Skip to content
Toggle navigation
Toggle navigation
This project
Loading...
Sign in
brainfood
/
k8s-helmfiles
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Wiki
Network
Create a new issue
Builds
Commits
Issue Boards
Files
Commits
Network
Compare
Branches
Tags
9ae11775
authored
2022-06-17 18:39:06 -0500
by
Adam Heath
Browse Files
Options
Browse Files
Tag
Download
Email Patches
Plain Diff
Add kube-prometheus-stack.
1 parent
dfec78f8
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
191 additions
and
0 deletions
kube-prometheus-stack/charts/monitoring-config/grafana-oauth-config.yaml
kube-prometheus-stack/charts/monitoring-istio/kustomization.yaml
kube-prometheus-stack/charts/monitoring-istio/virtual-service.yaml
kube-prometheus-stack/helmfile.yaml
kube-prometheus-stack/set-common-values.yaml.gotmpl
kube-prometheus-stack/charts/monitoring-config/grafana-oauth-config.yaml
0 → 100644
View file @
9ae1177
---
apiVersion
:
v1
kind
:
ConfigMap
metadata
:
name
:
grafana-generic-oauth-config
data
:
GF_AUTH_GENERIC_OAUTH_ENABLED
:
"
true"
GF_AUTH_GENERIC_OAUTH_NAME
:
"
Keycloak"
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP
:
"
true"
GF_AUTH_GENERIC_OAUTH_SCOPES
:
profile
GF_AUTH_GENERIC_OAUTH_AUTH_URL
:
"
https://auth.local/auth/realms/example.com/protocol/openid-connect/auth"
GF_AUTH_GENERIC_OAUTH_TOKEN_URL
:
"
https://auth.local/auth/realms/example.com/protocol/openid-connect/token"
GF_AUTH_GENERIC_OAUTH_API_URL
:
"
https://auth.local/auth/realms/example.com/protocol/openid-connect/userinfo"
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH
:
"
contains(roles[*],
'admin')
&&
'Admin'
||
contains(roles[*],
'editor')
&&
'Editor'
||
'invalid'"
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_STRICT
:
"
true"
GF_AUTH_GENERIC_OAUTH_TLS_SKIP_VERIFY_INSECURE
:
"
true"
---
apiVersion
:
v1
kind
:
Secret
metadata
:
name
:
grafana-generic-oauth-secret
stringData
:
GF_AUTH_GENERIC_OAUTH_CLIENT_ID
:
"
grafana-dashboard"
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
:
"
REPLACEME"
---
kube-prometheus-stack/charts/monitoring-istio/kustomization.yaml
0 → 100644
View file @
9ae1177
resources
:
-
./virtual-service.yaml
kube-prometheus-stack/charts/monitoring-istio/virtual-service.yaml
0 → 100644
View file @
9ae1177
apiVersion
:
networking.istio.io/v1alpha3
kind
:
VirtualService
metadata
:
name
:
grafana
spec
:
hosts
:
-
"
grafana.local"
gateways
:
-
cluster-local-gateway
http
:
-
match
:
-
uri
:
prefix
:
/
route
:
-
destination
:
port
:
number
:
80
host
:
kube-prometheus-stack-grafana.monitoring.svc.cluster.local
---
kube-prometheus-stack/helmfile.yaml
0 → 100644
View file @
9ae1177
environments
:
default
:
values
:
-
namespace
:
monitoring
namePrefix
:
"
"
grafana
:
oauth
:
enabled
:
false
authUrl
:
"
"
tokenUrl
:
"
"
userinfoUrl
:
"
"
clientId
:
"
"
clientSecret
:
"
"
virtualService
:
enabled
:
true
jsonPatches
:
[]
strategicMergePatches
:
[]
gateways
:
-
default/cluster-local-gateway
vhost
:
grafana.local
repositories
:
-
name
:
prometheus-community
url
:
https://prometheus-community.github.io/helm-charts
-
name
:
kube-state-metrics
url
:
https://kubernetes.github.io/kube-state-metrics
-
name
:
grafana
url
:
https://grafana.github.io/helm-charts
---
releases
:
-
name
:
monitoring-config
chart
:
./charts/monitoring-config
namespace
:
{{
.Values.namespace
}}
values
:
-
set-common-values.yaml.gotmpl
jsonPatches
:
-
target
:
kind
:
ConfigMap
name
:
{{
.Values.namePrefix
}}
grafana-generic-oauth-config
namespace
:
{{
.Values.namespace
}}
version
:
v1
patch
:
-
op
:
replace
path
:
/data/GF_SERVER_ROOT_URL
value
:
https://{{ .Values.grafana.virtualService.vhost }}
{{
- if .Values.grafana.oauth.enabled
}}
-
op
:
replace
path
:
/data/GF_AUTH_GENERIC_OAUTH_AUTH_URL
value
:
{{
.Values.grafana.oauth.authUrl
}}
-
op
:
replace
path
:
/data/GF_AUTH_GENERIC_OAUTH_TOKEN_URL
value
:
{{
.Values.grafana.oauth.tokenUrl
}}
-
op
:
replace
path
:
/data/GF_AUTH_GENERIC_OAUTH_API_URL
value
:
{{
.Values.grafana.oauth.userinfoUrl
}}
{{
- end
}}
{{
- if .Values.grafana.oauth.enabled
}}
-
target
:
kind
:
Secret
name
:
{{
.Values.namePrefix
}}
grafana-generic-oauth-secret
namespace
:
{{
.Values.namespace
}}
version
:
v1
patch
:
-
op
:
replace
path
:
/stringData/GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
value
:
{{
.Values | get "grafana.keycloak.client-id" ""
}}
-
op
:
replace
path
:
/stringData/GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
value
:
{{
.Values | get "grafana.keycloak.client-secret" ""
}}
{{
- end
}}
-
name
:
kube-prometheus-stack
chart
:
prometheus-community/kube-prometheus-stack
namespace
:
{{
.Values.namespace
}}
values
:
-
set-common-values.yaml.gotmpl
-
prometheus
:
prometheusSpec
:
serviceMonitorSelectorNilUsesHelmValues
:
false
podMonitorSelectorNilUsesHelmValues
:
false
probeSelectorNilUsesHelmValues
:
false
disableValidation
:
true
strategicMergePatches
:
-
apiVersion
:
apps/v1
kind
:
Deployment
metadata
:
name
:
{{
.Values.namePrefix
}}
kube-prometheus-stack-grafana
namespace
:
{{
.Values.namespace
}}
spec
:
template
:
spec
:
containers
:
-
name
:
grafana
{{
- if .Values.grafana.oauth.enabled
}}
envFrom
:
-
configMapRef
:
name
:
{{
.Values.namePrefix
}}
grafana-generic-oauth-config
-
secretRef
:
name
:
{{
.Values.namePrefix
}}
grafana-generic-oauth-secret
{{
- end
}}
-
name
:
monitoring-istio
chart
:
./charts/monitoring-istio
namespace
:
{{
.Values.namespace
}}
values
:
-
set-common-values.yaml.gotmpl
jsonPatches
:
{{
- if .Values.grafana.virtualService.enabled
}}
-
target
:
kind
:
VirtualService
name
:
{{
.Values.namePrefix
}}
grafana
namespace
:
{{
.Values.namespace
}}
version
:
v1beta3
group
:
networking.istio.io
patch
:
-
op
:
replace
path
:
/spec/http/0/route/0/destination/host
value
:
{{
.Values.namePrefix
}}
grafana
{{
- end
}}
{{
- if not (empty (.Values.grafana.virtualService.jsonPatches))
}}
{{
- .Values.grafana.virtualService.jsonPatches | toYaml | indent 6
}}
{{
- end
}}
strategicMergePatches
:
-
apiVersion
:
networking.istio.io/v1alpha3
kind
:
VirtualService
metadata
:
name
:
{{
.Values.namePrefix
}}
grafana
namespace
:
{{
.Values.namespace
}}
{{
- if .Values.grafana.virtualService.enabled
}}
spec
:
hosts
:
-
{{
.Values.grafana.virtualService.vhost
}}
gateways
:
{{
- range $gateway_index
,
$gateway
:
= .Values.grafana.virtualService.gateways
}}
-
{{
$gateway | quote
}}
{{
- end
}}
{{
- else
}}
$patch
:
delete
{{
- end
}}
kube-prometheus-stack/set-common-values.yaml.gotmpl
0 → 100644
View file @
9ae1177
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}
Please
register
or
sign in
to post a comment