easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jsonnet/kube-prometheus/kube-state-metrics: Move rules into array

Browse Source
This commit is contained in:
Matthias Loibl
2019-07-12 13:36:24 +02:00
committed by Lili Cosic
parent 2f1083be7e
commit 7d6183a9ec
1 changed files with 75 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
View File

@@ -43,88 +43,89 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
local clusterRole = k.rbac.v1.clusterRole;
local rulesType = clusterRole.rulesType;
local coreRule = rulesType.new() +
rulesType.withApiGroups(['']) +
rulesType.withResources([
'configmaps',
'secrets',
'nodes',
'pods',
'services',
'resourcequotas',
'replicationcontrollers',
'limitranges',
'persistentvolumeclaims',
'persistentvolumes',
'namespaces',
'endpoints',
]) +
rulesType.withVerbs(['list', 'watch']);
local rules = [
rulesType.new() +
rulesType.withApiGroups(['']) +
rulesType.withResources([
'configmaps',
'secrets',
'nodes',
'pods',
'services',
'resourcequotas',
'replicationcontrollers',
'limitranges',
'persistentvolumeclaims',
'persistentvolumes',
'namespaces',
'endpoints',
]) +
rulesType.withVerbs(['list', 'watch']),
local extensionsRule = rulesType.new() +
rulesType.withApiGroups(['extensions']) +
rulesType.withResources([
'daemonsets',
'deployments',
'replicasets',
'ingresses',
]) +
rulesType.withVerbs(['list', 'watch']);
rulesType.new() +
rulesType.withApiGroups(['extensions']) +
rulesType.withResources([
'daemonsets',
'deployments',
'replicasets',
'ingresses',
]) +
rulesType.withVerbs(['list', 'watch']),
local appsRule = rulesType.new() +
rulesType.withApiGroups(['apps']) +
rulesType.withResources([
'statefulsets',
'daemonsets',
'deployments',
'replicasets',
]) +
rulesType.withVerbs(['list', 'watch']);
rulesType.new() +
rulesType.withApiGroups(['apps']) +
rulesType.withResources([
'statefulsets',
'daemonsets',
'deployments',
'replicasets',
]) +
rulesType.withVerbs(['list', 'watch']),
local batchRule = rulesType.new() +
rulesType.withApiGroups(['batch']) +
rulesType.withResources([
'cronjobs',
'jobs',
]) +
rulesType.withVerbs(['list', 'watch']);
rulesType.new() +
rulesType.withApiGroups(['batch']) +
rulesType.withResources([
'cronjobs',
'jobs',
]) +
rulesType.withVerbs(['list', 'watch']),
local autoscalingRule = rulesType.new() +
rulesType.withApiGroups(['autoscaling']) +
rulesType.withResources([
'horizontalpodautoscalers',
]) +
rulesType.withVerbs(['list', 'watch']);
rulesType.new() +
rulesType.withApiGroups(['autoscaling']) +
rulesType.withResources([
'horizontalpodautoscalers',
]) +
rulesType.withVerbs(['list', 'watch']),
local authenticationRole = rulesType.new() +
rulesType.withApiGroups(['authentication.k8s.io']) +
rulesType.withResources([
'tokenreviews',
]) +
rulesType.withVerbs(['create']);
rulesType.new() +
rulesType.withApiGroups(['authentication.k8s.io']) +
rulesType.withResources([
'tokenreviews',
]) +
rulesType.withVerbs(['create']),
local authorizationRole = rulesType.new() +
rulesType.withApiGroups(['authorization.k8s.io']) +
rulesType.withResources([
'subjectaccessreviews',
]) +
rulesType.withVerbs(['create']);
rulesType.new() +
rulesType.withApiGroups(['authorization.k8s.io']) +
rulesType.withResources([
'subjectaccessreviews',
]) +
rulesType.withVerbs(['create']),
local policyRule = rulesType.new() +
rulesType.withApiGroups(['policy']) +
rulesType.withResources([
'poddisruptionbudgets',
]) +
rulesType.withVerbs(['list', 'watch']);
local certificateRule = rulesType.new() +
rulesType.withApiGroups(['certificates.k8s.io']) +
rulesType.withResources([
'certificatesigningrequests',
]) +
rulesType.withVerbs(['list', 'watch']);
rulesType.new() +
rulesType.withApiGroups(['policy']) +
rulesType.withResources([
'poddisruptionbudgets',
]) +
rulesType.withVerbs(['list', 'watch']),
local rules = [coreRule, extensionsRule, appsRule, batchRule, autoscalingRule, authenticationRole, authorizationRole, policyRule, certificateRule];
rulesType.new() +
rulesType.withApiGroups(['certificates.k8s.io']) +
rulesType.withResources([
'certificatesigningrequests',
]) +
rulesType.withVerbs(['list', 'watch']),
];
clusterRole.new() +
clusterRole.mixin.metadata.withName('kube-state-metrics') +