 +1286,13 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for Alertmanager. + basicAuth configuration for Alertmanager. Cannot be set at the same time as `bearerTokenFile`, `authorization` or `sigv4`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1317,7 +1318,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1344,22 +1345,22 @@ spec: type: object bearerTokenFile: description: |- - File to read bearer token for Alertmanager. + bearerTokenFile defines the file to read bearer token for Alertmanager. Cannot be set at the same time as `basicAuth`, `authorization`, or `sigv4`. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHttp2: - description: Whether to enable HTTP2. + description: enableHttp2 defines whether to enable HTTP2. type: boolean name: - description: Name of the Endpoints object in the namespace. + description: name of the Endpoints object in the namespace. minLength: 1 type: string namespace: description: |- - Namespace of the Endpoints object. + namespace of the Endpoints object. If not set, the object will be discovered in the namespace of the Prometheus object. @@ -1367,21 +1368,21 @@ spec: type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string pathPrefix: - description: Prefix for the HTTP path alerts are pushed - to. + description: pathPrefix defines the prefix for the HTTP + path alerts are pushed to. type: string port: anyOf: - type: integer - type: string - description: Port on which the Alertmanager API is exposed. + description: port on which the Alertmanager API is exposed. x-kubernetes-int-or-string: true proxyConnectHeader: additionalProperties: @@ -1411,7 +1412,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1419,18 +1420,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: - description: Relabel configuration applied to the discovered - Alertmanagers. + description: relabelings defines the relabel configuration + applied to the discovered Alertmanagers. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -1441,7 +1441,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -1473,41 +1473,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the - extracted value is matched. + description: regex defines the regular expression + against which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated - SourceLabels. + description: separator defines the string between + concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -1517,11 +1517,11 @@ spec: type: object type: array scheme: - description: Scheme to use when firing alerts. + description: scheme to use when firing alerts. type: string sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.48.0. @@ -1529,7 +1529,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -1554,20 +1554,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to - authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the - region from the default credentials chain used. + description: region defines the AWS region. If blank, + the region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to - authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -1591,22 +1591,27 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object timeout: - description: Timeout is a per-target Alertmanager timeout + description: timeout defines a per-target Alertmanager timeout when pushing alerts. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use for Alertmanager. + description: tlsConfig to use for Alertmanager. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1629,8 +1634,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1655,16 +1660,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert + in the Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1687,8 +1692,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1713,19 +1718,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client + cert file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client + key file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1750,7 +1756,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1761,7 +1767,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1771,7 +1777,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object required: @@ -1784,14 +1791,14 @@ spec: type: object allowOverlappingBlocks: description: |- - AllowOverlappingBlocks enables vertical compaction and vertical query + allowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. Deprecated: this flag has no effect for Prometheus >= 2.39.0 where overlapping blocks are enabled by default. type: boolean apiserverConfig: description: |- - APIServerConfig allows specifying a host and auth methods to access the + apiserverConfig allows specifying a host and auth methods to access the Kuberntees API server. If null, Prometheus is assumed to run inside of the cluster: it will discover the API servers automatically and use the Pod's CA certificate @@ -1799,14 +1806,14 @@ spec: properties: authorization: description: |- - Authorization section for the API server. + authorization section for the API server. Cannot be set at the same time as `basicAuth`, `bearerToken`, or `bearerTokenFile`. properties: credentials: - description: Selects a key of a Secret in the namespace that - contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1830,12 +1837,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a secret + from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1844,14 +1851,14 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the API server. + basicAuth configuration for the API server. Cannot be set at the same time as `authorization`, `bearerToken`, or `bearerTokenFile`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -1877,7 +1884,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -1904,14 +1911,13 @@ spec: type: object bearerToken: description: |- - *Warning: this field shouldn't be used because the token value appears + bearerToken is deprecated: this will be removed in a future release. + *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File to read bearer token for accessing apiserver. + bearerTokenFile defines the file to read bearer token for accessing apiserver. Cannot be set at the same time as `basicAuth`, `authorization`, or `bearerToken`. @@ -1919,12 +1925,12 @@ spec: type: string host: description: |- - Kubernetes API address consisting of a hostname or IP address followed + host defines the Kubernetes API address consisting of a hostname or IP address followed by an optional port number. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1958,7 +1964,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1966,24 +1972,24 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string tlsConfig: - description: TLS Config to use for the API server. + description: tlsConfig to use for the API server. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2006,7 +2012,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2031,15 +2038,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2062,7 +2070,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2087,19 +2096,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2124,7 +2134,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2135,7 +2145,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2145,7 +2155,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -2153,7 +2164,7 @@ spec: type: object arbitraryFSAccessThroughSMs: description: |- - When true, ServiceMonitor, PodMonitor and Probe object are forbidden to + arbitraryFSAccessThroughSMs when true, ServiceMonitor, PodMonitor and Probe object are forbidden to reference arbitrary files on the file system of the 'prometheus' container. When a ServiceMonitor's endpoint specifies a `bearerTokenFile` value @@ -2165,22 +2176,27 @@ spec: `spec.bearerTokenSecret` field. properties: deny: + description: |- + deny prevents service monitors from accessing arbitrary files on the file system. + When true, service monitors cannot use file-based configurations like BearerTokenFile + that could potentially access sensitive files. When false (default), such access is allowed. + Setting this to true enhances security by preventing potential credential theft attacks. type: boolean type: object automountServiceAccountToken: description: |- - AutomountServiceAccountToken indicates whether a service account token should be automatically mounted in the pod. + automountServiceAccountToken defines whether a service account token should be automatically mounted in the pod. If the field isn't set, the operator mounts the service account token by default. **Warning:** be aware that by default, Prometheus requires the service account token for Kubernetes service discovery. It is possible to use strategic merge patch to project the service account token into the 'prometheus' container. type: boolean baseImage: - description: 'Deprecated: use ''spec.image'' instead.' + description: 'baseImage is deprecated: use ''spec.image'' instead.' type: string bodySizeLimit: description: |- - BodySizeLimit defines per-scrape on response body size. + bodySizeLimit defines per-scrape on response body size. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -2189,7 +2205,7 @@ spec: type: string configMaps: description: |- - ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus + configMaps defines a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each ConfigMap is added to the StatefulSet definition as a volume named `configmap-`. The ConfigMaps are mounted into /etc/prometheus/configmaps/ in the 'prometheus' container. @@ -2198,7 +2214,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to the Pods or to change the behavior of an operator generated container. Containers described here modify an operator generated @@ -2254,8 +2270,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -2313,6 +2330,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -2373,8 +2427,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -2401,8 +2455,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3073,7 +3128,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3127,10 +3182,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3142,6 +3197,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -3642,23 +3750,23 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.4.0. type: boolean disableCompaction: description: |- - When true, the Prometheus compaction is disabled. + disableCompaction when true, the Prometheus compaction is disabled. When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). type: boolean dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines the DNS configuration for the pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -3667,7 +3775,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -3676,11 +3784,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -3691,7 +3799,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -3700,7 +3808,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -3709,7 +3817,7 @@ spec: type: string enableAdminAPI: description: |- - Enables access to the Prometheus web admin API. + enableAdminAPI defines access to the Prometheus web admin API. WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, shutdown Prometheus, and more. Enabling this should be done with care and the @@ -3721,7 +3829,7 @@ spec: type: boolean enableFeatures: description: |- - Enable access to Prometheus feature flags. By default, no features are enabled. + enableFeatures enables access to Prometheus feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -3735,7 +3843,7 @@ spec: x-kubernetes-list-type: set enableOTLPReceiver: description: |- - Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + enableOTLPReceiver defines the Prometheus to be used as a receiver for the OTLP Metrics protocol. Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. @@ -3743,7 +3851,7 @@ spec: type: boolean enableRemoteWriteReceiver: description: |- - Enable Prometheus to be used as a receiver for the Prometheus remote + enableRemoteWriteReceiver defines the Prometheus to be used as a receiver for the Prometheus remote write protocol. WARNING: This is not considered an efficient way of ingesting samples. @@ -3755,12 +3863,12 @@ spec: It requires Prometheus >= v2.33.0. type: boolean enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedBodySizeLimit: description: |- - When defined, enforcedBodySizeLimit specifies a global limit on the size + enforcedBodySizeLimit when defined specifies a global limit on the size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. @@ -3776,7 +3884,7 @@ spec: type: string enforcedKeepDroppedTargets: description: |- - When defined, enforcedKeepDroppedTargets specifies a global limit on the number of targets + enforcedKeepDroppedTargets when defined specifies a global limit on the number of targets dropped by relabeling that will be kept in memory. The value overrides any `spec.keepDroppedTargets` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.keepDroppedTargets` is @@ -3793,7 +3901,7 @@ spec: type: integer enforcedLabelLimit: description: |- - When defined, enforcedLabelLimit specifies a global limit on the number + enforcedLabelLimit when defined specifies a global limit on the number of labels per sample. The value overrides any `spec.labelLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelLimit` is greater than zero and less than `spec.enforcedLabelLimit`. @@ -3809,7 +3917,7 @@ spec: type: integer enforcedLabelNameLengthLimit: description: |- - When defined, enforcedLabelNameLengthLimit specifies a global limit on the length + enforcedLabelNameLengthLimit when defined specifies a global limit on the length of labels name per sample. The value overrides any `spec.labelNameLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelNameLengthLimit` is greater than zero and less than `spec.enforcedLabelNameLengthLimit`. @@ -3825,7 +3933,7 @@ spec: type: integer enforcedLabelValueLengthLimit: description: |- - When not null, enforcedLabelValueLengthLimit defines a global limit on the length + enforcedLabelValueLengthLimit when not null defines a global limit on the length of labels value per sample. The value overrides any `spec.labelValueLengthLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.labelValueLengthLimit` is greater than zero and less than `spec.enforcedLabelValueLengthLimit`. @@ -3841,7 +3949,7 @@ spec: type: integer enforcedNamespaceLabel: description: |- - When not empty, a label will be added to: + enforcedNamespaceLabel when not empty, a label will be added to: 1. All metrics scraped from `ServiceMonitor`, `PodMonitor`, `Probe` and `ScrapeConfig` objects. 2. All metrics generated from recording rules defined in `PrometheusRule` objects. @@ -3856,7 +3964,7 @@ spec: type: string enforcedSampleLimit: description: |- - When defined, enforcedSampleLimit specifies a global limit on the number + enforcedSampleLimit when defined specifies a global limit on the number of scraped samples that will be accepted. This overrides any `spec.sampleLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.sampleLimit` is greater than zero and less than @@ -3874,7 +3982,7 @@ spec: type: integer enforcedTargetLimit: description: |- - When defined, enforcedTargetLimit specifies a global limit on the number + enforcedTargetLimit when defined specifies a global limit on the number of scraped targets. The value overrides any `spec.targetLimit` set by ServiceMonitor, PodMonitor, Probe objects unless `spec.targetLimit` is greater than zero and less than `spec.enforcedTargetLimit`. @@ -3892,13 +4000,13 @@ spec: evaluationInterval: default: 30s description: |- - Interval between rule evaluations. + evaluationInterval defines the interval between rule evaluations. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string excludedFromEnforcement: description: |- - List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + excludedFromEnforcement defines the list of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. It is only applicable if `spec.enforcedNamespaceLabel` set to true. @@ -3908,23 +4016,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -3939,12 +4047,12 @@ spec: type: array exemplars: description: |- - Exemplars related settings that are runtime reloadable. + exemplars related settings that are runtime reloadable. It requires to enable the `exemplar-storage` feature flag to be effective. properties: maxSize: description: |- - Maximum number of exemplars stored in memory for all series. + maxSize defines the maximum number of exemplars stored in memory for all series. exemplar-storage itself must be enabled using the `spec.enableFeature` option for exemplars to be scraped in the first place. @@ -3958,20 +4066,20 @@ spec: additionalProperties: type: string description: |- - The labels to add to any time series or alerts when communicating with + externalLabels defines the labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). Labels defined by `spec.replicaExternalLabelName` and `spec.prometheusExternalLabelName` take precedence over this list. type: object externalUrl: description: |- - The external URL under which the Prometheus service is externally + externalUrl defines the external URL under which the Prometheus service is externally available. This is necessary to generate correct URLs (for instance if Prometheus is accessible behind an Ingress resource). type: string hostAliases: description: |- - Optional list of hosts and IPs that will be injected into the Pod's + hostAliases defines the optional list of hosts and IPs that will be injected into the Pod's hosts file if specified. items: description: |- @@ -3979,12 +4087,12 @@ spec: pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -3996,7 +4104,7 @@ spec: x-kubernetes-list-type: map hostNetwork: description: |- - Use the host's network namespace if true. + hostNetwork defines the host's network namespace if true. Make sure to understand the security implications if you want to enable it (https://kubernetes.io/docs/concepts/configuration/overview/ ). @@ -4007,7 +4115,7 @@ spec: type: boolean hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -4016,14 +4124,14 @@ spec: type: boolean ignoreNamespaceSelectors: description: |- - When true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor + ignoreNamespaceSelectors when true, `spec.namespaceSelector` from all PodMonitor, ServiceMonitor and Probe objects will be ignored. They will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object. type: boolean image: description: |- - Container image name for Prometheus. If specified, it takes precedence + image defines the container image name for Prometheus. If specified, it takes precedence over the `spec.baseImage`, `spec.tag` and `spec.sha` fields. Specifying `spec.version` is still necessary to ensure the Prometheus @@ -4035,7 +4143,7 @@ spec: type: string imagePullPolicy: description: |- - Image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines the image pull policy for the 'prometheus', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -4045,7 +4153,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to Secrets in the same namespace + imagePullSecrets defines an optional list of references to Secrets in the same namespace to use for pulling images from registries. See http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -4067,7 +4175,7 @@ spec: type: array initContainers: description: |- - InitContainers allows injecting initContainers to the Pod definition. Those + initContainers allows injecting initContainers to the Pod definition. Those can be used to e.g. fetch secrets for injection into the Prometheus configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: @@ -4123,8 +4231,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -4182,6 +4291,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -4242,8 +4388,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -4270,8 +4416,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -4942,7 +5089,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -4996,10 +5143,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -5011,6 +5158,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -5511,7 +5711,7 @@ spec: type: array keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -5522,7 +5722,7 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5531,7 +5731,7 @@ spec: type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5540,7 +5740,7 @@ spec: type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -5549,11 +5749,11 @@ spec: type: integer listenLocal: description: |- - When true, the Prometheus server listens on the loopback address + listenLocal when true, the Prometheus server listens on the loopback address instead of the Pod IP's address. type: boolean logFormat: - description: Log format for Log level for Prometheus and the config-reloader + description: logFormat for Log level for Prometheus and the config-reloader sidecar. enum: - "" @@ -5561,7 +5761,7 @@ spec: - json type: string logLevel: - description: Log level for Prometheus and the config-reloader sidecar. + description: logLevel for Prometheus and the config-reloader sidecar. enum: - "" - debug @@ -5571,14 +5771,14 @@ spec: type: string maximumStartupDurationSeconds: description: |- - Defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. - If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15 minutes). + maximumStartupDurationSeconds defines the maximum time that the `prometheus` container's startup probe will wait before being considered failed. The startup probe will return success after the WAL replay is complete. + If set, the value should be greater than 60 (seconds). Otherwise it will be equal to 900 seconds (15 minutes). format: int32 minimum: 60 type: integer minReadySeconds: description: |- - Minimum number of seconds for which a newly created Pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created Pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -5587,7 +5787,7 @@ spec: type: integer nameEscapingScheme: description: |- - Specifies the character escaping scheme that will be requested when scraping + nameEscapingScheme defines the character escaping scheme that will be requested when scraping for metric and label names that do not conform to the legacy Prometheus character set. @@ -5600,7 +5800,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v2.55.0. enum: @@ -5610,21 +5810,21 @@ spec: nodeSelector: additionalProperties: type: string - description: Defines on which Nodes the Pods are scheduled. + description: nodeSelector defines on which Nodes the Pods are scheduled. type: object otlp: description: |- - Settings related to the OTLP receiver feature. + otlp defines the settings related to the OTLP receiver feature. It requires Prometheus >= v2.55.0. properties: convertHistogramsToNHCB: description: |- - Configures optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. + convertHistogramsToNHCB defines optional translation of OTLP explicit bucket histograms into native histograms with custom buckets. It requires Prometheus >= v3.4.0. type: boolean ignoreResourceAttributes: description: |- - List of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. + ignoreResourceAttributes defines the list of OpenTelemetry resource attributes to ignore when `promoteAllResourceAttributes` is true. It requires `promoteAllResourceAttributes` to be true. It requires Prometheus >= v3.5.0. @@ -5636,21 +5836,21 @@ spec: x-kubernetes-list-type: set keepIdentifyingResourceAttributes: description: |- - Enables adding `service.name`, `service.namespace` and `service.instance.id` + keepIdentifyingResourceAttributes enables adding `service.name`, `service.namespace` and `service.instance.id` resource attributes to the `target_info` metric, on top of converting them into the `instance` and `job` labels. It requires Prometheus >= v3.1.0. type: boolean promoteAllResourceAttributes: description: |- - Promote all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. + promoteAllResourceAttributes promotes all resource attributes to metric labels except the ones defined in `ignoreResourceAttributes`. Cannot be true when `promoteResourceAttributes` is defined. It requires Prometheus >= v3.5.0. type: boolean promoteResourceAttributes: description: |- - List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + promoteResourceAttributes defines the list of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. Cannot be defined when `promoteAllResourceAttributes` is true. items: minLength: 1 @@ -5658,39 +5858,46 @@ spec: minItems: 1 type: array x-kubernetes-list-type: set + promoteScopeMetadata: + description: |- + promoteScopeMetadata controls whether to promote OpenTelemetry scope metadata (i.e. name, version, schema URL, and attributes) to metric labels. + As per the OpenTelemetry specification, the aforementioned scope metadata should be identifying, i.e. made into metric labels. + It requires Prometheus >= v3.6.0. + type: boolean translationStrategy: description: |- - Configures how the OTLP receiver endpoint translates the incoming metrics. + translationStrategy defines how the OTLP receiver endpoint translates the incoming metrics. It requires Prometheus >= v3.0.0. enum: - NoUTF8EscapingWithSuffixes - UnderscoreEscapingWithSuffixes - NoTranslation + - UnderscoreEscapingWithoutSuffixes type: string type: object overrideHonorLabels: description: |- - When true, Prometheus resolves label conflicts by renaming the labels in the scraped data + overrideHonorLabels when true, Prometheus resolves label conflicts by renaming the labels in the scraped data to “exported_” for all targets created from ServiceMonitor, PodMonitor and ScrapeConfig objects. Otherwise the HonorLabels field of the service or pod monitor applies. - In practice,`overrideHonorLaels:true` enforces `honorLabels:false` + In practice,`OverrideHonorLabels:true` enforces `honorLabels:false` for all ServiceMonitor, PodMonitor and ScrapeConfig objects. type: boolean overrideHonorTimestamps: description: |- - When true, Prometheus ignores the timestamps for all the targets created + overrideHonorTimestamps when true, Prometheus ignores the timestamps for all the targets created from service and pod monitors. Otherwise the HonorTimestamps field of the service or pod monitor applies. type: boolean paused: description: |- - When a Prometheus deployment is paused, no actions except for deletion + paused defines when a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean persistentVolumeClaimRetentionPolicy: description: |- - The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + persistentVolumeClaimRetentionPolicy defines the field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. The default behavior is all PVCs are retained. This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. It requires enabling the StatefulSetAutoDeletePVC feature gate. @@ -5713,7 +5920,7 @@ spec: type: object podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the Prometheus pods. + podMetadata defines labels and annotations which are propagated to the Prometheus pods. The following items are reserved and cannot be overridden: * "prometheus" label, set to the name of the Prometheus object. @@ -5729,7 +5936,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -5738,14 +5945,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -5755,7 +5962,7 @@ spec: type: object podMonitorNamespaceSelector: description: |- - Namespaces to match for PodMonitors discovery. An empty label selector + podMonitorNamespaceSelector defines the namespaces to match for PodMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -5804,7 +6011,7 @@ spec: x-kubernetes-map-type: atomic podMonitorSelector: description: |- - PodMonitors to be selected for target discovery. An empty label selector + podMonitorSelector defines the podMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5861,7 +6068,7 @@ spec: x-kubernetes-map-type: atomic podTargetLabels: description: |- - PodTargetLabels are appended to the `spec.podTargetLabels` field of all + podTargetLabels are appended to the `spec.podTargetLabels` field of all PodMonitor and ServiceMonitor objects. items: type: string @@ -5869,15 +6076,15 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName used for the pods and governing service. Default: "web" type: string priorityClassName: - description: Priority class assigned to the Pods. + description: priorityClassName assigned to the Pods. type: string probeNamespaceSelector: description: |- - Namespaces to match for Probe discovery. An empty label + probeNamespaceSelector defines the namespaces to match for Probe discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -5926,7 +6133,7 @@ spec: x-kubernetes-map-type: atomic probeSelector: description: |- - Probes to be selected for target discovery. An empty label selector + probeSelector defines the probes to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -5983,7 +6190,7 @@ spec: x-kubernetes-map-type: atomic prometheusExternalLabelName: description: |- - Name of Prometheus external label used to denote the Prometheus instance + prometheusExternalLabelName defines the name of Prometheus external label used to denote the Prometheus instance name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -5991,7 +6198,7 @@ spec: type: string prometheusRulesExcludedFromEnforce: description: |- - Defines the list of PrometheusRule objects to which the namespace label + prometheusRulesExcludedFromEnforce defines the list of PrometheusRule objects to which the namespace label enforcement doesn't apply. This is only relevant when `spec.enforcedNamespaceLabel` is set to true. Deprecated: use `spec.excludedFromEnforcement` instead. @@ -6002,10 +6209,12 @@ spec: namespace label for alerts and metrics. properties: ruleName: - description: Name of the excluded PrometheusRule object. + description: ruleName defines the name of the excluded PrometheusRule + object. type: string ruleNamespace: - description: Namespace of the excluded PrometheusRule object. + description: ruleNamespace defines the namespace of the excluded + PrometheusRule object. type: string required: - ruleName @@ -6013,27 +6222,29 @@ spec: type: object type: array query: - description: QuerySpec defines the configuration of the Promethus - query service. + description: query defines the configuration of the Prometheus query + service. properties: lookbackDelta: - description: The delta difference allowed for retrieving metrics - during expression evaluations. + description: lookbackDelta defines the delta difference allowed + for retrieving metrics during expression evaluations. type: string maxConcurrency: - description: Number of concurrent queries that can be run at once. + description: maxConcurrency defines the number of concurrent queries + that can be run at once. format: int32 minimum: 1 type: integer maxSamples: description: |- - Maximum number of samples a single query can load into memory. Note that + maxSamples defines the maximum number of samples a single query can load into memory. Note that queries will fail if they would load more samples than this into memory, so this also limits the number of samples a query can return. format: int32 type: integer timeout: - description: Maximum time a query may take before being aborted. + description: timeout defines the maximum time a query may take + before being aborted. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object @@ -6053,14 +6264,14 @@ spec: type: string reloadStrategy: description: |- - Defines the strategy used to reload the Prometheus configuration. + reloadStrategy defines the strategy used to reload the Prometheus configuration. If not specified, the configuration is reloaded using the /-/reload HTTP endpoint. enum: - HTTP - ProcessSignal type: string remoteRead: - description: Defines the list of remote read configurations. + description: remoteRead defines the list of remote read configurations. items: description: |- RemoteReadSpec defines the configuration for Prometheus to read back samples @@ -6068,15 +6279,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6100,12 +6311,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6114,13 +6325,13 @@ spec: type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6146,7 +6357,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6173,26 +6384,25 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read the bearer token for the URL. + bearerTokenFile defines the file from which to read the bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string filterExternalLabels: description: |- - Whether to use the external labels as selectors for the remote read endpoint. + filterExternalLabels defines whether to use the external labels as selectors for the remote read endpoint. It requires Prometheus >= v2.34.0. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0. type: boolean @@ -6200,13 +6410,13 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote read request. + headers defines the custom HTTP headers to be sent along with each remote read request. Be aware that headers that are set by Prometheus itself can't be overwritten. Only valid in Prometheus versions 2.26.0 and newer. type: object name: description: |- - The name of the remote read queue, it must be unique if specified. The + name of the remote read queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate read configurations. @@ -6214,7 +6424,7 @@ spec: type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6222,7 +6432,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0. @@ -6230,12 +6440,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6258,7 +6468,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6284,7 +6495,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6312,12 +6523,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6351,7 +6562,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6359,33 +6570,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6408,8 +6618,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6434,12 +6644,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6462,8 +6672,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6488,11 +6698,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6517,7 +6728,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6528,7 +6739,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6538,12 +6749,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6579,7 +6791,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6587,40 +6799,41 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string readRecent: description: |- - Whether reads should be made for queries for time ranges that + readRecent defines whether reads should be made for queries for time ranges that the local storage should have complete data for. type: boolean remoteTimeout: - description: Timeout for requests to the remote read endpoint. + description: remoteTimeout defines the timeout for requests + to the remote read endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string requiredMatchers: additionalProperties: type: string description: |- - An optional list of equality matchers which have to be present + requiredMatchers defines an optional list of equality matchers which have to be present in a selector to query the remote read endpoint. type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6643,7 +6856,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6668,15 +6882,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6699,7 +6914,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6724,19 +6940,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6761,7 +6978,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6772,7 +6989,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6782,18 +6999,19 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to query from. + description: url defines the URL of the endpoint to query from. type: string required: - url type: object type: array remoteWrite: - description: Defines the list of remote write configurations. + description: remoteWrite defines the list of remote write configurations. items: description: |- RemoteWriteSpec defines the configuration to write samples from Prometheus @@ -6801,15 +7019,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6833,12 +7051,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6847,15 +7065,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -6863,32 +7081,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -6912,9 +7131,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -6925,29 +7144,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6973,7 +7192,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7000,23 +7219,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -7024,14 +7242,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -7048,37 +7266,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7086,7 +7304,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -7094,12 +7312,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7122,7 +7340,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7148,7 +7367,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7176,12 +7395,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7215,7 +7434,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7223,33 +7442,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7272,8 +7490,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7298,12 +7516,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7326,8 +7544,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7352,11 +7570,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7381,7 +7600,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7392,7 +7611,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7402,12 +7621,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -7443,7 +7663,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7451,89 +7671,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -7541,14 +7760,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -7556,7 +7775,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -7581,18 +7800,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -7616,17 +7837,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7649,7 +7875,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7674,15 +7901,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7705,7 +7933,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7730,19 +7959,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7767,7 +7997,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7778,7 +8008,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7788,15 +8018,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -7807,7 +8040,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -7839,41 +8072,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -7888,7 +8121,7 @@ spec: type: array remoteWriteReceiverMessageVersions: description: |- - List of the protobuf message versions to accept when receiving the + remoteWriteReceiverMessageVersions list of the protobuf message versions to accept when receiving the remote writes. It requires Prometheus >= v2.54.0. @@ -7902,7 +8135,7 @@ spec: x-kubernetes-list-type: set replicaExternalLabelName: description: |- - Name of Prometheus external label used to denote the replica name. + replicaExternalLabelName defines the name of Prometheus external label used to denote the replica name. The external label will _not_ be added when the field is set to the empty string (`""`). @@ -7910,7 +8143,7 @@ spec: type: string replicas: description: |- - Number of replicas of each shard to deploy for a Prometheus deployment. + replicas defines the number of replicas of each shard to deploy for a Prometheus deployment. `spec.replicas` multiplied by `spec.shards` is the total number of Pods created. @@ -7918,15 +8151,15 @@ spec: format: int32 type: integer resources: - description: Defines the resources requests and limits of the 'prometheus' - container. + description: resources defines the resources requests and limits of + the 'prometheus' container. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -7979,18 +8212,19 @@ spec: type: object retention: description: |- - How long to retain the Prometheus data. + retention defines how long to retain the Prometheus data. Default: "24h" if `spec.retention` and `spec.retentionSize` are empty. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string retentionSize: - description: Maximum number of bytes used by the Prometheus data. + description: retentionSize defines the maximum number of bytes used + by the Prometheus data. pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ type: string routePrefix: description: |- - The route prefix Prometheus registers HTTP handlers for. + routePrefix defines the route prefix Prometheus registers HTTP handlers for. This is useful when using `spec.externalURL`, and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but @@ -7999,7 +8233,7 @@ spec: type: string ruleNamespaceSelector: description: |- - Namespaces to match for PrometheusRule discovery. An empty label selector + ruleNamespaceSelector defines the namespaces to match for PrometheusRule discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. properties: @@ -8048,13 +8282,13 @@ spec: x-kubernetes-map-type: atomic ruleQueryOffset: description: |- - Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + ruleQueryOffset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleSelector: description: |- - PrometheusRule objects to be selected for rule evaluation. An empty + ruleSelector defines the prometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. properties: @@ -8102,40 +8336,41 @@ spec: type: object x-kubernetes-map-type: atomic rules: - description: Defines the configuration of the Prometheus rules' engine. + description: rules defines the configuration of the Prometheus rules' + engine. properties: alert: description: |- - Defines the parameters of the Prometheus rules' engine. + alert defines the parameters of the Prometheus rules' engine. Any update to these parameters trigger a restart of the pods. properties: forGracePeriod: description: |- - Minimum duration between alert and restored 'for' state. + forGracePeriod defines the minimum duration between alert and restored 'for' state. This is maintained only for alerts with a configured 'for' time greater than the grace period. type: string forOutageTolerance: description: |- - Max time to tolerate prometheus outage for restoring 'for' state of + forOutageTolerance defines the max time to tolerate prometheus outage for restoring 'for' state of alert. type: string resendDelay: description: |- - Minimum amount of time to wait before resending an alert to + resendDelay defines the minimum amount of time to wait before resending an alert to Alertmanager. type: string type: object type: object runtime: - description: RuntimeConfig configures the values for the Prometheus - process behavior + description: runtime defines the values for the Prometheus process + behavior properties: goGC: description: |- - The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + goGC defines the Go garbage collection target percentage. Lowering this number may increase the CPU usage. See: https://tip.golang.org/doc/gc-guide#GOGC format: int32 minimum: -1 @@ -8143,7 +8378,7 @@ spec: type: object sampleLimit: description: |- - SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -8152,7 +8387,7 @@ spec: type: integer scrapeClasses: description: |- - List of scrape classes to expose to scraping objects such as + scrapeClasses defines the list of scrape classes to expose to scraping objects such as PodMonitors, ServiceMonitors, Probes and ScrapeConfigs. This is an *experimental feature*, it may change in any upcoming release @@ -8161,13 +8396,13 @@ spec: properties: attachMetadata: description: |- - AttachMetadata configures additional metadata to the discovered targets. + attachMetadata defines additional metadata to the discovered targets. When the scrape object defines its own configuration, it takes precedence over the scrape class configuration. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -8176,12 +8411,12 @@ spec: type: object authorization: description: |- - Authorization section for the ScrapeClass. + authorization section for the ScrapeClass. It will only apply if the scrape resource doesn't specify any Authorization. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -8205,12 +8440,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8219,14 +8454,14 @@ spec: type: object default: description: |- - Default indicates that the scrape applies to all scrape objects that + default defines that the scrape applies to all scrape objects that don't configure an explicit scrape class name. Only one scrape class can be set as the default. type: boolean fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It will only apply if the scrape resource doesn't specify any FallbackScrapeProtocol It requires Prometheus >= v3.0.0. @@ -8239,7 +8474,7 @@ spec: type: string metricRelabelings: description: |- - MetricRelabelings configures the relabeling rules to apply to all samples before ingestion. + metricRelabelings defines the relabeling rules to apply to all samples before ingestion. The Operator adds the scrape class metric relabelings defined here. Then the Operator adds the target-specific metric relabelings defined in ServiceMonitors, PodMonitors, Probes and ScrapeConfigs. @@ -8256,7 +8491,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -8288,41 +8523,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -8332,12 +8567,12 @@ spec: type: object type: array name: - description: Name of the scrape class. + description: name of the scrape class. minLength: 1 type: string relabelings: description: |- - Relabelings configures the relabeling rules to apply to all scrape targets. + relabelings defines the relabeling rules to apply to all scrape targets. The Operator automatically adds relabelings for a few standard Kubernetes fields like `__meta_kubernetes_namespace` and `__meta_kubernetes_service_name`. @@ -8355,7 +8590,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -8387,41 +8622,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -8432,19 +8667,19 @@ spec: type: array tlsConfig: description: |- - TLSConfig defines the TLS settings to use for the scrape. When the + tlsConfig defines the TLS settings to use for the scrape. When the scrape objects define their own CA, certificate and/or key, they take precedence over the corresponding scrape class fields. For now only the `caFile`, `certFile` and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8467,7 +8702,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8492,15 +8728,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8523,7 +8760,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8548,19 +8786,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8585,7 +8824,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8596,7 +8835,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8606,7 +8845,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8618,7 +8858,7 @@ spec: x-kubernetes-list-type: map scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. @@ -8626,7 +8866,7 @@ spec: type: boolean scrapeConfigNamespaceSelector: description: |- - Namespaces to match for ScrapeConfig discovery. An empty label selector + scrapeConfigNamespaceSelector defines the namespaces to match for ScrapeConfig discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. @@ -8677,7 +8917,7 @@ spec: x-kubernetes-map-type: atomic scrapeConfigSelector: description: |- - ScrapeConfigs to be selected for target discovery. An empty label + scrapeConfigSelector defines the scrapeConfigs to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -8736,7 +8976,7 @@ spec: x-kubernetes-map-type: atomic scrapeFailureLogFile: description: |- - File to which scrape failures are logged. + scrapeFailureLogFile defines the file to which scrape failures are logged. Reloading the configuration will reopen the file. If the filename has an empty path, e.g. 'file.log', The Prometheus Pods @@ -8749,14 +8989,14 @@ spec: scrapeInterval: default: 30s description: |- - Interval between consecutive scrapes. + scrapeInterval defines interval between consecutive scrapes. Default: "30s" pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -8784,13 +9024,13 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - Number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string secrets: description: |- - Secrets is a list of Secrets in the same namespace as the Prometheus + secrets defines a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. Each Secret is added to the StatefulSet definition as a volume named `secret-`. The Secrets are mounted into /etc/prometheus/secrets/ in the 'prometheus' container. @@ -8800,7 +9040,7 @@ spec: x-kubernetes-list-type: set securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext holds pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -9034,12 +9274,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName is the name of the ServiceAccount to use to run the Prometheus Pods. type: string serviceDiscoveryRole: description: |- - Defines the service discovery role used to discover targets from + serviceDiscoveryRole defines the service discovery role used to discover targets from `ServiceMonitor` objects and Alertmanager endpoints. If set, the value should be either "Endpoints" or "EndpointSlice". @@ -9050,7 +9290,7 @@ spec: type: string serviceMonitorNamespaceSelector: description: |- - Namespaces to match for ServicedMonitors discovery. An empty label selector + serviceMonitorNamespaceSelector defines the namespaces to match for ServicedMonitors discovery. An empty label selector matches all namespaces. A null label selector (default value) matches the current namespace only. properties: @@ -9099,7 +9339,7 @@ spec: x-kubernetes-map-type: atomic serviceMonitorSelector: description: |- - ServiceMonitors to be selected for target discovery. An empty label + serviceMonitorSelector defines the serviceMonitors to be selected for target discovery. An empty label selector matches all objects. A null label selector matches no objects. If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`, `spec.probeSelector` @@ -9156,7 +9396,7 @@ spec: x-kubernetes-map-type: atomic serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the Prometheus/PrometheusAgent resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `prometheus-operated` for Prometheus resources, or `prometheus-agent-operated` for PrometheusAgent resources. @@ -9165,12 +9405,12 @@ spec: minLength: 1 type: string sha: - description: 'Deprecated: use ''spec.image'' instead. The image''s + description: 'sha is deprecated: use ''spec.image'' instead. The image''s digest can be specified as part of the image name.' type: string shardRetentionPolicy: description: |- - ShardRetentionPolicy defines the retention policy for the Prometheus shards. + shardRetentionPolicy defines the retention policy for the Prometheus shards. (Alpha) Using this field requires the 'PrometheusShardRetentionPolicy' feature gate to be enabled. The final goals for this feature can be seen at https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/proposals/202310-shard-autoscaling.md#graceful-scale-down-of-prometheus-servers, @@ -9179,14 +9419,12 @@ spec: properties: retain: description: |- - Defines the config for retention when the retention policy is set to `Retain`. + retain defines the config for retention when the retention policy is set to `Retain`. This field is ineffective as of now. properties: retentionPeriod: - description: |- - Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function. - Supported units: y, w, d, h, m, s, ms - Examples: `30s`, `1m`, `1h20m15s`, `15d` + description: retentionPeriod defines the retentionPeriod for + shard retention policy. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string required: @@ -9194,7 +9432,7 @@ spec: type: object whenScaled: description: |- - Defines the retention policy when the Prometheus shards are scaled down. + whenScaled defines the retention policy when the Prometheus shards are scaled down. * `Delete`, the operator will delete the pods from the scaled-down shard(s). * `Retain`, the operator will keep the pods from the scaled-down shard(s), so the data can still be queried. @@ -9206,7 +9444,7 @@ spec: type: object shards: description: |- - Number of shards to distribute the scraped targets onto. + shards defines the number of shards to distribute the scraped targets onto. `spec.replicas` multiplied by `spec.shards` is the total number of Pods being created. @@ -9235,15 +9473,15 @@ spec: format: int32 type: integer storage: - description: Storage defines the storage used by Prometheus. + description: storage defines the storage used by Prometheus. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -9270,7 +9508,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -9491,15 +9729,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9517,7 +9753,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -9537,14 +9773,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -9553,14 +9789,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -9570,7 +9806,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -9747,15 +9983,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -9768,7 +10002,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -9917,13 +10151,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -9954,12 +10186,12 @@ spec: type: object type: object tag: - description: 'Deprecated: use ''spec.image'' instead. The image''s + description: 'tag is deprecated: use ''spec.image'' instead. The image''s tag can be specified as part of the image name.' type: string targetLimit: description: |- - TargetLimit defines a limit on the number of scraped targets that will be accepted. + targetLimit defines a limit on the number of scraped targets that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. @@ -9968,7 +10200,7 @@ spec: type: integer terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -9977,11 +10209,12 @@ spec: minimum: 0 type: integer thanos: - description: Defines the configuration of the optional Thanos sidecar. + description: thanos defines the configuration of the optional Thanos + sidecar. properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the Thanos container. + additionalArgs allows setting additional arguments for the Thanos container. The arguments are passed as-is to the Thanos container which may cause issues if they are invalid or not supported the given Thanos version. In case of an argument conflict (e.g. an argument which is already set by the @@ -9991,24 +10224,24 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for - name-only arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. + Can be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array baseImage: - description: 'Deprecated: use ''image'' instead.' + description: 'baseImage is deprecated: use ''image'' instead.' type: string blockSize: default: 2h description: |- - BlockDuration controls the size of TSDB blocks produced by Prometheus. + blockSize controls the size of TSDB blocks produced by Prometheus. The default value is 2h to match the upstream Prometheus defaults. WARNING: Changing the block duration can impact the performance and @@ -10019,34 +10252,35 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string getConfigInterval: - description: How often to retrieve the Prometheus configuration. + description: getConfigInterval defines how often to retrieve the + Prometheus configuration. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string getConfigTimeout: - description: Maximum time to wait when retrieving the Prometheus - configuration. + description: getConfigTimeout defines the maximum time to wait + when retrieving the Prometheus configuration. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string grpcListenLocal: description: |- - When true, the Thanos sidecar listens on the loopback interface instead + grpcListenLocal defines when true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the gRPC endpoints. It has no effect if `listenLocal` is true. type: boolean grpcServerTlsConfig: description: |- - Configures the TLS parameters for the gRPC server providing the StoreAPI. + grpcServerTlsConfig defines the TLS parameters for the gRPC server providing the StoreAPI. Note: Currently only the `caFile`, `certFile`, and `keyFile` fields are supported. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10069,7 +10303,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10094,15 +10329,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10125,7 +10361,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10150,19 +10387,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10187,7 +10425,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10198,7 +10436,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10208,19 +10446,20 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object httpListenLocal: description: |- - When true, the Thanos sidecar listens on the loopback interface instead + httpListenLocal when true, the Thanos sidecar listens on the loopback interface instead of the Pod IP's address for the HTTP endpoints. It has no effect if `listenLocal` is true. type: boolean image: description: |- - Container image name for Thanos. If specified, it takes precedence over + image defines the container image name for Thanos. If specified, it takes precedence over the `spec.thanos.baseImage`, `spec.thanos.tag` and `spec.thanos.sha` fields. @@ -10232,18 +10471,18 @@ spec: the time when the operator was released. type: string listenLocal: - description: 'Deprecated: use `grpcListenLocal` and `httpListenLocal` - instead.' + description: 'listenLocal is deprecated: use `grpcListenLocal` + and `httpListenLocal` instead.' type: boolean logFormat: - description: Log format for the Thanos sidecar. + description: logFormat for the Thanos sidecar. enum: - "" - logfmt - json type: string logLevel: - description: Log level for the Thanos sidecar. + description: logLevel for the Thanos sidecar. enum: - "" - debug @@ -10253,14 +10492,14 @@ spec: type: string minTime: description: |- - Defines the start of time range limit served by the Thanos sidecar's StoreAPI. + minTime defines the start of time range limit served by the Thanos sidecar's StoreAPI. The field's value should be a constant time in RFC3339 format or a time duration relative to current time, such as -1d or 2h45m. Valid duration units are ms, s, m, h, d, w, y. type: string objectStorageConfig: description: |- - Defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. + objectStorageConfig defines the Thanos sidecar's configuration to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ @@ -10289,7 +10528,7 @@ spec: x-kubernetes-map-type: atomic objectStorageConfigFile: description: |- - Defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. + objectStorageConfigFile defines the Thanos sidecar's configuration file to upload TSDB blocks to object storage. More info: https://thanos.io/tip/thanos/storage.md/ @@ -10297,20 +10536,20 @@ spec: type: string readyTimeout: description: |- - ReadyTimeout is the maximum time that the Thanos sidecar will wait for + readyTimeout defines the maximum time that the Thanos sidecar will wait for Prometheus to start. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resources: - description: Defines the resources requests and limits of the - Thanos sidecar. + description: resources defines the resources requests and limits + of the Thanos sidecar. properties: claims: description: |- Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -10362,16 +10601,16 @@ spec: type: object type: object sha: - description: 'Deprecated: use ''image'' instead. The image digest - can be specified as part of the image name.' + description: 'sha is deprecated: use ''image'' instead. The image + digest can be specified as part of the image name.' type: string tag: - description: 'Deprecated: use ''image'' instead. The image''s + description: 'tag is deprecated: use ''image'' instead. The image''s tag can be specified as as part of the image name.' type: string tracingConfig: description: |- - Defines the tracing configuration for the Thanos sidecar. + tracingConfig defines the tracing configuration for the Thanos sidecar. `tracingConfigFile` takes precedence over this field. @@ -10403,7 +10642,7 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: |- - Defines the tracing configuration file for the Thanos sidecar. + tracingConfigFile defines the tracing configuration file for the Thanos sidecar. This field takes precedence over `tracingConfig`. @@ -10414,7 +10653,7 @@ spec: type: string version: description: |- - Version of Thanos being deployed. The operator uses this information + version of Thanos being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream release of @@ -10423,7 +10662,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts for Thanos. + volumeMounts allows configuration of additional VolumeMounts for Thanos. VolumeMounts specified will be appended to other VolumeMounts in the 'thanos-sidecar' container. items: @@ -10490,7 +10729,7 @@ spec: type: array type: object tolerations: - description: Defines the Pods' tolerations if specified. + description: tolerations defines the Pods' tolerations if specified. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -10529,12 +10768,14 @@ spec: type: object type: array topologySpreadConstraints: - description: Defines the pod's topology spread constraints if specified. + description: topologySpreadConstraints defines the pod's topology + spread constraints if specified. items: properties: additionalLabelSelectors: - description: Defines what Prometheus Operator managed labels - should be added to labelSelector on the topologySpreadConstraint. + description: additionalLabelSelectors Defines what Prometheus + Operator managed labels should be added to labelSelector on + the topologySpreadConstraint. enum: - OnResource - OnShard @@ -10709,61 +10950,62 @@ spec: type: array tracingConfig: description: |- - TracingConfig configures tracing in Prometheus. + tracingConfig defines tracing in Prometheus. This is an *experimental feature*, it may change in any upcoming release in a breaking way. properties: clientType: - description: Client used to export the traces. Supported values - are `http` or `grpc`. + description: clientType defines the client used to export the + traces. Supported values are `http` or `grpc`. enum: - http - grpc type: string compression: - description: Compression key for supported compression types. + description: compression key for supported compression types. The only supported value is `gzip`. enum: - gzip type: string endpoint: - description: Endpoint to send the traces to. Should be provided + description: endpoint to send the traces to. Should be provided in format :. minLength: 1 type: string headers: additionalProperties: type: string - description: Key-value pairs to be used as headers associated - with gRPC or HTTP requests. + description: headers defines the key-value pairs to be used as + headers associated with gRPC or HTTP requests. type: object insecure: - description: If disabled, the client will use a secure connection. + description: insecure if disabled, the client will use a secure + connection. type: boolean samplingFraction: anyOf: - type: integer - type: string - description: Sets the probability a given trace will be sampled. - Must be a float from 0 through 1. + description: samplingFraction defines the probability a given + trace will be sampled. Must be a float from 0 through 1. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true timeout: - description: Maximum time the exporter will wait for each batch - export. + description: timeout defines the maximum time the exporter will + wait for each batch export. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS Config to use when sending traces. + description: tlsConfig to use when sending traces. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10786,7 +11028,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10811,15 +11054,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10842,7 +11086,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10867,19 +11112,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key file + in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10904,7 +11150,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10915,7 +11161,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10925,7 +11171,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -10933,12 +11180,12 @@ spec: type: object tsdb: description: |- - Defines the runtime reloadable configuration of the timeseries database(TSDB). + tsdb defines the runtime reloadable configuration of the timeseries database(TSDB). It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. properties: outOfOrderTimeWindow: description: |- - Configures how old an out-of-order/out-of-bounds sample can be with + outOfOrderTimeWindow defines how old an out-of-order/out-of-bounds sample can be with respect to the TSDB max time. An out-of-order/out-of-bounds sample is ingested into the TSDB as long as @@ -10953,7 +11200,7 @@ spec: type: object version: description: |- - Version of Prometheus being deployed. The operator uses this information + version of Prometheus being deployed. The operator uses this information to generate the Prometheus StatefulSet + configuration files. If not specified, the operator assumes the latest upstream version of @@ -10962,7 +11209,7 @@ spec: type: string volumeMounts: description: |- - VolumeMounts allows the configuration of additional VolumeMounts. + volumeMounts allows the configuration of additional VolumeMounts. VolumeMounts will be appended to other VolumeMounts in the 'prometheus' container, that are generated as a result of StorageSpec objects. @@ -11030,7 +11277,7 @@ spec: type: array volumes: description: |- - Volumes allows the configuration of additional volumes on the output + volumes allows the configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: @@ -11704,15 +11951,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -11894,12 +12139,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -11978,7 +12221,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -12398,6 +12641,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -12532,7 +12880,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -12817,29 +13164,30 @@ spec: type: array walCompression: description: |- - Configures compression of the write-ahead log (WAL) using Snappy. + walCompression defines the compression of the write-ahead log (WAL) using Snappy. WAL compression is enabled by default for Prometheus >= 2.20.0 Requires Prometheus v2.11.0 and above. type: boolean web: - description: Defines the configuration of the Prometheus web server. + description: web defines the configuration of the Prometheus web server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -12848,7 +13196,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -12857,7 +13205,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -12867,42 +13215,42 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object maxConnections: description: |- - Defines the maximum number of simultaneous connections + maxConnections defines the maximum number of simultaneous connections A zero value means that Prometheus doesn't accept any incoming connection. format: int32 minimum: 0 type: integer pageTitle: - description: The prometheus web page title. + description: pageTitle defines the prometheus web page title. type: string tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12925,7 +13273,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12951,7 +13300,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -12959,7 +13308,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -12969,14 +13318,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12999,7 +13348,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -13025,21 +13375,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -13049,7 +13399,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -13057,7 +13407,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -13085,14 +13435,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -13103,18 +13455,19 @@ spec: type: object status: description: |- - Most recent observed status of the Prometheus cluster. Read-only. + status defines the most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this Prometheus deployment. format: int32 type: integer conditions: - description: The current state of the Prometheus deployment. + description: conditions defines the current state of the Prometheus + deployment. items: description: |- Condition represents the state of the resources associated with the @@ -13126,12 +13479,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -13139,14 +13492,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -13160,45 +13513,46 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + replicas defines the total number of non-terminated pods targeted by this Prometheus deployment (their labels match the selector). format: int32 type: integer selector: - description: The selector used to match the pods targeted by this - Prometheus resource. + description: selector used to match the pods targeted by this Prometheus + resource. type: string shardStatuses: - description: The list has one entry per shard. Each entry provides - a summary of the shard status. + description: shardStatuses defines the list has one entry per shard. + Each entry provides a summary of the shard status. items: properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this shard. format: int32 type: integer replicas: - description: Total number of pods targeted by this shard. + description: replicas defines the total number of pods targeted + by this shard. format: int32 type: integer shardID: - description: Identifier of the shard. + description: shardID defines the identifier of the shard. type: string unavailableReplicas: - description: Total number of unavailable pods targeted by this - shard. + description: unavailableReplicas defines the Total number of + unavailable pods targeted by this shard. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this shard + updatedReplicas defines the total number of non-terminated pods targeted by this shard that have the desired spec. format: int32 type: integer @@ -13214,26 +13568,20 @@ spec: - shardID x-kubernetes-list-type: map shards: - description: Shards is the most recently observed number of shards. + description: shards defines the most recently observed number of shards. format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this Prometheus - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this Prometheus deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this Prometheus deployment + updatedReplicas defines the total number of non-terminated pods targeted by this Prometheus deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml index d322bb05125f..6812a34ee1d0 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-prometheusrules.yaml @@ -1,5 +1,5 @@ {{- if .Values.prometheusrules.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: prometheusrules.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -50,24 +50,25 @@ spec: metadata: type: object spec: - description: Specification of desired alerting rule definitions for Prometheus. + description: spec defines the specification of desired alerting rule definitions + for Prometheus. properties: groups: - description: Content of Prometheus rule file + description: groups defines the content of Prometheus rule file items: description: RuleGroup is a list of sequentially evaluated recording and alerting rules. properties: interval: - description: Interval determines how often rules in the group - are evaluated. + description: interval defines how often rules in the group are + evaluated. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string labels: additionalProperties: type: string description: |- - Labels to add or overwrite before storing the result for its rules. + labels define the labels to add or overwrite before storing the result for its rules. The labels defined at the rule level take precedence. It requires Prometheus >= 3.0.0. @@ -75,31 +76,32 @@ spec: type: object limit: description: |- - Limit the number of alerts an alerting rule and series a recording + limit defines the number of alerts an alerting rule and series a recording rule can produce. Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24. type: integer name: - description: Name of the rule group. + description: name defines the name of the rule group. minLength: 1 type: string partial_response_strategy: description: |- - PartialResponseStrategy is only used by ThanosRuler and will + partial_response_strategy is only used by ThanosRuler and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response pattern: ^(?i)(abort|warn)?$ type: string query_offset: description: |- - Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + query_offset defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string rules: - description: List of alerting and recording rules. + description: rules defines the list of alerting and recording + rules. items: description: |- Rule describes an alerting or recording rule @@ -107,42 +109,42 @@ spec: properties: alert: description: |- - Name of the alert. Must be a valid label value. + alert defines the name of the alert. Must be a valid label value. Only one of `record` and `alert` must be set. type: string annotations: additionalProperties: type: string description: |- - Annotations to add to each alert. + annotations defines annotations to add to each alert. Only valid for alerting rules. type: object expr: anyOf: - type: integer - type: string - description: PromQL expression to evaluate. + description: expr defines the PromQL expression to evaluate. x-kubernetes-int-or-string: true for: - description: Alerts are considered firing once they have - been returned for this long. + description: for defines how alerts are considered firing + once they have been returned for this long. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string keep_firing_for: - description: KeepFiringFor defines how long an alert will - continue firing after the condition that triggered it - has cleared. + description: keep_firing_for defines how long an alert + will continue firing after the condition that triggered + it has cleared. minLength: 1 pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string labels: additionalProperties: type: string - description: Labels to add or overwrite. + description: labels defines labels to add or overwrite. type: object record: description: |- - Name of the time series to output to. Must be a valid metric name. + record defines the name of the time series to output to. Must be a valid metric name. Only one of `record` and `alert` must be set. type: string required: @@ -157,9 +159,114 @@ spec: - name x-kubernetes-list-type: map type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the PrometheusRule. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} {{- end -}} diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml index b24e13bfdf8d..a82c82f6078c 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-scrapeconfigs.yaml @@ -1,5 +1,5 @@ {{- if .Values.scrapeconfigs.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: scrapeconfigs.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -49,15 +49,15 @@ spec: metadata: type: object spec: - description: ScrapeConfigSpec is a specification of the desired configuration - for a scrape configuration. + description: spec defines the specification of ScrapeConfigSpec. properties: authorization: - description: Authorization header to use on every scrape request. + description: authorization defines the header to use on every scrape + request. properties: credentials: - description: Selects a key of a Secret in the namespace that contains - the credentials for authentication. + description: credentials defines a key of a Secret in the namespace + that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must be @@ -82,7 +82,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -90,7 +90,7 @@ spec: type: string type: object azureSDConfigs: - description: AzureSDConfigs defines a list of Azure service discovery + description: azureSDConfigs defines a list of Azure service discovery configurations. items: description: |- @@ -99,7 +99,7 @@ spec: properties: authenticationMethod: description: |- - # The authentication method, either `OAuth` or `ManagedIdentity` or `SDK`. + authenticationMethod defines the authentication method, either `OAuth` or `ManagedIdentity` or `SDK`. See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview SDK authentication method uses environment variables by default. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication @@ -110,12 +110,12 @@ spec: type: string authorization: description: |- - Authorization header configuration to authenticate against the target HTTP endpoint. + authorization defines the authorization header configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `oAuth2`, or `basicAuth`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -140,7 +140,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -149,13 +149,13 @@ spec: type: object basicAuth: description: |- - BasicAuth information to authenticate against the target HTTP endpoint. + basicAuth defines the information to authenticate against the target HTTP endpoint. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oAuth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -181,7 +181,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -207,13 +207,13 @@ spec: x-kubernetes-map-type: atomic type: object clientID: - description: Optional client ID. Only required with the OAuth - authentication method. + description: clientID defines client ID. Only required with + the OAuth authentication method. minLength: 1 type: string clientSecret: - description: Optional client secret. Only required with the - OAuth authentication method. + description: clientSecret defines client secret. Only required + with the OAuth authentication method. properties: key: description: The key of the secret to select from. Must @@ -237,37 +237,36 @@ spec: type: object x-kubernetes-map-type: atomic enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean environment: - description: The Azure environment. + description: environment defines the Azure environment. minLength: 1 type: string followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. - Cannot be set at the same time as `authorization`, or `basicAuth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -290,7 +289,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -316,7 +316,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -344,12 +344,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -383,7 +383,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -391,33 +391,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -440,8 +439,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -466,12 +465,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -494,8 +493,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -520,11 +519,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -549,7 +549,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -560,7 +560,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -570,12 +570,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -585,7 +586,7 @@ spec: type: object port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 @@ -619,7 +620,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -627,44 +628,47 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resourceGroup: description: |- - Optional resource group name. Limits discovery to this resource group. + resourceGroup defines resource group name. Limits discovery to this resource group. Requires Prometheus v2.35.0 and above minLength: 1 type: string subscriptionID: - description: The subscription ID. Always required. + description: subscriptionID defines subscription ID. Always + required. minLength: 1 type: string tenantID: - description: Optional tenant ID. Only required with the OAuth - authentication method. + description: tenantID defines tenant ID. Only required with + the OAuth authentication method. minLength: 1 type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defies the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -687,7 +691,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -712,11 +717,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -739,7 +745,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -764,11 +771,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -793,7 +801,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -804,7 +812,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -814,7 +822,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -822,11 +831,12 @@ spec: type: object type: array basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -852,7 +862,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -878,7 +888,7 @@ spec: x-kubernetes-map-type: atomic type: object consulSDConfigs: - description: ConsulSDConfigs defines a list of Consul service discovery + description: consulSDConfigs defines a list of Consul service discovery configurations. items: description: |- @@ -887,17 +897,17 @@ spec: properties: allowStale: description: |- - Allow stale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. + allowStale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul. If unset, Prometheus uses its default value. type: boolean authorization: description: |- - Optional Authorization header configuration to authenticate against the Consul Server. + authorization defines the header configuration to authenticate against the Consul Server. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -922,7 +932,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -931,13 +941,13 @@ spec: type: object basicAuth: description: |- - Optional BasicAuth information to authenticate against the Consul Server. + basicAuth defines the information to authenticate against the Consul Server. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -963,7 +973,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -989,37 +999,34 @@ spec: x-kubernetes-map-type: atomic type: object datacenter: - description: Consul Datacenter name, if not provided it will - use the local Consul Agent Datacenter. + description: datacenter defines the consul Datacenter name, + if not provided it will use the local Consul Agent Datacenter. minLength: 1 type: string enableHTTP2: - description: |- - Whether to enable HTTP2. - If unset, Prometheus uses its default value. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filter: description: |- - Filter expression used to filter the catalog results. + filter defines the filter expression used to filter the catalog results. See https://www.consul.io/api-docs/catalog#list-services It requires Prometheus >= 3.0.0. minLength: 1 type: string followRedirects: - description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. - If unset, Prometheus uses its default value. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespace: description: |- - Namespaces are only supported in Consul Enterprise. + namespace are only supported in Consul Enterprise. It requires Prometheus >= 2.28.0. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1029,23 +1036,23 @@ spec: additionalProperties: type: string description: |- - Node metadata key/value pairs to filter nodes for a given service. + nodeMeta defines the node metadata key/value pairs to filter nodes for a given service. Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead. type: object x-kubernetes-map-type: atomic oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1068,7 +1075,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1094,7 +1102,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1122,12 +1130,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1161,7 +1169,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1169,33 +1177,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1218,8 +1225,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1244,12 +1251,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1272,8 +1279,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1298,11 +1305,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1327,7 +1335,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1338,7 +1346,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1348,12 +1356,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -1362,12 +1371,13 @@ spec: - tokenUrl type: object partition: - description: Admin Partitions are only supported in Consul Enterprise. + description: partition defines the admin Partitions are only + supported in Consul Enterprise. minLength: 1 type: string pathPrefix: description: |- - Prefix for URIs for when consul is behind an API gateway (reverse proxy). + pathPrefix defines the prefix for URIs for when consul is behind an API gateway (reverse proxy). It requires Prometheus >= 2.45.0. minLength: 1 @@ -1400,7 +1410,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1408,63 +1418,64 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - The time after which the provided names are refreshed. - On large setup it might be a good idea to increase this value because the catalog will change all the time. - If unset, Prometheus uses its default value. + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scheme: - description: HTTP Scheme default "http" + description: scheme defines the HTTP Scheme default "http" enum: - HTTP - HTTPS type: string server: - description: Consul server address. A valid string consisting - of a hostname or IP followed by an optional port number. + description: server defines the consul server address. A valid + string consisting of a hostname or IP followed by an optional + port number. minLength: 1 type: string services: - description: A list of services for which targets are retrieved. - If omitted, all services are scraped. + description: services defines a list of services for which targets + are retrieved. If omitted, all services are scraped. items: type: string type: array x-kubernetes-list-type: set tagSeparator: description: |- - The string by which Consul tags are joined into the tag label. + tagSeparator defines the string by which Consul tags are joined into the tag label. If unset, Prometheus uses its default value. minLength: 1 type: string tags: description: |- - An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. + tags defines an optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead. items: type: string type: array x-kubernetes-list-type: set tlsConfig: - description: TLS configuration to connect to the Consul API. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1487,7 +1498,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1512,11 +1524,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1539,7 +1552,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1564,11 +1578,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1593,7 +1608,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1604,7 +1619,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1614,12 +1629,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenRef: - description: Consul ACL TokenRef, if not provided it will use - the ACL from the local Consul Agent. + description: tokenRef defines the consul ACL TokenRef, if not + provided it will use the ACL from the local Consul Agent. properties: key: description: The key of the secret to select from. Must @@ -1648,11 +1664,11 @@ spec: type: array convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean digitalOceanSDConfigs: - description: DigitalOceanSDConfigs defines a list of DigitalOcean + description: digitalOceanSDConfigs defines a list of DigitalOcean service discovery configurations. items: description: |- @@ -1662,12 +1678,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the DigitalOcean API. + authorization defines the header configuration to authenticate against the DigitalOcean API. Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -1692,7 +1708,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -1700,33 +1716,32 @@ spec: type: string type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1749,7 +1764,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -1775,7 +1791,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -1803,12 +1819,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -1842,7 +1858,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -1850,33 +1866,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1899,8 +1914,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1925,12 +1940,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -1953,8 +1968,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -1979,11 +1994,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2008,7 +2024,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2019,7 +2035,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2029,12 +2045,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -2043,7 +2060,8 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -2076,7 +2094,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2084,28 +2102,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2128,7 +2149,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2153,11 +2175,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2180,7 +2203,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2205,11 +2229,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2234,7 +2259,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2245,7 +2270,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2255,13 +2280,14 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array dnsSDConfigs: - description: DNSSDConfigs defines a list of DNS service discovery + description: dnsSDConfigs defines a list of DNS service discovery configurations. items: description: |- @@ -2270,7 +2296,8 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config properties: names: - description: A list of DNS domain names to be queried. + description: names defines a list of DNS domain names to be + queried. items: minLength: 1 type: string @@ -2278,7 +2305,7 @@ spec: type: array port: description: |- - The port number used if the query type is not SRV + port defines the port to scrape metrics from. If using the public IP address, this must Ignored for SRV records format: int32 maximum: 65535 @@ -2286,13 +2313,13 @@ spec: type: integer refreshInterval: description: |- - RefreshInterval configures the time after which the provided names are refreshed. + refreshInterval defines the time after which the provided names are refreshed. If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: description: |- - The type of DNS query to perform. One of SRV, A, AAAA, MX or NS. + type defines the type of DNS query to perform. One of SRV, A, AAAA, MX or NS. If not set, Prometheus uses its default value. When set to NS, it requires Prometheus >= v2.49.0. @@ -2309,7 +2336,7 @@ spec: type: object type: array dockerSDConfigs: - description: DockerSDConfigs defines a list of Docker service discovery + description: dockerSDConfigs defines a list of Docker service discovery configurations. items: description: |- @@ -2320,12 +2347,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the Docker API. + authorization defines the header configuration to authenticate against the DigitalOcean API. Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -2350,7 +2377,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -2358,11 +2385,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -2388,7 +2416,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -2414,20 +2442,20 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filters: - description: Optional filters to limit the discovery process - to a subset of the available resources. + description: filters defines filters to limit the discovery + process to a subset of the available resources. items: description: Filter name and value pairs to limit the discovery process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -2443,45 +2471,44 @@ spec: - name x-kubernetes-list-type: map followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean host: - description: Address of the docker daemon + description: host defines the address of the docker daemon minLength: 1 type: string hostNetworkingHost: - description: The host to use if the container is in host networking - mode. + description: hostNetworkingHost defines the host to use if the + container is in host networking mode. minLength: 1 type: string matchFirstNetwork: description: |- - Configure whether to match the first network if the container has multiple networks defined. + matchFirstNetwork defines whether to match the first network if the container has multiple networks defined. If unset, Prometheus uses true by default. It requires Prometheus >= v2.54.1. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2504,7 +2531,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2530,7 +2558,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -2558,12 +2586,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -2597,7 +2625,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2605,33 +2633,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2654,8 +2681,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2680,12 +2707,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2708,8 +2735,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -2734,11 +2761,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2763,7 +2791,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2774,7 +2802,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2784,12 +2812,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -2798,7 +2827,8 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -2831,7 +2861,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -2839,28 +2869,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Time after which the container is refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2883,7 +2916,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2908,11 +2942,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -2935,7 +2970,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2960,11 +2996,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -2989,7 +3026,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3000,7 +3037,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3010,7 +3047,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -3018,7 +3056,7 @@ spec: type: object type: array dockerSwarmSDConfigs: - description: DockerswarmSDConfigs defines a list of Dockerswarm service + description: dockerSwarmSDConfigs defines a list of Dockerswarm service discovery configurations. items: description: |- @@ -3026,12 +3064,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config properties: authorization: - description: Authorization header configuration to authenticate - against the target HTTP endpoint. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -3056,7 +3095,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -3064,11 +3103,12 @@ spec: type: string type: object basicAuth: - description: Optional HTTP basic authentication information. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -3094,7 +3134,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -3120,11 +3160,11 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean filters: description: |- - Optional filters to limit the discovery process to a subset of available + filters defines the filters to limit the discovery process to a subset of available resources. The available filters are listed in the upstream documentation: Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList @@ -3135,10 +3175,10 @@ spec: process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -3154,16 +3194,16 @@ spec: - name x-kubernetes-list-type: map followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean host: - description: Address of the Docker daemon + description: host defines the address of the Docker daemon pattern: ^[a-zA-Z][a-zA-Z0-9+.-]*://.+$ type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3171,17 +3211,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3204,7 +3244,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3230,7 +3271,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -3258,12 +3299,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3297,7 +3338,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3305,33 +3346,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3354,8 +3394,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -3380,12 +3420,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3408,8 +3448,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -3434,11 +3474,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -3463,7 +3504,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3474,7 +3515,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3484,12 +3525,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -3499,7 +3541,7 @@ spec: type: object port: description: |- - The port to scrape metrics from, when `role` is nodes, and for discovered + port defines the port to scrape metrics from. If using the public IP address, this must tasks and services that don't have published ports. format: int32 maximum: 65535 @@ -3533,7 +3575,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3541,21 +3583,22 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time after which the service discovery data - is refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: Role of the targets to retrieve. Must be `Services`, + description: role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`. enum: - Services @@ -3563,15 +3606,16 @@ spec: - Nodes type: string tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3594,7 +3638,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3619,11 +3664,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3646,7 +3692,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3671,11 +3718,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -3700,7 +3748,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -3711,7 +3759,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -3721,7 +3769,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -3730,7 +3779,7 @@ spec: type: object type: array ec2SDConfigs: - description: EC2SDConfigs defines a list of EC2 service discovery + description: ec2SDConfigs defines a list of EC2 service discovery configurations. items: description: |- @@ -3743,7 +3792,7 @@ spec: BasicAuth, Authorization and OAuth2 fields are not present on purpose. properties: accessKey: - description: AccessKey is the AWS API key. + description: accessKey defines the AWS API key. properties: key: description: The key of the secret to select from. Must @@ -3768,12 +3817,12 @@ spec: x-kubernetes-map-type: atomic enableHTTP2: description: |- - Whether to enable HTTP2. + enableHTTP2 defines whether to enable HTTP2. It requires Prometheus >= v2.41.0 type: boolean filters: description: |- - Filters can be used optionally to filter the instance list by other criteria. + filters can be used optionally to filter the instance list by other criteria. Available filter criteria can be found here: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html @@ -3783,10 +3832,10 @@ spec: process to a subset of available resources. properties: name: - description: Name of the Filter. + description: name of the Filter. type: string values: - description: Value to filter on. + description: values defines values to filter on. items: minLength: 1 type: string @@ -3803,12 +3852,12 @@ spec: x-kubernetes-list-type: map followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.41.0 type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -3816,7 +3865,7 @@ spec: type: string port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 @@ -3850,7 +3899,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -3858,29 +3907,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The AWS region. + description: region defines the AWS region. minLength: 1 type: string roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. + description: roleARN defines an alternative to using AWS API + keys. minLength: 1 type: string secretKey: - description: SecretKey is the AWS API secret. + description: secretKey defines the AWS API secret. properties: key: description: The key of the secret to select from. Must @@ -3905,16 +3956,16 @@ spec: x-kubernetes-map-type: atomic tlsConfig: description: |- - TLS configuration to connect to the AWS EC2 API. + tlsConfig defines the TLS configuration to connect to the Consul API. It requires Prometheus >= v2.41.0 properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3937,7 +3988,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -3962,11 +4014,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -3989,7 +4042,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4014,11 +4068,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4043,7 +4098,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4054,7 +4109,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4064,24 +4119,25 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array enableCompression: description: |- - When false, Prometheus will request uncompressed response from the scraped target. + enableCompression when false, Prometheus will request uncompressed response from the scraped target. It requires Prometheus >= v2.49.0. If unset, Prometheus uses true by default. type: boolean enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean eurekaSDConfigs: - description: EurekaSDConfigs defines a list of Eureka service discovery + description: eurekaSDConfigs defines a list of Eureka service discovery configurations. items: description: |- @@ -4090,11 +4146,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#eureka_sd_config properties: authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4119,7 +4177,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4127,11 +4185,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines the BasicAuth information to + use on every scrape request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4157,7 +4216,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4183,33 +4242,32 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization` or `basic_auth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4232,7 +4290,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4258,7 +4317,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4286,12 +4345,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4325,7 +4384,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4333,33 +4392,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4382,8 +4440,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -4408,12 +4466,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4436,8 +4494,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -4462,11 +4520,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4491,7 +4550,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4502,7 +4561,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4512,12 +4571,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -4553,7 +4613,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -4561,32 +4621,37 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string server: - description: The URL to connect to the Eureka server. + description: server defines the URL to connect to the Eureka + server. minLength: 1 + pattern: ^http(s)?://.+$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4609,7 +4674,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4634,11 +4700,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4661,7 +4728,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4686,11 +4754,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -4715,7 +4784,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -4726,7 +4795,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -4736,7 +4805,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -4745,7 +4815,7 @@ spec: type: array fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -4756,7 +4826,7 @@ spec: - PrometheusText1.0.0 type: string fileSDConfigs: - description: FileSDConfigs defines a list of file service discovery + description: fileSDConfigs defines a list of file service discovery configurations. items: description: |- @@ -4765,7 +4835,7 @@ spec: properties: files: description: |- - List of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the + files defines the list of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the prometheus-operator project makes no guarantees about the working directory where the configuration file is stored. Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets. @@ -4777,8 +4847,9 @@ spec: type: array x-kubernetes-list-type: set refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will reload the content of the files. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string required: @@ -4786,7 +4857,7 @@ spec: type: object type: array gceSDConfigs: - description: GCESDConfigs defines a list of GCE service discovery + description: gceSDConfigs defines a list of GCE service discovery configurations. items: description: |- @@ -4806,36 +4877,37 @@ spec: properties: filter: description: |- - Filter can be used optionally to filter the instance list by other criteria + filter defines the filter that can be used optionally to filter the instance list by other criteria Syntax of this filter is described in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list minLength: 1 type: string port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 minimum: 0 type: integer project: - description: The Google Cloud Project ID + description: project defines the Google Cloud Project ID minLength: 1 type: string refreshInterval: - description: RefreshInterval configures the refresh interval - at which Prometheus will re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tagSeparator: - description: The tag separator is used to separate the tags - on concatenation + description: tagSeparator defines the tag separator is used + to separate the tags on concatenation minLength: 1 type: string zone: - description: The zone of the scrape targets. If you need multiple - zones use multiple GCESDConfigs. + description: zone defines the zone of the scrape targets. If + you need multiple zones use multiple GCESDConfigs. minLength: 1 type: string required: @@ -4844,7 +4916,7 @@ spec: type: object type: array hetznerSDConfigs: - description: HetznerSDConfigs defines a list of Hetzner service discovery + description: hetznerSDConfigs defines a list of Hetzner service discovery configurations. items: description: |- @@ -4854,12 +4926,12 @@ spec: properties: authorization: description: |- - Authorization header configuration, required when role is hcloud. - Role robot does not support bearer token authentication. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4884,7 +4956,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4892,13 +4964,12 @@ spec: type: string type: object basicAuth: - description: |- - BasicAuth information to use on every scrape request, required when role is robot. - Role hcloud does not support basic auth. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4924,7 +4995,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4950,39 +5021,38 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean labelSelector: description: |- - Label selector used to filter the servers when fetching them from the API. + labelSelector defines the label selector used to filter the servers when fetching them from the API. It requires Prometheus >= v3.5.0. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be used at the same time as `basic_auth` or `authorization`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5005,7 +5075,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5031,7 +5102,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5059,12 +5130,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5098,7 +5169,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5106,33 +5177,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5155,8 +5225,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5181,12 +5251,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5209,8 +5279,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5235,11 +5305,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5264,7 +5335,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5275,7 +5346,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5285,12 +5356,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5299,7 +5371,11 @@ spec: - tokenUrl type: object port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must + format: int32 + maximum: 65535 + minimum: 0 type: integer proxyConnectHeader: additionalProperties: @@ -5329,7 +5405,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5337,20 +5413,23 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time after which the servers are refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: The Hetzner role of entities that should be discovered. + description: role defines the Hetzner role of entities that + should be discovered. enum: - hcloud - Hcloud @@ -5358,15 +5437,16 @@ spec: - Robot type: string tlsConfig: - description: TLS configuration to use on every scrape request. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5389,7 +5469,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5414,11 +5495,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5441,7 +5523,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5466,11 +5549,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5495,7 +5579,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5506,7 +5590,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5516,7 +5600,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -5524,15 +5609,17 @@ spec: type: object type: array honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. + description: |- + honorLabels defines when true the metric's labels when they collide + with the target's labels. type: boolean honorTimestamps: - description: HonorTimestamps controls whether Prometheus respects - the timestamps present in scraped data. + description: |- + honorTimestamps defines whether Prometheus preserves the timestamps + when exposed by the target. type: boolean httpSDConfigs: - description: HTTPSDConfigs defines a list of HTTP service discovery + description: httpSDConfigs defines a list of HTTP service discovery configurations. items: description: |- @@ -5541,12 +5628,12 @@ spec: properties: authorization: description: |- - Authorization header configuration to authenticate against the target HTTP endpoint. + authorization defines the authorization header configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `oAuth2`, or `basicAuth`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -5571,7 +5658,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -5580,13 +5667,13 @@ spec: type: object basicAuth: description: |- - BasicAuth information to authenticate against the target HTTP endpoint. + basicAuth defines information to use on every scrape request. More info: https://prometheus.io/docs/operating/configuration/#endpoints Cannot be set at the same time as `authorization`, or `oAuth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -5612,7 +5699,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -5638,15 +5725,15 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5654,17 +5741,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5687,7 +5774,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5713,7 +5801,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -5741,12 +5829,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -5780,7 +5868,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5788,33 +5876,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5837,8 +5924,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5863,12 +5950,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5891,8 +5978,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5917,11 +6004,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5946,7 +6034,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5957,7 +6045,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5967,12 +6055,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6008,7 +6097,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6016,30 +6105,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - RefreshInterval configures the refresh interval at which Prometheus will re-query the - endpoint to update the target list. + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6062,7 +6152,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6087,11 +6178,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6114,7 +6206,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6139,11 +6232,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6168,7 +6262,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6179,7 +6273,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6189,11 +6283,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: URL from which the targets are fetched. + description: url defines the URL from which the targets are + fetched. minLength: 1 pattern: ^http(s)?://.+$ type: string @@ -6202,7 +6298,7 @@ spec: type: object type: array ionosSDConfigs: - description: IonosSDConfigs defines a list of IONOS service discovery + description: ionosSDConfigs defines a list of IONOS service discovery configurations. items: description: |- @@ -6210,12 +6306,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ionos_sd_config properties: authorization: - description: Authorization` header configuration, required when - using IONOS. + description: |- + authorization defines the header configuration to authenticate against the IONOS. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6240,7 +6337,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6248,35 +6345,37 @@ spec: type: string type: object datacenterID: - description: The unique ID of the IONOS data center. + description: datacenterID defines the unique ID of the IONOS + data center. minLength: 1 type: string enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: Configure whether to enable OAuth2. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6299,7 +6398,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6325,7 +6425,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -6353,12 +6453,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6392,7 +6492,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6400,33 +6500,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6449,8 +6548,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6475,12 +6574,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6503,8 +6602,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -6529,11 +6628,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6558,7 +6658,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6569,7 +6669,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6579,12 +6679,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -6593,7 +6694,8 @@ spec: - tokenUrl type: object port: - description: Port to scrape the metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -6626,7 +6728,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -6634,29 +6736,31 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of resources. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration to use when connecting to the - IONOS API. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6679,7 +6783,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6704,11 +6809,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -6731,7 +6837,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -6756,11 +6863,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -6785,7 +6893,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -6796,7 +6904,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -6806,7 +6914,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -6816,7 +6925,7 @@ spec: type: array jobName: description: |- - The value of the `job` label assigned to the scraped metrics by default. + jobName defines the value of the `job` label assigned to the scraped metrics by default. The `job_name` field in the rendered scrape configuration is always controlled by the operator to prevent duplicate job names, which Prometheus does not allow. Instead the @@ -6825,14 +6934,14 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. format: int64 type: integer kubernetesSDConfigs: - description: KubernetesSDConfigs defines a list of Kubernetes service + description: kubernetesSDConfigs defines a list of Kubernetes service discovery configurations. items: description: |- @@ -6841,7 +6950,7 @@ spec: properties: apiServer: description: |- - The API server address consisting of a hostname or IP address followed + apiServer defines the API server address consisting of a hostname or IP address followed by an optional port number. If left empty, Prometheus is assumed to run inside of the cluster. It will discover API servers automatically and use the pod's @@ -6850,13 +6959,13 @@ spec: type: string attachMetadata: description: |- - Optional metadata to attach to discovered targets. + attachMetadata defines the metadata to attach to discovered targets. It requires Prometheus >= v2.35.0 when using the `Pod` role and Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles. properties: node: description: |- - Attaches node metadata to discovered targets. + node attaches node metadata to discovered targets. When set to true, Prometheus must have the `get` permission on the `Nodes` objects. Only valid for Pod, Endpoint and Endpointslice roles. @@ -6864,12 +6973,12 @@ spec: type: object authorization: description: |- - Authorization header to use on every scrape request. + authorization defines the authorization header to use on every scrape request. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -6894,7 +7003,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -6903,12 +7012,12 @@ spec: type: object basicAuth: description: |- - BasicAuth information to use on every scrape request. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -6934,7 +7043,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -6960,32 +7069,32 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespaces: - description: Optional namespace discovery. If omitted, Prometheus - discovers targets across all namespaces. + description: namespaces defines the namespace discovery. If + omitted, Prometheus discovers targets across all namespaces. properties: names: description: |- - List of namespaces where to watch for resources. + names defines a list of namespaces where to watch for resources. If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces. items: type: string type: array x-kubernetes-list-type: set ownNamespace: - description: Includes the namespace in which the Prometheus - pod runs to the list of watched namespaces. + description: ownNamespace includes the namespace in which + the Prometheus pod runs to the list of watched namespaces. type: boolean type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -6993,17 +7102,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7026,7 +7135,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7052,7 +7162,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7080,12 +7190,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7119,7 +7229,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7127,33 +7237,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7176,8 +7285,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7202,12 +7311,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7230,8 +7339,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7256,11 +7365,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7285,7 +7395,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7296,7 +7406,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7306,12 +7416,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -7347,7 +7458,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7355,17 +7466,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string role: description: |- - Role of the Kubernetes entities that should be discovered. + role defines the Kubernetes role of the entities that should be discovered. Role `Endpointslice` requires Prometheus >= v2.21.0 enum: - Pod @@ -7377,26 +7488,26 @@ spec: type: string selectors: description: |- - Selector to select objects. + selectors defines the selector to select objects. It requires Prometheus >= v2.17.0 items: description: K8SSelectorConfig is Kubernetes Selector Config properties: field: description: |- - An optional field selector to limit the service discovery to resources which have fields with specific values. + field defines an optional field selector to limit the service discovery to resources which have fields with specific values. e.g: `metadata.name=foobar` minLength: 1 type: string label: description: |- - An optional label selector to limit the service discovery to resources with specific labels and label values. + label defines an optional label selector to limit the service discovery to resources with specific labels and label values. e.g: `node.kubernetes.io/instance-type=master` minLength: 1 type: string role: description: |- - Role specifies the type of Kubernetes resource to limit the service discovery to. + role defines the type of Kubernetes resource to limit the service discovery to. Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress. enum: - Pod @@ -7414,16 +7525,16 @@ spec: - role x-kubernetes-list-type: map tlsConfig: - description: TLS configuration to connect to the Kubernetes - API. + description: tlsConfig defines the TLS configuration to connect + to the Kubernetes API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7446,7 +7557,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7471,11 +7583,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7498,7 +7611,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7523,11 +7637,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7552,7 +7667,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -7563,7 +7678,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -7573,7 +7688,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -7581,7 +7697,7 @@ spec: type: object type: array kumaSDConfigs: - description: KumaSDConfigs defines a list of Kuma service discovery + description: kumaSDConfigs defines a list of Kuma service discovery configurations. items: description: |- @@ -7589,11 +7705,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kuma_sd_config properties: authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -7618,7 +7736,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -7626,11 +7744,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -7656,7 +7775,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -7682,42 +7801,43 @@ spec: x-kubernetes-map-type: atomic type: object clientID: - description: Client id is used by Kuma Control Plane to compute - Monitoring Assignment for specific Prometheus backend. + description: |- + clientID is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend. + It requires Prometheus >= v2.50.0. + minLength: 1 type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean fetchTimeout: - description: The time after which the monitoring assignments - are refreshed. + description: fetchTimeout defines the time after which the monitoring + assignments are refreshed. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization`, or `basicAuth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7740,7 +7860,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -7766,7 +7887,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -7794,12 +7915,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -7833,7 +7954,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -7841,33 +7962,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7890,8 +8010,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7916,12 +8036,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -7944,8 +8064,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -7970,11 +8090,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -7999,7 +8120,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8010,7 +8131,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8020,12 +8141,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -8061,7 +8183,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8069,32 +8191,36 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: The time to wait between polling update requests. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string server: - description: Address of the Kuma Control Plane's MADS xDS server. - minLength: 1 + description: server defines the address of the Kuma Control + Plane's MADS xDS server. + pattern: ^https?://.+$ type: string tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8117,7 +8243,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8142,11 +8269,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8169,7 +8297,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8194,11 +8323,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8223,7 +8353,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8234,7 +8364,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8244,7 +8374,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -8253,24 +8384,24 @@ spec: type: array labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. format: int64 type: integer lightSailSDConfigs: - description: LightsailSDConfigs defines a list of Lightsail service + description: lightSailSDConfigs defines a list of Lightsail service discovery configurations. items: description: |- @@ -8278,7 +8409,7 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#lightsail_sd_config properties: accessKey: - description: AccessKey is the AWS API key. + description: accessKey defines the AWS API key. properties: key: description: The key of the secret to select from. Must @@ -8303,12 +8434,12 @@ spec: x-kubernetes-map-type: atomic authorization: description: |- - Optional `authorization` HTTP header configuration. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -8333,7 +8464,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -8342,12 +8473,12 @@ spec: type: object basicAuth: description: |- - Optional HTTP basic authentication information. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -8373,7 +8504,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -8399,19 +8530,19 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean endpoint: - description: Custom endpoint to be used. + description: endpoint defines the custom endpoint to be used. minLength: 1 type: string followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8419,17 +8550,17 @@ spec: type: string oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8452,7 +8583,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8478,7 +8610,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -8506,12 +8638,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -8545,7 +8677,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8553,33 +8685,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8602,8 +8733,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -8628,12 +8759,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8656,8 +8787,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -8682,11 +8813,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8711,7 +8843,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8722,7 +8854,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8732,12 +8864,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -8746,9 +8879,8 @@ spec: - tokenUrl type: object port: - description: |- - Port to scrape the metrics from. - If using the public IP address, this must instead be specified in the relabeling rule. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -8781,7 +8913,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -8789,27 +8921,30 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of instances. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The AWS region. + description: region defines the AWS region. minLength: 1 type: string roleARN: - description: AWS Role ARN, an alternative to using AWS API keys. + description: roleARN defines the AWS Role ARN, an alternative + to using AWS API keys. type: string secretKey: - description: SecretKey is the AWS API secret. + description: secretKey defines the AWS API secret. properties: key: description: The key of the secret to select from. Must @@ -8833,15 +8968,16 @@ spec: type: object x-kubernetes-map-type: atomic tlsConfig: - description: TLS configuration to connect to the Puppet DB. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8864,7 +9000,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8889,11 +9026,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -8916,7 +9054,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -8941,11 +9080,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -8970,7 +9110,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -8981,7 +9121,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -8991,13 +9131,14 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array linodeSDConfigs: - description: LinodeSDConfigs defines a list of Linode service discovery + description: linodeSDConfigs defines a list of Linode service discovery configurations. items: description: |- @@ -9005,11 +9146,13 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#linode_sd_config properties: authorization: - description: Authorization header configuration. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -9034,7 +9177,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9042,15 +9185,15 @@ spec: type: string type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9058,17 +9201,17 @@ spec: type: string oauth2: description: |- - Optional OAuth 2.0 configuration. - Cannot be used at the same time as `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9091,7 +9234,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9117,7 +9261,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9145,12 +9289,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9184,7 +9328,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9192,33 +9336,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9241,8 +9384,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -9267,12 +9410,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9295,8 +9438,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -9321,11 +9464,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -9350,7 +9494,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9361,7 +9505,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9371,12 +9515,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -9385,7 +9530,8 @@ spec: - tokenUrl type: object port: - description: Default port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -9418,7 +9564,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -9426,37 +9572,40 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Time after which the linode instances are refreshed. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: Optional region to filter on. + description: region defines the region to filter on. minLength: 1 type: string tagSeparator: - description: The string by which Linode Instance tags are joined - into the tag label. + description: tagSeparator defines the string by which Linode + Instance tags are joined into the tag label.el. minLength: 1 type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9479,7 +9628,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9504,11 +9654,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9531,7 +9682,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9556,11 +9708,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -9585,7 +9738,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -9596,7 +9749,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -9606,13 +9759,15 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object type: object type: array metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. + description: metricRelabelings defines the metricRelabelings to apply + to samples before ingestion. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -9623,7 +9778,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -9655,40 +9810,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -9699,13 +9855,13 @@ spec: minItems: 1 type: array metricsPath: - description: MetricsPath HTTP path to scrape for metrics. If empty, - Prometheus uses the default value (e.g. /metrics). + description: metricsPath defines the HTTP path to scrape for metrics. + If empty, Prometheus uses the default value (e.g. /metrics). minLength: 1 type: string nameEscapingScheme: description: |- - Metric name escaping mode to request through content negotiation. + nameEscapingScheme defines the metric name escaping mode to request through content negotiation. It requires Prometheus >= v3.4.0. enum: @@ -9716,7 +9872,7 @@ spec: type: string nameValidationScheme: description: |- - Specifies the validation scheme for metric and label names. + nameValidationScheme defines the validation scheme for metric and label names. It requires Prometheus >= v3.0.0. enum: @@ -9725,7 +9881,7 @@ spec: type: string nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -9735,21 +9891,21 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string nomadSDConfigs: - description: NomadSDConfigs defines a list of Nomad service discovery + description: nomadSDConfigs defines a list of Nomad service discovery configurations. items: description: |- @@ -9758,15 +9914,17 @@ spec: properties: allowStale: description: |- - The information to access the Nomad API. It is to be defined + allowStale defines the information to access the Nomad API. It is to be defined as the Nomad documentation requires. type: boolean authorization: - description: Authorization header to use on every scrape request. + description: |- + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -9791,7 +9949,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -9799,11 +9957,12 @@ spec: type: string type: object basicAuth: - description: BasicAuth information to use on every scrape request. + description: basicAuth defines information to use on every scrape + request. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -9829,7 +9988,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -9855,35 +10014,37 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean namespace: + description: |- + namespace defines the Nomad namespace to query for service discovery. + When specified, only resources within this namespace will be discovered. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string oauth2: - description: |- - Optional OAuth 2.0 configuration. - Cannot be set at the same time as `authorization` or `basic_auth`. + description: oauth2 defines the configuration to use on every + scrape request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9906,7 +10067,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9932,7 +10094,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -9960,12 +10122,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -9999,7 +10161,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10007,33 +10169,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10056,8 +10217,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -10082,12 +10243,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10110,8 +10271,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -10136,11 +10297,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10165,7 +10327,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10176,7 +10338,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10186,12 +10348,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -10227,7 +10390,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10235,38 +10398,47 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: description: |- - Duration is a valid time duration that can be parsed by Prometheus model.ParseDuration() function. - Supported units: y, w, d, h, m, s, ms - Examples: `30s`, `1m`, `1h20m15s`, `15d` + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: + description: |- + region defines the Nomad region to query for service discovery. + When specified, only resources within this region will be discovered. type: string server: + description: |- + server defines the Nomad server address to connect to for service discovery. + This should be the full URL including protocol (e.g., "https://nomad.example.com:4646/"). minLength: 1 type: string tagSeparator: + description: |- + tagSeparator defines the separator used to join multiple tags. + This determines how Nomad service tags are concatenated into Prometheus labels. type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10289,7 +10461,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10314,11 +10487,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10341,7 +10515,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10366,11 +10541,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10395,7 +10571,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10406,7 +10582,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10416,7 +10592,8 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object required: @@ -10424,15 +10601,17 @@ spec: type: object type: array oauth2: - description: OAuth2 configuration to use on every scrape request. + description: oauth2 defines the configuration to use on every scrape + request. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -10455,7 +10634,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10481,7 +10661,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -10509,12 +10689,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -10548,7 +10728,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -10556,32 +10736,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for the - token request.' + description: scopes defines the OAuth2 scopes used for the token + request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10604,7 +10784,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10629,11 +10810,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10656,7 +10838,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10681,11 +10864,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -10710,7 +10894,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -10721,7 +10905,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -10731,12 +10915,12 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the token - from.' + description: tokenUrl defines the URL to fetch the token from. minLength: 1 type: string required: @@ -10745,7 +10929,7 @@ spec: - tokenUrl type: object openstackSDConfigs: - description: OpenStackSDConfigs defines a list of OpenStack service + description: openstackSDConfigs defines a list of OpenStack service discovery configurations. items: description: |- @@ -10754,15 +10938,15 @@ spec: properties: allTenants: description: |- - Whether the service discovery should list all instances for all projects. + allTenants defines whether the service discovery should list all instances for all projects. It is only relevant for the 'instance' role and usually requires admin permissions. type: boolean applicationCredentialId: - description: ApplicationCredentialID + description: applicationCredentialId defines the OpenStack applicationCredentialId. type: string applicationCredentialName: description: |- - The ApplicationCredentialID or ApplicationCredentialName fields are + applicationCredentialName defines the ApplicationCredentialID or ApplicationCredentialName fields are required if using an application credential to authenticate. Some providers allow you to create an application credential to authenticate rather than a password. @@ -10770,7 +10954,7 @@ spec: type: string applicationCredentialSecret: description: |- - The applicationCredentialSecret field is required if using an application + applicationCredentialSecret defines the required field if using an application credential to authenticate. properties: key: @@ -10795,7 +10979,8 @@ spec: type: object x-kubernetes-map-type: atomic availability: - description: Availability of the endpoint to connect to. + description: availability defines the availability of the endpoint + to connect to. enum: - Public - public @@ -10805,24 +10990,24 @@ spec: - internal type: string domainID: - description: DomainID + description: domainID defines The OpenStack domainID. minLength: 1 type: string domainName: description: |- - At most one of domainId and domainName must be provided if using username + domainName defines at most one of domainId and domainName that must be provided if using username with Identity V3. Otherwise, either are optional. minLength: 1 type: string identityEndpoint: description: |- - IdentityEndpoint specifies the HTTP endpoint that is required to work with + identityEndpoint defines the HTTP endpoint that is required to work with the Identity API of the appropriate version. pattern: ^http(s)?:\/\/.+$ type: string password: description: |- - Password for the Identity V2 and V3 APIs. Consult with your provider's + password defines the password for the Identity V2 and V3 APIs. Consult with your provider's control panel to discover your account's preferred method of authentication. properties: key: @@ -10848,35 +11033,37 @@ spec: x-kubernetes-map-type: atomic port: description: |- - The port to scrape metrics from. If using the public IP address, this must + port defines the port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. format: int32 maximum: 65535 minimum: 0 type: integer projectID: - description: ' ProjectID' + description: projectID defines the OpenStack projectID. minLength: 1 type: string projectName: description: |- - The ProjectId and ProjectName fields are optional for the Identity V2 API. + projectName defines an optional field for the Identity V2 API. Some providers allow you to specify a ProjectName instead of the ProjectId. Some require both. Your provider's authentication policies will determine how these fields influence authentication. minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the instance list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string region: - description: The OpenStack Region. + description: region defines the OpenStack Region. minLength: 1 type: string role: description: |- - The OpenStack role of entities that should be discovered. + role defines the OpenStack role of entities that should be discovered. Note: The `LoadBalancer` role requires Prometheus >= v3.2.0. enum: @@ -10885,15 +11072,16 @@ spec: - LoadBalancer type: string tlsConfig: - description: TLS configuration applying to the target HTTP endpoint. + description: tlsConfig defines the TLS configuration applying + to the target HTTP endpoint. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10916,7 +11104,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10941,11 +11130,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -10968,7 +11158,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -10993,11 +11184,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11022,7 +11214,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11033,7 +11225,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11043,16 +11235,17 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object userid: - description: UserID + description: userid defines the OpenStack userid. minLength: 1 type: string username: description: |- - Username is required if using Identity V2 API. Consult with your provider's + username defines the username required if using Identity V2 API. Consult with your provider's control panel to discover your account's username. In Identity V3, either userid or a combination of username and domainId or domainName are needed @@ -11064,7 +11257,7 @@ spec: type: object type: array ovhcloudSDConfigs: - description: OVHCloudSDConfigs defines a list of OVHcloud service + description: ovhcloudSDConfigs defines a list of OVHcloud service discovery configurations. items: description: |- @@ -11072,11 +11265,15 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ovhcloud_sd_config properties: applicationKey: - description: Access key to use. https://api.ovh.com. + description: |- + applicationKey defines the access key to use for OVHCloud API authentication. + This is obtained from the OVHCloud API credentials at https://api.ovh.com. minLength: 1 type: string applicationSecret: - description: SecretKeySelector selects a key of a Secret. + description: |- + applicationSecret defines the secret key for OVHCloud API authentication. + This contains the application secret obtained during OVHCloud API credential creation. properties: key: description: The key of the secret to select from. Must @@ -11100,7 +11297,9 @@ spec: type: object x-kubernetes-map-type: atomic consumerKey: - description: SecretKeySelector selects a key of a Secret. + description: |- + consumerKey defines the consumer key for OVHCloud API authentication. + This is the third component of OVHCloud's three-key authentication system. properties: key: description: The key of the secret to select from. Must @@ -11124,23 +11323,24 @@ spec: type: object x-kubernetes-map-type: atomic endpoint: - description: Custom endpoint to be used. + description: |- + endpoint defines a custom API endpoint to be used. + When not specified, defaults to the standard OVHCloud API endpoint for the region. minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the resources list. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string service: - allOf: - - enum: - - VPS - - DedicatedServer - - enum: - - VPS - - DedicatedServer - description: Service of the targets to retrieve. Must be `VPS` - or `DedicatedServer`. + description: |- + service defines the service type of the targets to retrieve. + Must be either `VPS` or `DedicatedServer` to specify which OVHCloud resources to discover. + enum: + - VPS + - DedicatedServer type: string required: - applicationKey @@ -11154,7 +11354,7 @@ spec: items: type: string type: array - description: Optional HTTP URL parameters + description: params defines optional HTTP URL parameters type: object x-kubernetes-map-type: atomic proxyConnectHeader: @@ -11185,7 +11385,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11193,16 +11393,16 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string puppetDBSDConfigs: - description: PuppetDBSDConfigs defines a list of PuppetDB service + description: puppetDBSDConfigs defines a list of PuppetDB service discovery configurations. items: description: |- @@ -11211,12 +11411,12 @@ spec: properties: authorization: description: |- - Optional `authorization` HTTP header configuration. - Cannot be set at the same time as `basicAuth`, or `oauth2`. + authorization defines the header configuration to authenticate against the DigitalOcean API. + Cannot be set at the same time as `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -11241,7 +11441,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -11250,12 +11450,12 @@ spec: type: object basicAuth: description: |- - Optional HTTP basic authentication information. + basicAuth defines information to use on every scrape request. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -11281,7 +11481,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -11307,21 +11507,21 @@ spec: x-kubernetes-map-type: atomic type: object enableHTTP2: - description: Configure whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether the HTTP requests should follow + description: followRedirects defines whether HTTP requests follow HTTP 3xx redirects. type: boolean includeParameters: description: |- - Whether to include the parameters as meta labels. + includeParameters defines whether to include the parameters as meta labels. Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure that you don't have secrets exposed as parameters if you enable this. type: boolean noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11329,17 +11529,17 @@ spec: type: string oauth2: description: |- - Optional OAuth2.0 configuration. - Cannot be set at the same time as `basicAuth`, or `authorization`. + oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint. + Cannot be set at the same time as `authorization`, or `basicAuth`. properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11362,7 +11562,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11388,7 +11589,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -11416,12 +11617,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -11455,7 +11656,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11463,33 +11664,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11512,8 +11712,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -11538,12 +11738,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11566,8 +11766,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -11592,11 +11792,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11621,7 +11822,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11632,7 +11833,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11642,12 +11843,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -11656,7 +11858,8 @@ spec: - tokenUrl type: object port: - description: Port to scrape the metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 @@ -11689,7 +11892,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -11697,34 +11900,37 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string query: description: |- - Puppet Query Language (PQL) query. Only resources are supported. + query defines the Puppet Query Language (PQL) query. Only resources are supported. https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html minLength: 1 type: string refreshInterval: - description: Refresh interval to re-read the list of resources. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string tlsConfig: - description: TLS configuration to connect to the Puppet DB. + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11747,7 +11953,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11772,11 +11979,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -11799,7 +12007,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -11824,11 +12033,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -11853,7 +12063,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -11864,7 +12074,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -11874,11 +12084,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the PuppetDB root query endpoint. + description: url defines the URL of the PuppetDB root query + endpoint. minLength: 1 pattern: ^http(s)?://.+$ type: string @@ -11889,7 +12101,7 @@ spec: type: array relabelings: description: |- - RelabelConfigs defines how to rewrite the target's labels before scraping. + relabelings defines how to rewrite the target's labels before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config @@ -11903,7 +12115,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -11935,40 +12147,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against which + the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated SourceLabels. + description: separator defines the string between concatenated + SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -11979,12 +12192,12 @@ spec: minItems: 1 type: array sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped + description: sampleLimit defines per-scrape limit on number of scraped samples that will be accepted. format: int64 type: integer scalewaySDConfigs: - description: ScalewaySDConfigs defines a list of Scaleway instances + description: scalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations. items: description: |- @@ -11992,41 +12205,43 @@ spec: See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scaleway_sd_config properties: accessKey: - description: Access key to use. https://console.scaleway.com/project/credentials + description: accessKey defines the access key to use. https://console.scaleway.com/project/credentials minLength: 1 type: string apiURL: - description: API URL to use when doing the server listing requests. + description: apiURL defines the API URL to use when doing the + server listing requests. pattern: ^http(s)?://.+$ type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: - description: Configure whether HTTP requests follow HTTP 3xx - redirects. + description: followRedirects defines whether HTTP requests follow + HTTP 3xx redirects. type: boolean nameFilter: - description: NameFilter specify a name filter (works as a LIKE) + description: nameFilter defines a name filter (works as a LIKE) to apply on the server listing request. minLength: 1 type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: string port: - description: The port to scrape metrics from. + description: port defines the port to scrape metrics from. If + using the public IP address, this must format: int32 maximum: 65535 minimum: 0 type: integer projectID: - description: Project ID of the targets. + description: projectID defines the Project ID of the targets. minLength: 1 type: string proxyConnectHeader: @@ -12057,7 +12272,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -12065,27 +12280,30 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string refreshInterval: - description: Refresh interval to re-read the list of instances. + description: |- + refreshInterval defines the time after which the provided names are refreshed. + If not set, Prometheus uses its default value. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string role: - description: Service of the targets to retrieve. Must be `Instance` - or `Baremetal`. + description: role defines the service of the targets to retrieve. + Must be `Instance` or `Baremetal`. enum: - Instance - Baremetal type: string secretKey: - description: Secret key to use when listing targets. + description: secretKey defines the secret key to use when listing + targets. properties: key: description: The key of the secret to select from. Must @@ -12109,7 +12327,7 @@ spec: type: object x-kubernetes-map-type: atomic tagsFilter: - description: TagsFilter specify a tag filter (a server needs + description: tagsFilter defines a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request. items: @@ -12119,15 +12337,16 @@ spec: type: array x-kubernetes-list-type: set tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to connect + to the Consul API. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12150,7 +12369,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12175,11 +12395,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -12202,7 +12423,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12227,11 +12449,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -12256,7 +12479,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -12267,7 +12490,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -12277,12 +12500,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object zone: - description: Zone is the availability zone of your targets (e.g. - fr-par-1). + description: zone defines the availability zone of your targets + (e.g. fr-par-1). minLength: 1 type: string required: @@ -12294,30 +12518,31 @@ spec: type: array scheme: description: |- - Configures the protocol scheme used for requests. + scheme defines the protocol scheme used for requests. If empty, Prometheus uses HTTP by default. enum: - HTTP - HTTPS type: string scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeInterval: - description: ScrapeInterval is the interval between consecutive scrapes. + description: scrapeInterval defines the interval between consecutive + scrapes. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string scrapeProtocols: description: |- - The protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -12344,12 +12569,12 @@ spec: x-kubernetes-list-type: set scrapeTimeout: description: |- - ScrapeTimeout is the number of seconds to wait until a scrape request times out. + scrapeTimeout defines the number of seconds to wait until a scrape request times out. The value cannot be greater than the scrape interval otherwise the operator will reject the resource. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string staticConfigs: - description: StaticConfigs defines a list of static targets with a + description: staticConfigs defines a list of static targets with a common label set. items: description: |- @@ -12359,12 +12584,13 @@ spec: labels: additionalProperties: type: string - description: Labels assigned to all metrics scraped from the - targets. + description: labels defines labels assigned to all metrics scraped + from the targets. type: object x-kubernetes-map-type: atomic targets: - description: List of targets for this static configuration. + description: targets defines the list of targets for this static + configuration. items: description: |- Target represents a target for Prometheus to scrape @@ -12378,19 +12604,21 @@ spec: type: object type: array targetLimit: - description: TargetLimit defines a limit on the number of scraped + description: targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer tlsConfig: - description: TLS configuration to use on every scrape request + description: tlsConfig defines the TLS configuration to use on every + scrape request properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -12413,7 +12641,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12438,10 +12667,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -12464,7 +12695,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -12489,10 +12721,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -12517,7 +12751,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -12528,7 +12762,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -12538,20 +12772,126 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object trackTimestampsStaleness: description: |- - TrackTimestampsStaleness whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. It requires Prometheus >= v2.48.0. type: boolean type: object + status: + description: |- + status defines the status subresource. It is under active development and is updated only when the + "StatusForConfigurationResources" feature gate is enabled. + + Most recent observed status of the ScrapeConfig. Read-only. + More info: + https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + bindings: + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. + items: + description: WorkloadBinding is a link between a configuration resource + and a workload resource. + properties: + conditions: + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. + items: + description: ConfigResourceCondition describes the status + of configuration resources linked to Prometheus, PrometheusAgent, + Alertmanager or ThanosRuler. + properties: + lastTransitionTime: + description: lastTransitionTime defines the time of the + last update to the current status property. + format: date-time + type: string + message: + description: message defines the human-readable message + indicating details for the condition's last transition. + type: string + observedGeneration: + description: |- + observedGeneration defines the .metadata.generation that the + condition was set based upon. For instance, if `.metadata.generation` is + currently 12, but the `.status.conditions[].observedGeneration` is 9, the + condition is out of date with respect to the current state of the object. + format: int64 + type: integer + reason: + description: reason for the condition's last transition. + type: string + status: + description: status of the condition. + minLength: 1 + type: string + type: + description: |- + type of the condition being reported. + Currently, only "Accepted" is supported. + enum: + - Accepted + minLength: 1 + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + group: + description: group defines the group of the referenced resource. + enum: + - monitoring.coreos.com + type: string + name: + description: name defines the name of the referenced object. + minLength: 1 + type: string + namespace: + description: namespace defines the namespace of the referenced + object. + minLength: 1 + type: string + resource: + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). + enum: + - prometheuses + - prometheusagents + - thanosrulers + - alertmanagers + type: string + required: + - group + - name + - namespace + - resource + type: object + type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map + type: object required: - spec type: object served: true storage: true + subresources: + status: {} {{- end -}} diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml index 6105a2314cba..50771881b338 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-servicemonitors.yaml @@ -1,5 +1,5 @@ {{- if .Values.servicemonitors.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: servicemonitors.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -56,19 +56,19 @@ spec: type: object spec: description: |- - Specification of desired Service selection for target discovery by + spec defines the specification of desired Service selection for target discovery by Prometheus. properties: attachMetadata: description: |- - `attachMetadata` defines additional metadata which is added to the + attachMetadata defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.37.0. properties: node: description: |- - When set to true, Prometheus attaches node metadata to the discovered + node when set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the `list` and `watch` @@ -77,7 +77,7 @@ spec: type: object bodySizeLimit: description: |- - When defined, bodySizeLimit specifies a job level limit on the size + bodySizeLimit when defined, bodySizeLimit specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0. @@ -85,12 +85,12 @@ spec: type: string convertClassicHistogramsToNHCB: description: |- - Whether to convert all scraped classic histograms into a native histogram with custom buckets. + convertClassicHistogramsToNHCB defines whether to convert all scraped classic histograms into a native histogram with custom buckets. It requires Prometheus >= v3.0.0. type: boolean endpoints: description: |- - List of endpoints part of this ServiceMonitor. + endpoints defines the list of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. items: @@ -100,14 +100,14 @@ spec: properties: authorization: description: |- - `authorization` configures the Authorization header credentials to use when + authorization configures the Authorization header credentials to use when scraping the target. Cannot be set at the same time as `basicAuth`, or `oauth2`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -132,7 +132,7 @@ spec: x-kubernetes-map-type: atomic type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -141,14 +141,14 @@ spec: type: object basicAuth: description: |- - `basicAuth` configures the Basic Authentication credentials to use when + basicAuth defines the Basic Authentication credentials to use when scraping the target. Cannot be set at the same time as `authorization`, or `oauth2`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -174,7 +174,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -201,13 +201,13 @@ spec: type: object bearerTokenFile: description: |- - File to read bearer token for scraping the target. + bearerTokenFile defines the file to read bearer token for scraping the target. Deprecated: use `authorization` instead. type: string bearerTokenSecret: description: |- - `bearerTokenSecret` specifies a key of a Secret containing the bearer + bearerTokenSecret defines a key of a Secret containing the bearer token for scraping targets. The secret needs to be in the same namespace as the ServiceMonitor object and readable by the Prometheus Operator. @@ -235,12 +235,12 @@ spec: type: object x-kubernetes-map-type: atomic enableHttp2: - description: '`enableHttp2` can be used to disable HTTP2 when - scraping the target.' + description: enableHttp2 can be used to disable HTTP2 when scraping + the target. type: boolean filterRunning: description: |- - When true, the pods which are not running (e.g. either in Failed or + filterRunning when true, the pods which are not running (e.g. either in Failed or Succeeded state) are dropped during the target discovery. If unset, the filtering is enabled. @@ -249,29 +249,29 @@ spec: type: boolean followRedirects: description: |- - `followRedirects` defines whether the scrape requests should follow HTTP + followRedirects defines whether the scrape requests should follow HTTP 3xx redirects. type: boolean honorLabels: description: |- - When true, `honorLabels` preserves the metric's labels when they collide + honorLabels defines when true the metric's labels when they collide with the target's labels. type: boolean honorTimestamps: description: |- - `honorTimestamps` controls whether Prometheus preserves the timestamps + honorTimestamps defines whether Prometheus preserves the timestamps when exposed by the target. type: boolean interval: description: |- - Interval at which Prometheus scrapes the metrics from the target. + interval at which Prometheus scrapes the metrics from the target. If empty, Prometheus uses the global scrape interval. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string metricRelabelings: description: |- - `metricRelabelings` configures the relabeling rules to apply to the + metricRelabelings defines the relabeling rules to apply to the samples before ingestion. items: description: |- @@ -283,7 +283,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -315,41 +315,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -360,7 +360,7 @@ spec: type: array noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -368,7 +368,7 @@ spec: type: string oauth2: description: |- - `oauth2` configures the OAuth2 settings to use when scraping the target. + oauth2 defines the OAuth2 settings to use when scraping the target. It requires Prometheus >= 2.27.0. @@ -376,12 +376,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -404,7 +404,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -430,7 +431,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -458,12 +459,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -497,7 +498,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -505,33 +506,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -554,8 +554,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -580,12 +580,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -608,8 +608,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -634,11 +634,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -663,7 +664,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -674,7 +675,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -684,12 +685,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -706,13 +708,13 @@ spec: type: object path: description: |- - HTTP path from which to scrape for metrics. + path defines the HTTP path from which to scrape for metrics. If empty, Prometheus uses the default value (e.g. `/metrics`). type: string port: description: |- - Name of the Service port which this endpoint refers to. + port defines the name of the Service port which this endpoint refers to. It takes precedence over `targetPort`. type: string @@ -744,7 +746,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -752,17 +754,17 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string relabelings: description: |- - `relabelings` configures the relabeling rules to apply the target's + relabelings defines the relabeling rules to apply the target's metadata labels. The Operator automatically adds relabelings for a few standard Kubernetes fields. @@ -780,7 +782,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -812,41 +814,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -857,7 +859,7 @@ spec: type: array scheme: description: |- - HTTP scheme to use for scraping. + scheme defines the HTTP scheme to use for scraping. `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. @@ -869,7 +871,7 @@ spec: type: string scrapeTimeout: description: |- - Timeout after which Prometheus considers the scrape to be failed. + scrapeTimeout defines the timeout after which Prometheus considers the scrape to be failed. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. @@ -881,19 +883,20 @@ spec: - type: integer - type: string description: |- - Name or number of the target port of the `Pod` object behind the + targetPort defines the name or number of the target port of the `Pod` object behind the Service. The port must be specified with the container's port property. x-kubernetes-int-or-string: true tlsConfig: - description: TLS configuration to use when scraping the target. + description: tlsConfig defines the TLS configuration to use + when scraping the target. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -916,7 +919,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -941,15 +945,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -972,7 +977,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -997,19 +1003,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -1034,7 +1041,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -1045,7 +1052,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -1055,12 +1062,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object trackTimestampsStaleness: description: |- - `trackTimestampsStaleness` defines whether Prometheus tracks staleness of + trackTimestampsStaleness defines whether Prometheus tracks staleness of the metrics that have an explicit timestamp present in scraped data. Has no effect if `honorTimestamps` is false. @@ -1070,7 +1078,7 @@ spec: type: array fallbackScrapeProtocol: description: |- - The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. It requires Prometheus >= v3.0.0. enum: @@ -1082,7 +1090,7 @@ spec: type: string jobLabel: description: |- - `jobLabel` selects the label from the associated Kubernetes `Service` + jobLabel selects the label from the associated Kubernetes `Service` object which will be used as the `job` label for all metrics. For example if `jobLabel` is set to `foo` and the Kubernetes `Service` @@ -1095,7 +1103,7 @@ spec: type: string keepDroppedTargets: description: |- - Per-scrape limit on the number of targets dropped by relabeling + keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0. @@ -1103,44 +1111,45 @@ spec: type: integer labelLimit: description: |- - Per-scrape limit on number of labels that will be accepted for a sample. + labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelNameLengthLimit: description: |- - Per-scrape limit on length of labels name that will be accepted for a sample. + labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer labelValueLengthLimit: description: |- - Per-scrape limit on length of labels value that will be accepted for a sample. + labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0. format: int64 type: integer namespaceSelector: description: |- - `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. + namespaceSelector defines in which namespace(s) Prometheus should discover the services. By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. properties: any: description: |- - Boolean describing whether all namespaces are selected in contrast to a + any defines the boolean describing whether all namespaces are selected in contrast to a list restricting them. type: boolean matchNames: - description: List of namespace names to select from. + description: matchNames defines the list of namespace names to + select from. items: type: string type: array type: object nativeHistogramBucketLimit: description: |- - If there are more than this many buckets in a native histogram, + nativeHistogramBucketLimit defines ff there are more than this many buckets in a native histogram, buckets will be merged to stay within the limit. It requires Prometheus >= v2.45.0. format: int64 @@ -1150,38 +1159,38 @@ spec: - type: integer - type: string description: |- - If the growth factor of one bucket to the next is smaller than this, + nativeHistogramMinBucketFactor defines if the growth factor of one bucket to the next is smaller than this, buckets will be merged to increase the factor sufficiently. It requires Prometheus >= v2.50.0. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true podTargetLabels: description: |- - `podTargetLabels` defines the labels which are transferred from the + podTargetLabels defines the labels which are transferred from the associated Kubernetes `Pod` object onto the ingested metrics. items: type: string type: array sampleLimit: description: |- - `sampleLimit` defines a per-scrape limit on the number of scraped samples + sampleLimit defines a per-scrape limit on the number of scraped samples that will be accepted. format: int64 type: integer scrapeClass: - description: The scrape class to apply. + description: scrapeClass defines the scrape class to apply. minLength: 1 type: string scrapeClassicHistograms: description: |- - Whether to scrape a classic histogram that is also exposed as a native histogram. + scrapeClassicHistograms defines whether to scrape a classic histogram that is also exposed as a native histogram. It requires Prometheus >= v2.45.0. Notice: `scrapeClassicHistograms` corresponds to the `always_scrape_classic_histograms` field in the Prometheus configuration. type: boolean scrapeProtocols: description: |- - `scrapeProtocols` defines the protocols to negotiate during a scrape. It tells clients the + scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the protocols supported by Prometheus in order of preference (from most to least preferred). If unset, Prometheus uses its default value. @@ -1206,8 +1215,8 @@ spec: type: array x-kubernetes-list-type: set selector: - description: Label selector to select the Kubernetes `Endpoints` objects - to scrape metrics from. + description: selector defines the label selector to select the Kubernetes + `Endpoints` objects to scrape metrics from. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. @@ -1254,7 +1263,7 @@ spec: x-kubernetes-map-type: atomic selectorMechanism: description: |- - Mechanism used to select the endpoints to scrape. + selectorMechanism defines the mechanism used to select the endpoints to scrape. By default, the selection process relies on relabel configurations to filter the discovered targets. Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. Which strategy is best for your use case needs to be carefully evaluated. @@ -1264,16 +1273,27 @@ spec: - RelabelConfig - RoleSelector type: string + serviceDiscoveryRole: + description: |- + serviceDiscoveryRole defines the service discovery role used to discover targets. + + If set, the value should be either "Endpoints" or "EndpointSlice". + Otherwise it defaults to the value defined in the + Prometheus/PrometheusAgent resource. + enum: + - Endpoints + - EndpointSlice + type: string targetLabels: description: |- - `targetLabels` defines the labels which are transferred from the + targetLabels defines the labels which are transferred from the associated Kubernetes `Service` object onto the ingested metrics. items: type: string type: array targetLimit: description: |- - `targetLimit` defines a limit on the number of scraped targets that will + targetLimit defines a limit on the number of scraped targets that will be accepted. format: int64 type: integer @@ -1283,7 +1303,7 @@ spec: type: object status: description: |- - This Status subresource is under active development and is updated only when the + status defines the status subresource. It is under active development and is updated only when the "StatusForConfigurationResources" feature gate is enabled. Most recent observed status of the ServiceMonitor. Read-only. @@ -1291,47 +1311,48 @@ spec: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: bindings: - description: The list of workload resources (Prometheus or PrometheusAgent) - which select the configuration resource. + description: bindings defines the list of workload resources (Prometheus, + PrometheusAgent, ThanosRuler or Alertmanager) which select the configuration + resource. items: description: WorkloadBinding is a link between a configuration resource and a workload resource. properties: conditions: - description: The current state of the configuration resource - when bound to the referenced Prometheus object. + description: conditions defines the current state of the configuration + resource when bound to the referenced Workload object. items: description: ConfigResourceCondition describes the status of configuration resources linked to Prometheus, PrometheusAgent, - Alertmanager, or ThanosRuler. + Alertmanager or ThanosRuler. properties: lastTransitionTime: - description: LastTransitionTime is the time of the last - update to the current status property. + description: lastTransitionTime defines the time of the + last update to the current status property. format: date-time type: string message: - description: Human-readable message indicating details - for the condition's last transition. + description: message defines the human-readable message + indicating details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the object. format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: description: |- - Type of the condition being reported. + type of the condition being reported. Currently, only "Accepted" is supported. enum: - Accepted @@ -1347,24 +1368,27 @@ spec: - type x-kubernetes-list-type: map group: - description: The group of the referenced resource. + description: group defines the group of the referenced resource. enum: - monitoring.coreos.com type: string name: - description: The name of the referenced object. + description: name defines the name of the referenced object. minLength: 1 type: string namespace: - description: The namespace of the referenced object. + description: namespace defines the namespace of the referenced + object. minLength: 1 type: string resource: - description: The type of resource being referenced (e.g. Prometheus - or PrometheusAgent). + description: resource defines the type of resource being referenced + (e.g. Prometheus, PrometheusAgent, ThanosRuler or Alertmanager). enum: - prometheuses - prometheusagents + - thanosrulers + - alertmanagers type: string required: - group @@ -1373,6 +1397,12 @@ spec: - resource type: object type: array + x-kubernetes-list-map-keys: + - group + - resource + - name + - namespace + x-kubernetes-list-type: map type: object required: - spec diff --git a/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml b/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml index 978fc03556ca..20e045633724 100644 --- a/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml +++ b/charts/prometheus-operator-crds/charts/crds/templates/crd-thanosrulers.yaml @@ -1,5 +1,5 @@ {{- if .Values.thanosrulers.enabled -}} -# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.85.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.86.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -8,8 +8,8 @@ metadata: {{- with .Values.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.18.0 - operator.prometheus.io/version: 0.85.0 + controller-gen.kubebuilder.io/version: v0.19.0 + operator.prometheus.io/version: 0.86.0 name: thanosrulers.monitoring.coreos.com spec: group: monitoring.coreos.com @@ -80,12 +80,12 @@ spec: type: object spec: description: |- - Specification of the desired behavior of the ThanosRuler cluster. More info: + spec defines the specification of the desired behavior of the ThanosRuler cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: additionalArgs: description: |- - AdditionalArgs allows setting additional arguments for the ThanosRuler container. + additionalArgs defines how to add additional arguments for the ThanosRuler container. It is intended for e.g. activating hidden flags which are not supported by the dedicated configuration options yet. The arguments are passed as-is to the ThanosRuler container which may cause issues if they are invalid or not supported @@ -97,19 +97,20 @@ spec: description: Argument as part of the AdditionalArgs list. properties: name: - description: Name of the argument, e.g. "scrape.discovery-reload-interval". + description: name of the argument, e.g. "scrape.discovery-reload-interval". minLength: 1 type: string value: - description: Argument value, e.g. 30s. Can be empty for name-only - arguments (e.g. --storage.tsdb.no-lockfile) + description: value defines the argument value, e.g. 30s. Can + be empty for name-only arguments (e.g. --storage.tsdb.no-lockfile) type: string required: - name type: object type: array affinity: - description: If specified, the pod's scheduling constraints. + description: affinity defines when specified, the pod's scheduling + constraints. properties: nodeAffinity: description: Describes node affinity scheduling rules for the @@ -677,8 +678,8 @@ spec: most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + compute a sum by iterating through the elements of this field and subtracting + "weight" from the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm @@ -1022,7 +1023,7 @@ spec: type: object alertDropLabels: description: |- - Configures the label names which should be dropped in Thanos Ruler + alertDropLabels defines the label names which should be dropped in Thanos Ruler alerts. The replica label `thanos_ruler_replica` will always be dropped from the alerts. @@ -1031,13 +1032,13 @@ spec: type: array alertQueryUrl: description: |- - The external Query URL the Thanos Ruler will set in the 'Source' field + alertQueryUrl defines how Thanos Ruler will set in the 'Source' field of all alerts. Maps to the '--alert.query-url' CLI arg. type: string alertRelabelConfigFile: description: |- - Configures the path to the alert relabeling configuration file. + alertRelabelConfigFile defines the path to the alert relabeling configuration file. Alert relabel configuration must have the form as specified in the official Prometheus documentation: @@ -1049,7 +1050,7 @@ spec: type: string alertRelabelConfigs: description: |- - Configures alert relabeling in Thanos Ruler. + alertRelabelConfigs defines the alert relabeling in Thanos Ruler. Alert relabel configuration must have the form as specified in the official Prometheus documentation: @@ -1081,7 +1082,7 @@ spec: x-kubernetes-map-type: atomic alertmanagersConfig: description: |- - Configures the list of Alertmanager endpoints to send alerts to. + alertmanagersConfig defines the list of Alertmanager endpoints to send alerts to. The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. @@ -1113,7 +1114,7 @@ spec: x-kubernetes-map-type: atomic alertmanagersUrl: description: |- - Configures the list of Alertmanager endpoints to send alerts to. + alertmanagersUrl defines the list of Alertmanager endpoints to send alerts to. For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. @@ -1123,7 +1124,7 @@ spec: type: array containers: description: |- - Containers allows injecting additional containers or modifying operator generated + containers allows injecting additional containers or modifying operator generated containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or to change the behavior of an operator generated container. Containers described here modify an operator generated container if they share the same name and modifications are done via a @@ -1171,8 +1172,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -1230,6 +1232,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -1290,8 +1329,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -1318,8 +1357,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -1990,7 +2030,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -2044,10 +2084,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -2059,6 +2099,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -2558,11 +2651,12 @@ spec: type: object type: array dnsConfig: - description: Defines the DNS configuration for the pods. + description: dnsConfig defines Defines the DNS configuration for the + pods. properties: nameservers: description: |- - A list of DNS name server IP addresses. + nameservers defines the list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. items: minLength: 1 @@ -2571,7 +2665,7 @@ spec: x-kubernetes-list-type: set options: description: |- - A list of DNS resolver options. + options defines the list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Resolution options given in Options will override those that appear in the base DNSPolicy. @@ -2580,11 +2674,11 @@ spec: of a pod. properties: name: - description: Name is required and must be unique. + description: name is required and must be unique. minLength: 1 type: string value: - description: Value is optional. + description: value is optional. type: string required: - name @@ -2595,7 +2689,7 @@ spec: x-kubernetes-list-type: map searches: description: |- - A list of DNS search domains for host-name lookup. + searches defines the list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. items: minLength: 1 @@ -2604,7 +2698,7 @@ spec: x-kubernetes-list-type: set type: object dnsPolicy: - description: Defines the DNS policy for the pods. + description: dnsPolicy defines the DNS policy for the pods. enum: - ClusterFirstWithHostNet - ClusterFirst @@ -2613,7 +2707,7 @@ spec: type: string enableFeatures: description: |- - Enable access to Thanos Ruler feature flags. By default, no features are enabled. + enableFeatures defines how to setup Thanos Ruler feature flags. By default, no features are enabled. Enabling features which are disabled by default is entirely outside the scope of what the maintainers will support and by doing so, you accept @@ -2628,23 +2722,24 @@ spec: type: array x-kubernetes-list-type: set enableServiceLinks: - description: Indicates whether information about services should be - injected into pod's environment variables + description: enableServiceLinks defines whether information about + services should be injected into pod's environment variables type: boolean enforcedNamespaceLabel: description: |- - EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert + enforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. The label value will always be the namespace of the object that is being created. type: string evaluationInterval: default: 15s - description: Interval between consecutive evaluations. + description: evaluationInterval defines the interval between consecutive + evaluations. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string excludedFromEnforcement: description: |- - List of references to PrometheusRule objects + excludedFromEnforcement defines the list of references to PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true. items: @@ -2653,23 +2748,23 @@ spec: properties: group: default: monitoring.coreos.com - description: Group of the referent. When not specified, it defaults + description: group of the referent. When not specified, it defaults to `monitoring.coreos.com` enum: - monitoring.coreos.com type: string name: - description: Name of the referent. When not set, all resources + description: name of the referent. When not set, all resources in the namespace are matched. type: string namespace: description: |- - Namespace of the referent. + namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ minLength: 1 type: string resource: - description: Resource of the referent. + description: resource of the referent. enum: - prometheusrules - servicemonitors @@ -2684,23 +2779,24 @@ spec: type: array externalPrefix: description: |- - The external URL the Thanos Ruler instances will be available under. This is + externalPrefix defines the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. type: string grpcServerTlsConfig: description: |- - GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads + grpcServerTlsConfig defines the gRPC server from which Thanos Querier reads recorded rule data. Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. Maps to the '--grpc-server-tls-*' CLI args. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when verifying + server certificates. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -2723,7 +2819,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2748,14 +2845,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container to - use for the targets. + description: caFile defines the path to the CA cert in the Prometheus + container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present when + doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the targets. + description: configMap defines the ConfigMap containing data + to use for the targets. properties: key: description: The key to select. @@ -2778,7 +2877,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data to + use for the targets. properties: key: description: The key of the secret to select from. Must @@ -2803,18 +2903,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus container - for the targets. + description: certFile defines the path to the client cert file + in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus container - for the targets. + description: keyFile defines the path to the client key file in + the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the targets. + description: keySecret defines the Secret containing the client + key file for the targets. properties: key: description: The key of the secret to select from. Must be @@ -2839,7 +2941,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -2850,7 +2952,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -2860,23 +2962,24 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for the + targets. type: string type: object hostAliases: - description: Pods' hostAliases configuration + description: hostAliases defines pods' hostAliases configuration items: description: |- HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. properties: hostnames: - description: Hostnames for the above IP address. + description: hostnames defines hostnames for the above IP address. items: type: string type: array ip: - description: IP address of the host file entry. + description: ip defines the IP address of the host file entry. type: string required: - hostnames @@ -2888,7 +2991,7 @@ spec: x-kubernetes-list-type: map hostUsers: description: |- - HostUsers supports the user space in Kubernetes. + hostUsers supports the user space in Kubernetes. More info: https://kubernetes.io/docs/tasks/configure-pod-container/user-namespaces/ @@ -2896,11 +2999,11 @@ spec: Starting Kubernetes 1.33, the feature is enabled by default. type: boolean image: - description: Thanos container image URL. + description: image defines Thanos container image URL. type: string imagePullPolicy: description: |- - Image pull policy for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. + imagePullPolicy defines for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy for more details. enum: - "" @@ -2910,7 +3013,7 @@ spec: type: string imagePullSecrets: description: |- - An optional list of references to secrets in the same namespace + imagePullSecrets defines an optional list of references to secrets in the same namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod items: @@ -2932,7 +3035,7 @@ spec: type: array initContainers: description: |- - InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. + initContainers allows adding initContainers to the pod definition. Those can be used to e.g. fetch secrets for injection into the ThanosRuler configuration from external sources. Any errors during the execution of an initContainer will lead to a restart of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ @@ -2980,8 +3083,9 @@ spec: in a Container. properties: name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. + description: |- + Name of the environment variable. + May consist of any printable ASCII characters except '='. type: string value: description: |- @@ -3039,6 +3143,43 @@ spec: - fieldPath type: object x-kubernetes-map-type: atomic + fileKeyRef: + description: |- + FileKeyRef selects a key of the env file. + Requires the EnvFiles feature gate to be enabled. + properties: + key: + description: |- + The key within the env file. An invalid key will prevent the pod from starting. + The keys defined within a source may consist of any printable ASCII characters except '='. + During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters. + type: string + optional: + default: false + description: |- + Specify whether the file or its key must be defined. If the file or key + does not exist, then the env var is not published. + If optional is set to true and the specified key does not exist, + the environment variable will not be set in the Pod's containers. + + If optional is set to false and the specified key does not exist, + an error will be returned during Pod creation. + type: boolean + path: + description: |- + The path within the volume from which to select the file. + Must be relative and may not contain the '..' path or start with '..'. + type: string + volumeName: + description: The name of the volume mount containing + the env file. + type: string + required: + - key + - path + - volumeName + type: object + x-kubernetes-map-type: atomic resourceFieldRef: description: |- Selects a resource of the container: only resources limits and requests @@ -3099,8 +3240,8 @@ spec: envFrom: description: |- List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + The keys defined within a source may consist of any printable ASCII characters except '='. + When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. @@ -3127,8 +3268,9 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: Optional text to prepend to the name of each - environment variable. Must be a C_IDENTIFIER. + description: |- + Optional text to prepend to the name of each environment variable. + May consist of any printable ASCII characters except '='. type: string secretRef: description: The Secret to select from @@ -3799,7 +3941,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -3853,10 +3995,10 @@ spec: restartPolicy: description: |- RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, + This overrides the pod-level restart policy. When this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: + Additionally, setting the RestartPolicy as "Always" for the init container will + have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy "Always" @@ -3868,6 +4010,59 @@ spec: init container is started, or after any startupProbe has successfully completed. type: string + restartPolicyRules: + description: |- + Represents a list of rules to be checked to determine if the + container should be restarted on exit. The rules are evaluated in + order. Once a rule matches a container exit condition, the remaining + rules are ignored. If no rule matches the container exit condition, + the Container-level restart policy determines the whether the container + is restarted or not. Constraints on the rules: + - At most 20 rules are allowed. + - Rules can have the same action. + - Identical rules are not forbidden in validations. + When rules are specified, container MUST set RestartPolicy explicitly + even it if matches the Pod's RestartPolicy. + items: + description: ContainerRestartRule describes how a container + exit is handled. + properties: + action: + description: |- + Specifies the action taken on a container exit if the requirements + are satisfied. The only possible value is "Restart" to restart the + container. + type: string + exitCodes: + description: Represents the exit codes to check on container + exits. + properties: + operator: + description: |- + Represents the relationship between the container exit code(s) and the + specified values. Possible values are: + - In: the requirement is satisfied if the container exit code is in the + set of specified values. + - NotIn: the requirement is satisfied if the container exit code is + not in the set of specified values. + type: string + values: + description: |- + Specifies the set of values to check for container exit codes. + At most 255 elements are allowed. + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + type: object + required: + - action + type: object + type: array + x-kubernetes-list-type: atomic securityContext: description: |- SecurityContext defines the security options the container should be run with. @@ -4370,25 +4565,25 @@ spec: additionalProperties: type: string description: |- - Configures the external label pairs of the ThanosRuler resource. + labels defines the external label pairs of the ThanosRuler resource. A default replica label `thanos_ruler_replica` will be always added as a label with the value of the pod's name. type: object listenLocal: description: |- - ListenLocal makes the Thanos ruler listen on loopback, so that it + listenLocal defines the Thanos ruler listen on loopback, so that it does not bind against the Pod IP. type: boolean logFormat: - description: Log format for ThanosRuler to be configured with. + description: logFormat for ThanosRuler to be configured with. enum: - "" - logfmt - json type: string logLevel: - description: Log level for ThanosRuler to be configured with. + description: logLevel for ThanosRuler to be configured with. enum: - "" - debug @@ -4398,7 +4593,7 @@ spec: type: string minReadySeconds: description: |- - Minimum number of seconds for which a newly created pod should be ready + minReadySeconds defines the minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to be considered available. If unset, pods will be considered available as soon as they are ready. @@ -4408,13 +4603,12 @@ spec: nodeSelector: additionalProperties: type: string - description: Define which Nodes the Pods are scheduled on. + description: nodeSelector defines which Nodes the Pods are scheduled + on. type: object objectStorageConfig: description: |- - Configures object storage. - - The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + objectStorageConfig defines the configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage The operator performs no validation of the configuration. @@ -4442,7 +4636,7 @@ spec: x-kubernetes-map-type: atomic objectStorageConfigFile: description: |- - Configures the path of the object storage configuration file. + objectStorageConfigFile defines the path of the object storage configuration file. The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage @@ -4452,12 +4646,12 @@ spec: type: string paused: description: |- - When a ThanosRuler deployment is paused, no actions except for deletion + paused defines when a ThanosRuler deployment is paused, no actions except for deletion will be performed on the underlying objects. type: boolean podMetadata: description: |- - PodMetadata configures labels and annotations which are propagated to the ThanosRuler pods. + podMetadata defines labels and annotations which are propagated to the ThanosRuler pods. The following items are reserved and cannot be overridden: * "app.kubernetes.io/name" label, set to "thanos-ruler". @@ -4470,7 +4664,7 @@ spec: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -4479,14 +4673,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -4497,15 +4691,16 @@ spec: portName: default: web description: |- - Port name used for the pods and governing service. + portName defines the port name used for the pods and governing service. Defaults to `web`. type: string priorityClassName: - description: Priority class assigned to the Pods + description: priorityClassName defines the priority class assigned + to the Pods type: string prometheusRulesExcludedFromEnforce: description: |- - PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing + prometheusRulesExcludedFromEnforce defines a list of Prometheus rules to be excluded from enforcing of adding namespace labels. Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair Deprecated: use excludedFromEnforcement instead. @@ -4516,10 +4711,12 @@ spec: namespace label for alerts and metrics. properties: ruleName: - description: Name of the excluded PrometheusRule object. + description: ruleName defines the name of the excluded PrometheusRule + object. type: string ruleNamespace: - description: Namespace of the excluded PrometheusRule object. + description: ruleNamespace defines the namespace of the excluded + PrometheusRule object. type: string required: - ruleName @@ -4528,7 +4725,7 @@ spec: type: array queryConfig: description: |- - Configures the list of Thanos Query endpoints from which to query metrics. + queryConfig defines the list of Thanos Query endpoints from which to query metrics. The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api @@ -4560,7 +4757,7 @@ spec: x-kubernetes-map-type: atomic queryEndpoints: description: |- - Configures the list of Thanos Query endpoints from which to query metrics. + queryEndpoints defines the list of Thanos Query endpoints from which to query metrics. For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. @@ -4570,7 +4767,7 @@ spec: type: array remoteWrite: description: |- - Defines the list of remote write configurations. + remoteWrite defines the list of remote write configurations. When the list isn't empty, the ruler is configured with stateless mode. @@ -4582,15 +4779,15 @@ spec: properties: authorization: description: |- - Authorization section for the URL. + authorization section for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. Cannot be set at the same time as `sigv4`, `basicAuth`, `oauth2`, or `azureAd`. properties: credentials: - description: Selects a key of a Secret in the namespace - that contains the credentials for authentication. + description: credentials defines a key of a Secret in the + namespace that contains the credentials for authentication. properties: key: description: The key of the secret to select from. Must @@ -4614,12 +4811,12 @@ spec: type: object x-kubernetes-map-type: atomic credentialsFile: - description: File to read a secret from, mutually exclusive - with `credentials`. + description: credentialsFile defines the file to read a + secret from, mutually exclusive with `credentials`. type: string type: description: |- - Defines the authentication type. The value is case-insensitive. + type defines the authentication type. The value is case-insensitive. "Basic" is not a supported value. @@ -4628,15 +4825,15 @@ spec: type: object azureAd: description: |- - AzureAD for the URL. + azureAd for the URL. It requires Prometheus >= v2.45.0 or Thanos >= v0.31.0. Cannot be set at the same time as `authorization`, `basicAuth`, `oauth2`, or `sigv4`. properties: cloud: - description: The Azure Cloud. Options are 'AzurePublic', - 'AzureChina', or 'AzureGovernment'. + description: cloud defines the Azure Cloud. Options are + 'AzurePublic', 'AzureChina', or 'AzureGovernment'. enum: - AzureChina - AzureGovernment @@ -4644,32 +4841,33 @@ spec: type: string managedIdentity: description: |- - ManagedIdentity defines the Azure User-assigned Managed identity. + managedIdentity defines the Azure User-assigned Managed identity. Cannot be set at the same time as `oauth` or `sdk`. properties: clientId: - description: The client id + description: clientId defines defines the Azure User-assigned + Managed identity. type: string required: - clientId type: object oauth: description: |- - OAuth defines the oauth config that is being used to authenticate. + oauth defines the oauth config that is being used to authenticate. Cannot be set at the same time as `managedIdentity` or `sdk`. It requires Prometheus >= v2.48.0 or Thanos >= v0.31.0. properties: clientId: - description: '`clientID` is the clientId of the Azure + description: clientId defines the clientId of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 type: string clientSecret: - description: '`clientSecret` specifies a key of a Secret + description: clientSecret specifies a key of a Secret containing the client secret of the Azure Active Directory - application that is being used to authenticate.' + application that is being used to authenticate. properties: key: description: The key of the secret to select from. Must @@ -4693,9 +4891,9 @@ spec: type: object x-kubernetes-map-type: atomic tenantId: - description: '`tenantId` is the tenant ID of the Azure + description: tenantId is the tenant ID of the Azure Active Directory application that is being used to - authenticate.' + authenticate. minLength: 1 pattern: ^[0-9a-zA-Z-.]+$ type: string @@ -4706,29 +4904,29 @@ spec: type: object sdk: description: |- - SDK defines the Azure SDK config that is being used to authenticate. + sdk defines the Azure SDK config that is being used to authenticate. See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication Cannot be set at the same time as `oauth` or `managedIdentity`. It requires Prometheus >= v2.52.0 or Thanos >= v0.36.0. properties: tenantId: - description: '`tenantId` is the tenant ID of the azure + description: tenantId defines the tenant ID of the azure active directory application that is being used to - authenticate.' + authenticate. pattern: ^[0-9a-zA-Z-.]+$ type: string type: object type: object basicAuth: description: |- - BasicAuth configuration for the URL. + basicAuth configuration for the URL. Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. properties: password: description: |- - `password` specifies a key of a Secret containing the password for + password defines a key of a Secret containing the password for authentication. properties: key: @@ -4754,7 +4952,7 @@ spec: x-kubernetes-map-type: atomic username: description: |- - `username` specifies a key of a Secret containing the username for + username defines a key of a Secret containing the username for authentication. properties: key: @@ -4781,23 +4979,22 @@ spec: type: object bearerToken: description: |- + bearerToken is deprecated: this will be removed in a future release. *Warning: this field shouldn't be used because the token value appears in clear-text. Prefer using `authorization`.* - - Deprecated: this will be removed in a future release. type: string bearerTokenFile: description: |- - File from which to read bearer token for the URL. + bearerTokenFile defines the file from which to read bearer token for the URL. Deprecated: this will be removed in a future release. Prefer using `authorization`. type: string enableHTTP2: - description: Whether to enable HTTP2. + description: enableHTTP2 defines whether to enable HTTP2. type: boolean followRedirects: description: |- - Configure whether HTTP requests follow HTTP 3xx redirects. + followRedirects defines whether HTTP requests follow HTTP 3xx redirects. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. type: boolean @@ -4805,14 +5002,14 @@ spec: additionalProperties: type: string description: |- - Custom HTTP headers to be sent along with each remote write request. + headers defines the custom HTTP headers to be sent along with each remote write request. Be aware that headers that are set by Prometheus itself can't be overwritten. It requires Prometheus >= v2.25.0 or Thanos >= v0.24.0. type: object messageVersion: description: |- - The Remote Write message's version to use when writing to the endpoint. + messageVersion defines the Remote Write message's version to use when writing to the endpoint. `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. @@ -4829,37 +5026,37 @@ spec: - V2.0 type: string metadataConfig: - description: MetadataConfig configures the sending of series - metadata to the remote storage. + description: metadataConfig defines how to send a series metadata + to the remote storage. properties: maxSamplesPerSend: description: |- - MaxSamplesPerSend is the maximum number of metadata samples per send. + maxSamplesPerSend defines the maximum number of metadata samples per send. It requires Prometheus >= v2.29.0. format: int32 minimum: -1 type: integer send: - description: Defines whether metric metadata is sent to - the remote storage or not. + description: send defines whether metric metadata is sent + to the remote storage or not. type: boolean sendInterval: - description: Defines how frequently metric metadata is sent - to the remote storage. + description: sendInterval defines how frequently metric + metadata is sent to the remote storage. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object name: description: |- - The name of the remote write queue, it must be unique if specified. The + name of the remote write queue, it must be unique if specified. The name is used in metrics and logging in order to differentiate queues. It requires Prometheus >= v2.15.0 or Thanos >= 0.24.0. type: string noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4867,7 +5064,7 @@ spec: type: string oauth2: description: |- - OAuth2 configuration for the URL. + oauth2 configuration for the URL. It requires Prometheus >= v2.27.0 or Thanos >= v0.24.0. @@ -4875,12 +5072,12 @@ spec: properties: clientId: description: |- - `clientId` specifies a key of a Secret or ConfigMap containing the + clientId defines a key of a Secret or ConfigMap containing the OAuth2 client's ID. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -4903,7 +5100,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -4929,7 +5127,7 @@ spec: type: object clientSecret: description: |- - `clientSecret` specifies a key of a Secret containing the OAuth2 + clientSecret defines a key of a Secret containing the OAuth2 client's secret. properties: key: @@ -4957,12 +5155,12 @@ spec: additionalProperties: type: string description: |- - `endpointParams` configures the HTTP parameters to append to the token + endpointParams configures the HTTP parameters to append to the token URL. type: object noProxy: description: |- - `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + noProxy defines a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. @@ -4996,7 +5194,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5004,33 +5202,32 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to - use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string scopes: - description: '`scopes` defines the OAuth2 scopes used for - the token request.' + description: scopes defines the OAuth2 scopes used for the + token request. items: type: string type: array tlsConfig: description: |- - TLS configuration to use when connecting to the OAuth2 server. + tlsConfig defines the TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. properties: ca: - description: Certificate authority used when verifying - server certificates. + description: ca defines the Certificate authority used + when verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5053,8 +5250,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5079,12 +5276,12 @@ spec: x-kubernetes-map-type: atomic type: object cert: - description: Client certificate to present when doing - client-authentication. + description: cert defines the Client certificate to + present when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for - the targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5107,8 +5304,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the - targets. + description: secret defines the Secret containing + data to use for the targets. properties: key: description: The key of the secret to select @@ -5133,11 +5330,12 @@ spec: x-kubernetes-map-type: atomic type: object insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable + target certificate validation. type: boolean keySecret: - description: Secret containing the client key file for - the targets. + description: keySecret defines the Secret containing + the client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5162,7 +5360,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5173,7 +5371,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5183,12 +5381,13 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname + for the targets. type: string type: object tokenUrl: - description: '`tokenURL` configures the URL to fetch the - token from.' + description: tokenUrl defines the URL to fetch the token + from. minLength: 1 type: string required: @@ -5224,7 +5423,7 @@ spec: x-kubernetes-map-type: atomic type: array description: |- - ProxyConnectHeader optionally specifies headers to send to + proxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. @@ -5232,89 +5431,88 @@ spec: x-kubernetes-map-type: atomic proxyFromEnvironment: description: |- - Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + proxyFromEnvironment defines whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0, Alertmanager >= v0.25.0 or Thanos >= v0.32.0. type: boolean proxyUrl: - description: '`proxyURL` defines the HTTP proxy server to use.' + description: proxyUrl defines the HTTP proxy server to use. pattern: ^(http|https|socks5)://.+$ type: string queueConfig: - description: QueueConfig allows tuning of the remote write queue + description: queueConfig allows tuning of the remote write queue parameters. properties: batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. + description: batchSendDeadline defines the maximum time + a sample will wait in buffer. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string capacity: description: |- - Capacity is the number of samples to buffer per shard before we start + capacity defines the number of samples to buffer per shard before we start dropping them. type: integer maxBackoff: - description: MaxBackoff is the maximum retry delay. + description: maxBackoff defines the maximum retry delay. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. + description: maxRetries defines the maximum number of times + to retry a batch on recoverable errors. type: integer maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of - samples per send. + description: maxSamplesPerSend defines the maximum number + of samples per send. type: integer maxShards: - description: MaxShards is the maximum number of shards, + description: maxShards defines the maximum number of shards, i.e. amount of concurrency. type: integer minBackoff: - description: MinBackoff is the initial retry delay. Gets - doubled for every retry. + description: minBackoff defines the initial retry delay. + Gets doubled for every retry. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string minShards: - description: MinShards is the minimum number of shards, + description: minShards defines the minimum number of shards, i.e. amount of concurrency. type: integer retryOnRateLimit: description: |- - Retry upon receiving a 429 status code from the remote-write storage. + retryOnRateLimit defines the retry upon receiving a 429 status code from the remote-write storage. This is an *experimental feature*, it may change in any upcoming release in a breaking way. type: boolean sampleAgeLimit: description: |- - SampleAgeLimit drops samples older than the limit. + sampleAgeLimit drops samples older than the limit. It requires Prometheus >= v2.50.0 or Thanos >= v0.32.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string type: object remoteTimeout: - description: Timeout for requests to the remote write endpoint. + description: remoteTimeout defines the timeout for requests + to the remote write endpoint. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string roundRobinDNS: - description: |- - When enabled: - - The remote-write mechanism will resolve the hostname via DNS. - - It will randomly select one of the resolved IP addresses and connect to it. - - When disabled (default behavior): - - The Go standard library will handle hostname resolution. - - It will attempt connections to each resolved IP address sequentially. - - Note: The connection timeout applies to the entire resolution and connection process. - If disabled, the timeout is distributed across all connection attempts. - - It requires Prometheus >= v3.1.0 or Thanos >= v0.38.0. + description: "roundRobinDNS controls the DNS resolution behavior + for remote-write connections.\nWhen enabled:\n - The remote-write + mechanism will resolve the hostname via DNS.\n - It will + randomly select one of the resolved IP addresses and connect + to it.\n\nWhen disabled (default behavior):\n - The Go standard + library will handle hostname resolution.\n - It will attempt + connections to each resolved IP address sequentially.\n\nNote: + The connection timeout applies to the entire resolution and + connection process.\n\n\tIf disabled, the timeout is distributed + across all connection attempts.\n\nIt requires Prometheus + >= v3.1.0 or Thanos >= v0.38.0." type: boolean sendExemplars: description: |- - Enables sending of exemplars over remote write. Note that + sendExemplars enables sending of exemplars over remote write. Note that exemplar-storage itself must be enabled using the `spec.enableFeatures` option for exemplars to be scraped in the first place. @@ -5322,14 +5520,14 @@ spec: type: boolean sendNativeHistograms: description: |- - Enables sending of native histograms, also known as sparse histograms + sendNativeHistograms enables sending of native histograms, also known as sparse histograms over remote write. It requires Prometheus >= v2.40.0 or Thanos >= v0.30.0. type: boolean sigv4: description: |- - Sigv4 allows to configures AWS's Signature Verification 4 for the URL. + sigv4 defines the AWS's Signature Verification 4 for the URL. It requires Prometheus >= v2.26.0 or Thanos >= v0.24.0. @@ -5337,7 +5535,7 @@ spec: properties: accessKey: description: |- - AccessKey is the AWS API key. If not specified, the environment variable + accessKey defines the AWS API key. If not specified, the environment variable `AWS_ACCESS_KEY_ID` is used. properties: key: @@ -5362,18 +5560,20 @@ spec: type: object x-kubernetes-map-type: atomic profile: - description: Profile is the named AWS profile used to authenticate. + description: profile defines the named AWS profile used + to authenticate. type: string region: - description: Region is the AWS region. If blank, the region - from the default credentials chain used. + description: region defines the AWS region. If blank, the + region from the default credentials chain used. type: string roleArn: - description: RoleArn is the named AWS profile used to authenticate. + description: roleArn defines the named AWS profile used + to authenticate. type: string secretKey: description: |- - SecretKey is the AWS API secret. If not specified, the environment + secretKey defines the AWS API secret. If not specified, the environment variable `AWS_SECRET_ACCESS_KEY` is used. properties: key: @@ -5397,17 +5597,22 @@ spec: - key type: object x-kubernetes-map-type: atomic + useFIPSSTSEndpoint: + description: |- + useFIPSSTSEndpoint defines FIPS mode for AWS STS endpoint. + It requires Prometheus >= v2.54.0. + type: boolean type: object tlsConfig: - description: TLS Config to use for the URL. + description: tlsConfig to use for the URL. properties: ca: - description: Certificate authority used when verifying server - certificates. + description: ca defines the Certificate authority used when + verifying server certificates. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5430,7 +5635,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5455,15 +5661,16 @@ spec: x-kubernetes-map-type: atomic type: object caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + description: caFile defines the path to the CA cert in the + Prometheus container to use for the targets. type: string cert: - description: Client certificate to present when doing client-authentication. + description: cert defines the Client certificate to present + when doing client-authentication. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -5486,7 +5693,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -5511,19 +5719,20 @@ spec: x-kubernetes-map-type: atomic type: object certFile: - description: Path to the client cert file in the Prometheus - container for the targets. + description: certFile defines the path to the client cert + file in the Prometheus container for the targets. type: string insecureSkipVerify: - description: Disable target certificate validation. + description: insecureSkipVerify defines how to disable target + certificate validation. type: boolean keyFile: - description: Path to the client key file in the Prometheus - container for the targets. + description: keyFile defines the path to the client key + file in the Prometheus container for the targets. type: string keySecret: - description: Secret containing the client key file for the - targets. + description: keySecret defines the Secret containing the + client key file for the targets. properties: key: description: The key of the secret to select from. Must @@ -5548,7 +5757,7 @@ spec: x-kubernetes-map-type: atomic maxVersion: description: |- - Maximum acceptable TLS version. + maxVersion defines the maximum acceptable TLS version. It requires Prometheus >= v2.41.0 or Thanos >= v0.31.0. enum: @@ -5559,7 +5768,7 @@ spec: type: string minVersion: description: |- - Minimum acceptable TLS version. + minVersion defines the minimum acceptable TLS version. It requires Prometheus >= v2.35.0 or Thanos >= v0.28.0. enum: @@ -5569,15 +5778,18 @@ spec: - TLS13 type: string serverName: - description: Used to verify the hostname for the targets. + description: serverName is used to verify the hostname for + the targets. type: string type: object url: - description: The URL of the endpoint to send samples to. + description: url defines the URL of the endpoint to send samples + to. minLength: 1 type: string writeRelabelConfigs: - description: The list of remote write relabel configurations. + description: writeRelabelConfigs defines the list of remote + write relabel configurations. items: description: |- RelabelConfig allows dynamic rewriting of the label set for targets, alerts, @@ -5588,7 +5800,7 @@ spec: action: default: replace description: |- - Action to perform based on the regex matching. + action to perform based on the regex matching. `Uppercase` and `Lowercase` actions require Prometheus >= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus >= v2.41.0. @@ -5620,41 +5832,41 @@ spec: type: string modulus: description: |- - Modulus to take of the hash of the source label values. + modulus to take of the hash of the source label values. Only applicable when the action is `HashMod`. format: int64 type: integer regex: - description: Regular expression against which the extracted - value is matched. + description: regex defines the regular expression against + which the extracted value is matched. type: string replacement: description: |- - Replacement value against which a Replace action is performed if the + replacement value against which a Replace action is performed if the regular expression matches. Regex capture groups are available. type: string separator: - description: Separator is the string between concatenated + description: separator defines the string between concatenated SourceLabels. type: string sourceLabels: description: |- - The source labels select values from existing labels. Their content is + sourceLabels defines the source labels select values from existing labels. Their content is concatenated using the configured Separator and matched against the configured regular expression. items: description: |- - LabelName is a valid Prometheus label name which may only contain ASCII - letters, numbers, as well as underscores. - pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + LabelName is a valid Prometheus label name. + For Prometheus 3.x, a label name is valid if it contains UTF-8 characters. + For Prometheus 2.x, a label name is only valid if it contains ASCII characters, letters, numbers, as well as underscores. type: string type: array targetLabel: description: |- - Label to which the resulting string is written in a replacement. + targetLabel defines the label to which the resulting string is written in a replacement. It is mandatory for `Replace`, `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions. @@ -5668,17 +5880,18 @@ spec: type: object type: array replicas: - description: Number of thanos ruler instances to deploy. + description: replicas defines the number of thanos ruler instances + to deploy. format: int32 type: integer resendDelay: - description: Minimum amount of time to wait before resending an alert - to Alertmanager. + description: resendDelay defines the minimum amount of time to wait + before resending an alert to Alertmanager. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string resources: description: |- - Resources defines the resource requirements for single Pods. + resources defines the resource requirements for single Pods. If not provided, no requests/limits will be set properties: claims: @@ -5686,7 +5899,7 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the + This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. @@ -5740,7 +5953,7 @@ spec: retention: default: 24h description: |- - Time duration ThanosRuler shall retain data for. Default is '24h', and + retention defines the time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years). @@ -5749,26 +5962,26 @@ spec: pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string routePrefix: - description: The route prefix ThanosRuler registers HTTP handlers - for. This allows thanos UI to be served on a sub-path. + description: routePrefix defines the route prefix ThanosRuler registers + HTTP handlers for. This allows thanos UI to be served on a sub-path. type: string ruleConcurrentEval: description: |- - How many rules can be evaluated concurrently. + ruleConcurrentEval defines how many rules can be evaluated concurrently. It requires Thanos >= v0.37.0. format: int32 minimum: 1 type: integer ruleGracePeriod: description: |- - Minimum duration between alert and restored "for" state. + ruleGracePeriod defines the minimum duration between alert and restored "for" state. This is maintained only for alerts with configured "for" time greater than grace period. It requires Thanos >= v0.30.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleNamespaceSelector: description: |- - Namespaces to be selected for Rules discovery. If unspecified, only + ruleNamespaceSelector defines the namespaces to be selected for Rules discovery. If unspecified, only the same namespace as the ThanosRuler object is in is used. properties: matchExpressions: @@ -5816,19 +6029,19 @@ spec: x-kubernetes-map-type: atomic ruleOutageTolerance: description: |- - Max time to tolerate prometheus outage for restoring "for" state of alert. + ruleOutageTolerance defines the max time to tolerate prometheus outage for restoring "for" state of alert. It requires Thanos >= v0.30.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleQueryOffset: description: |- - The default rule group's query offset duration to use. + ruleQueryOffset defines the default rule group's query offset duration to use. It requires Thanos >= v0.38.0. pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string ruleSelector: description: |- - PrometheusRule objects to be selected for rule evaluation. An empty + ruleSelector defines the PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. properties: @@ -5877,7 +6090,7 @@ spec: x-kubernetes-map-type: atomic securityContext: description: |- - SecurityContext holds pod-level security attributes and common container settings. + securityContext defines the pod-level security attributes and common container settings. This defaults to the default PodSecurityContext. properties: appArmorProfile: @@ -6111,12 +6324,12 @@ spec: type: object serviceAccountName: description: |- - ServiceAccountName is the name of the ServiceAccount to use to run the + serviceAccountName defines the name of the ServiceAccount to use to run the Thanos Ruler Pods. type: string serviceName: description: |- - The name of the service name used by the underlying StatefulSet(s) as the governing service. + serviceName defines the name of the service name used by the underlying StatefulSet(s) as the governing service. If defined, the Service must be created before the ThanosRuler resource in the same namespace and it must define a selector that matches the pod labels. If empty, the operator will create and manage a headless service named `thanos-ruler-operated` for ThanosRuler resources. When deploying multiple ThanosRuler resources in the same namespace, it is recommended to specify a different value for each. @@ -6124,15 +6337,16 @@ spec: minLength: 1 type: string storage: - description: Storage spec to specify how storage shall be used. + description: storage defines the specification of how storage shall + be used. properties: disableMountSubPath: - description: 'Deprecated: subPath usage will be removed in a future - release.' + description: 'disableMountSubPath deprecated: subPath usage will + be removed in a future release.' type: boolean emptyDir: description: |- - EmptyDirVolumeSource to be used by the StatefulSet. + emptyDir to be used by the StatefulSet. If specified, it takes precedence over `ephemeral` and `volumeClaimTemplate`. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir properties: @@ -6159,7 +6373,7 @@ spec: type: object ephemeral: description: |- - EphemeralVolumeSource to be used by the StatefulSet. + ephemeral to be used by the StatefulSet. This is a beta field in k8s 1.21 and GA in 1.15. For lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes @@ -6380,15 +6594,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6406,7 +6618,7 @@ spec: type: object volumeClaimTemplate: description: |- - Defines the PVC spec to be used by the Prometheus StatefulSets. + volumeClaimTemplate defines the PVC spec to be used by the Prometheus StatefulSets. The easiest way to use a volume that cannot be automatically provisioned is to use a label selector alongside manually created PersistentVolumes. properties: @@ -6426,14 +6638,14 @@ spec: More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: - description: EmbeddedMetadata contains metadata relevant to - an EmbeddedResource. + description: metadata defines EmbeddedMetadata contains metadata + relevant to an EmbeddedResource. properties: annotations: additionalProperties: type: string description: |- - Annotations is an unstructured key value map stored with a resource that may be + annotations defines an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ @@ -6442,14 +6654,14 @@ spec: additionalProperties: type: string description: |- - Map of string keys and values that can be used to organize and categorize + labels define the map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ type: object name: description: |- - Name must be unique within a namespace. Is required when creating resources, although + name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. @@ -6459,7 +6671,7 @@ spec: type: object spec: description: |- - Defines the desired characteristics of a volume requested by a pod author. + spec defines the specification of the characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: accessModes: @@ -6636,15 +6848,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -6657,7 +6867,7 @@ spec: type: string type: object status: - description: 'Deprecated: this field is never set.' + description: 'status is deprecated: this field is never set.' properties: accessModes: description: |- @@ -6806,13 +7016,11 @@ spec: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). type: string modifyVolumeStatus: description: |- ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. When this is unset, there is no ModifyVolume operation being attempted. - This is a beta field and requires enabling VolumeAttributesClass feature (off by default). properties: status: description: "status is the status of the ControllerModifyVolume @@ -6844,7 +7052,7 @@ spec: type: object terminationGracePeriodSeconds: description: |- - Optional duration in seconds the pod needs to terminate gracefully. + terminationGracePeriodSeconds defines the optional duration in seconds the pod needs to terminate gracefully. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down) which may lead to data corruption. @@ -6853,7 +7061,7 @@ spec: minimum: 0 type: integer tolerations: - description: If specified, the pod's tolerations. + description: tolerations defines when specified, the pod's tolerations. items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -6892,7 +7100,8 @@ spec: type: object type: array topologySpreadConstraints: - description: If specified, the pod's topology spread constraints. + description: topologySpreadConstraints defines the pod's topology + spread constraints. items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. @@ -7067,7 +7276,7 @@ spec: type: array tracingConfig: description: |- - Configures tracing. + tracingConfig defines the tracing configuration. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration @@ -7100,7 +7309,7 @@ spec: x-kubernetes-map-type: atomic tracingConfigFile: description: |- - Configures the path of the tracing configuration file. + tracingConfigFile defines the path of the tracing configuration file. The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration @@ -7112,11 +7321,11 @@ spec: This field takes precedence over `tracingConfig`. type: string version: - description: Version of Thanos to be deployed. + description: version of Thanos to be deployed. type: string volumeMounts: description: |- - VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. + volumeMounts defines how the configuration of additional VolumeMounts on the output StatefulSet definition. VolumeMounts specified will be appended to other VolumeMounts in the ruler container, that are generated as a result of StorageSpec objects. items: @@ -7183,7 +7392,7 @@ spec: type: array volumes: description: |- - Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will + volumes defines how configuration of additional volumes on the output StatefulSet definition. Volumes specified will be appended to other volumes that are generated as a result of StorageSpec objects. items: description: Volume represents a named volume in a pod that may @@ -7856,15 +8065,13 @@ spec: volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. + it can be changed after the claim is created. An empty string or nil value indicates that no + VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, + this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -8046,12 +8253,10 @@ spec: description: |- glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. Deprecated: Glusterfs is deprecated and the in-tree glusterfs type is no longer supported. - More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: endpoints is the endpoint name that details + Glusterfs topology. type: string path: description: |- @@ -8130,7 +8335,7 @@ spec: description: |- iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + More info: https://kubernetes.io/docs/concepts/storage/volumes/#iscsi properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -8550,6 +8755,111 @@ spec: type: array x-kubernetes-list-type: atomic type: object + podCertificate: + description: |- + Projects an auto-rotating credential bundle (private key and certificate + chain) that the pod can use either as a TLS client or server. + + Kubelet generates a private key and uses it to send a + PodCertificateRequest to the named signer. Once the signer approves the + request and issues a certificate chain, Kubelet writes the key and + certificate chain to the pod filesystem. The pod does not start until + certificates have been issued for each podCertificate projected volume + source in its spec. + + Kubelet will begin trying to rotate the certificate at the time indicated + by the signer using the PodCertificateRequest.Status.BeginRefreshAt + timestamp. + + Kubelet can write a single file, indicated by the credentialBundlePath + field, or separate files, indicated by the keyPath and + certificateChainPath fields. + + The credential bundle is a single file in PEM format. The first PEM + entry is the private key (in PKCS#8 format), and the remaining PEM + entries are the certificate chain issued by the signer (typically, + signers will return their certificate chain in leaf-to-root order). + + Prefer using the credential bundle format, since your application code + can read it atomically. If you use keyPath and certificateChainPath, + your application must make two separate file reads. If these coincide + with a certificate rotation, it is possible that the private key and leaf + certificate you read may not correspond to each other. Your application + will need to check for this condition, and re-read until they are + consistent. + + The named signer controls chooses the format of the certificate it + issues; consult the signer implementation's documentation to learn how to + use the certificates it issues. + properties: + certificateChainPath: + description: |- + Write the certificate chain at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + credentialBundlePath: + description: |- + Write the credential bundle at this path in the projected volume. + + The credential bundle is a single file that contains multiple PEM blocks. + The first PEM block is a PRIVATE KEY block, containing a PKCS#8 private + key. + + The remaining blocks are CERTIFICATE blocks, containing the issued + certificate chain from the signer (leaf and any intermediates). + + Using credentialBundlePath lets your Pod's application code make a single + atomic read that retrieves a consistent key and certificate chain. If you + project them to separate files, your application code will need to + additionally check that the leaf certificate was issued to the key. + type: string + keyPath: + description: |- + Write the key at this path in the projected volume. + + Most applications should use credentialBundlePath. When using keyPath + and certificateChainPath, your application needs to check that the key + and leaf certificate are consistent, because it is possible to read the + files mid-rotation. + type: string + keyType: + description: |- + The type of keypair Kubelet will generate for the pod. + + Valid values are "RSA3072", "RSA4096", "ECDSAP256", "ECDSAP384", + "ECDSAP521", and "ED25519". + type: string + maxExpirationSeconds: + description: |- + maxExpirationSeconds is the maximum lifetime permitted for the + certificate. + + Kubelet copies this value verbatim into the PodCertificateRequests it + generates for this projection. + + If omitted, kube-apiserver will set it to 86400(24 hours). kube-apiserver + will reject values shorter than 3600 (1 hour). The maximum allowable + value is 7862400 (91 days). + + The signer implementation is then free to issue a certificate with any + lifetime *shorter* than MaxExpirationSeconds, but no shorter than 3600 + seconds (1 hour). This constraint is enforced by kube-apiserver. + `kubernetes.io` signers will never issue certificates with a lifetime + longer than 24 hours. + format: int32 + type: integer + signerName: + description: Kubelet's generated CSRs will be + addressed to this signer. + type: string + required: + - keyType + - signerName + type: object secret: description: secret information about the secret data to project @@ -8684,7 +8994,6 @@ spec: description: |- rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. Deprecated: RBD is deprecated and the in-tree rbd type is no longer supported. - More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: description: |- @@ -8968,22 +9277,24 @@ spec: type: object type: array web: - description: Defines the configuration of the ThanosRuler web server. + description: web defines the configuration of the ThanosRuler web + server. properties: httpConfig: - description: Defines HTTP parameters for web server. + description: httpConfig defines HTTP parameters for web server. properties: headers: - description: List of headers that can be added to HTTP responses. + description: headers defines a list of headers that can be + added to HTTP responses. properties: contentSecurityPolicy: description: |- - Set the Content-Security-Policy header to HTTP responses. + contentSecurityPolicy defines the Content-Security-Policy header to HTTP responses. Unset if blank. type: string strictTransportSecurity: description: |- - Set the Strict-Transport-Security header to HTTP responses. + strictTransportSecurity defines the Strict-Transport-Security header to HTTP responses. Unset if blank. Please make sure that you use this with care as this header might force browsers to load Prometheus and the other applications hosted on the same @@ -8992,7 +9303,7 @@ spec: type: string xContentTypeOptions: description: |- - Set the X-Content-Type-Options header to HTTP responses. + xContentTypeOptions defines the X-Content-Type-Options header to HTTP responses. Unset if blank. Accepted value is nosniff. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options enum: @@ -9001,7 +9312,7 @@ spec: type: string xFrameOptions: description: |- - Set the X-Frame-Options header to HTTP responses. + xFrameOptions defines the X-Frame-Options header to HTTP responses. Unset if blank. Accepted values are deny and sameorigin. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options enum: @@ -9011,32 +9322,32 @@ spec: type: string xXSSProtection: description: |- - Set the X-XSS-Protection header to all responses. + xXSSProtection defines the X-XSS-Protection header to all responses. Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection type: string type: object http2: description: |- - Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. + http2 enable HTTP/2 support. Note that HTTP/2 is only supported with TLS. When TLSConfig is not configured, HTTP/2 will be disabled. Whenever the value of the field changes, a rolling update will be triggered. type: boolean type: object tlsConfig: - description: Defines the TLS parameters for HTTPS. + description: tlsConfig defines the TLS parameters for HTTPS. properties: cert: description: |- - Secret or ConfigMap containing the TLS certificate for the web server. + cert defines the Secret or ConfigMap containing the TLS certificate for the web server. Either `keySecret` or `keyFile` must be defined. It is mutually exclusive with `certFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9059,7 +9370,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9085,7 +9397,7 @@ spec: type: object certFile: description: |- - Path to the TLS certificate file in the container for the web server. + certFile defines the path to the TLS certificate file in the container for the web server. Either `keySecret` or `keyFile` must be defined. @@ -9093,7 +9405,7 @@ spec: type: string cipherSuites: description: |- - List of supported cipher suites for TLS versions up to TLS 1.2. + cipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. If not defined, the Go default cipher suites are used. Available cipher suites are documented in the Go documentation: @@ -9103,14 +9415,14 @@ spec: type: array client_ca: description: |- - Secret or ConfigMap containing the CA certificate for client certificate + client_ca defines the Secret or ConfigMap containing the CA certificate for client certificate authentication to the server. It is mutually exclusive with `clientCAFile`. properties: configMap: - description: ConfigMap containing data to use for the - targets. + description: configMap defines the ConfigMap containing + data to use for the targets. properties: key: description: The key to select. @@ -9133,7 +9445,8 @@ spec: type: object x-kubernetes-map-type: atomic secret: - description: Secret containing data to use for the targets. + description: secret defines the Secret containing data + to use for the targets. properties: key: description: The key of the secret to select from. Must @@ -9159,21 +9472,21 @@ spec: type: object clientAuthType: description: |- - The server policy for client TLS authentication. + clientAuthType defines the server policy for client TLS authentication. For more detail on clientAuth options: https://golang.org/pkg/crypto/tls/#ClientAuthType type: string clientCAFile: description: |- - Path to the CA certificate file for client certificate authentication to + clientCAFile defines the path to the CA certificate file for client certificate authentication to the server. It is mutually exclusive with `client_ca`. type: string curvePreferences: description: |- - Elliptic curves that will be used in an ECDHE handshake, in preference + curvePreferences defines elliptic curves that will be used in an ECDHE handshake, in preference order. Available curves are documented in the Go documentation: @@ -9183,7 +9496,7 @@ spec: type: array keyFile: description: |- - Path to the TLS private key file in the container for the web server. + keyFile defines the path to the TLS private key file in the container for the web server. If defined, either `cert` or `certFile` must be defined. @@ -9191,7 +9504,7 @@ spec: type: string keySecret: description: |- - Secret containing the TLS private key for the web server. + keySecret defines the secret containing the TLS private key for the web server. Either `cert` or `certFile` must be defined. @@ -9219,14 +9532,16 @@ spec: type: object x-kubernetes-map-type: atomic maxVersion: - description: Maximum TLS version that is acceptable. + description: maxVersion defines the Maximum TLS version that + is acceptable. type: string minVersion: - description: Minimum TLS version that is acceptable. + description: minVersion defines the minimum TLS version that + is acceptable. type: string preferServerCipherSuites: description: |- - Controls whether the server selects the client's most preferred cipher + preferServerCipherSuites defines whether the server selects the client's most preferred cipher suite, or the server's most preferred cipher suite. If true then the server's preference, as expressed in @@ -9237,18 +9552,19 @@ spec: type: object status: description: |- - Most recent observed status of the ThanosRuler cluster. Read-only. + status defines the most recent observed status of the ThanosRuler cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status properties: availableReplicas: description: |- - Total number of available pods (ready for at least minReadySeconds) + availableReplicas defines the total number of available pods (ready for at least minReadySeconds) targeted by this ThanosRuler deployment. format: int32 type: integer conditions: - description: The current state of the ThanosRuler object. + description: conditions defines the current state of the ThanosRuler + object. items: description: |- Condition represents the state of the resources associated with the @@ -9260,12 +9576,12 @@ spec: format: date-time type: string message: - description: Human-readable message indicating details for the - condition's last transition. + description: message defines human-readable message indicating + details for the condition's last transition. type: string observedGeneration: description: |- - ObservedGeneration represents the .metadata.generation that the + observedGeneration defines the .metadata.generation that the condition was set based upon. For instance, if `.metadata.generation` is currently 12, but the `.status.conditions[].observedGeneration` is 9, the condition is out of date with respect to the current state of the @@ -9273,14 +9589,14 @@ spec: format: int64 type: integer reason: - description: Reason for the condition's last transition. + description: reason for the condition's last transition. type: string status: - description: Status of the condition. + description: status of the condition. minLength: 1 type: string type: - description: Type of the condition being reported. + description: type of the condition being reported. minLength: 1 type: string required: @@ -9294,32 +9610,26 @@ spec: x-kubernetes-list-type: map paused: description: |- - Represents whether any actions on the underlying managed objects are + paused defines whether any actions on the underlying managed objects are being performed. Only delete actions will be performed. type: boolean replicas: description: |- - Total number of non-terminated pods targeted by this ThanosRuler deployment + replicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment (their labels match the selector). format: int32 type: integer unavailableReplicas: - description: Total number of unavailable pods targeted by this ThanosRuler - deployment. + description: unavailableReplicas defines the total number of unavailable + pods targeted by this ThanosRuler deployment. format: int32 type: integer updatedReplicas: description: |- - Total number of non-terminated pods targeted by this ThanosRuler deployment + updatedReplicas defines the total number of non-terminated pods targeted by this ThanosRuler deployment that have the desired version spec. format: int32 type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas type: object required: - spec diff --git a/charts/prometheus-snmp-exporter/Chart.yaml b/charts/prometheus-snmp-exporter/Chart.yaml index 4dfb112484b5..552527bcaf2c 100644 --- a/charts/prometheus-snmp-exporter/Chart.yaml +++ b/charts/prometheus-snmp-exporter/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: Prometheus SNMP Exporter name: prometheus-snmp-exporter -version: 9.7.0 +version: 9.8.0 # renovate: github=prometheus/snmp_exporter appVersion: v0.29.0 home: https://github.com/prometheus/snmp_exporter diff --git a/charts/prometheus-snmp-exporter/values.yaml b/charts/prometheus-snmp-exporter/values.yaml index d659b7c0ba0d..db79f7978781 100644 --- a/charts/prometheus-snmp-exporter/values.yaml +++ b/charts/prometheus-snmp-exporter/values.yaml @@ -168,7 +168,7 @@ configmapReload: ## image: repository: quay.io/prometheus-operator/prometheus-config-reloader - tag: v0.85.0 + tag: v0.86.0 pullPolicy: IfNotPresent ## configmap-reload resource requests and limits diff --git a/charts/prometheus/Chart.lock b/charts/prometheus/Chart.lock index 43263a3c2f43..4250cee69cb5 100644 --- a/charts/prometheus/Chart.lock +++ b/charts/prometheus/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: alertmanager repository: https://prometheus-community.github.io/helm-charts - version: 1.26.0 + version: 1.27.0 - name: kube-state-metrics repository: https://prometheus-community.github.io/helm-charts version: 6.3.0 @@ -11,5 +11,5 @@ dependencies: - name: prometheus-pushgateway repository: https://prometheus-community.github.io/helm-charts version: 3.4.1 -digest: sha256:b91d3b8c4f4b6cadffb880c90593ccac4d04d12841a29e450d81455b4992bce4 -generated: "2025-09-18T21:32:47.634109421Z" +digest: sha256:bc793718c76123fbc3a017bb30f18cf026186314f641355627eec0ea067f9899 +generated: "2025-10-09T06:48:25.939485499Z" diff --git a/charts/prometheus/Chart.yaml b/charts/prometheus/Chart.yaml index 001a94328051..64db9fd3bff3 100644 --- a/charts/prometheus/Chart.yaml +++ b/charts/prometheus/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: prometheus # renovate: github=prometheus/prometheus appVersion: v3.6.0 -version: 27.39.0 +version: 27.40.0 kubeVersion: ">=1.19.0-0" description: Prometheus is a monitoring system and time series database. home: https://prometheus.io/ @@ -32,7 +32,7 @@ maintainers: type: application dependencies: - name: alertmanager - version: "1.26.*" + version: "1.27.*" repository: https://prometheus-community.github.io/helm-charts condition: alertmanager.enabled - name: kube-state-metrics diff --git a/charts/prometheus/values.yaml b/charts/prometheus/values.yaml index cd7fd4342cdc..7a03a94a8669 100644 --- a/charts/prometheus/values.yaml +++ b/charts/prometheus/values.yaml @@ -57,7 +57,7 @@ configmapReload: ## image: repository: quay.io/prometheus-operator/prometheus-config-reloader - tag: v0.85.0 + tag: v0.86.0 # When digest is set to a non-empty value, images will be pulled by digest (regardless of tag value). digest: "" pullPolicy: IfNotPresent diff --git a/renovate.json b/renovate.json index 41a35d2349b0..8f55d0e80576 100644 --- a/renovate.json +++ b/renovate.json @@ -136,6 +136,13 @@ "matchUpdateTypes": [ "major", "minor" ] + }, + { + "matchPackageNames": ["actions/python-versions", "python"], + "matchDepTypes": [ + "uses-with" + ], + "allowedVersions": "<=3.13" } ] }