Instead of running kubeconform on only one version of Kubernetes, it
would be better to run it against the 2 latests versions of Kubernetes
that kube-prometheus supports, so that the validation will be in line
with our support policy.
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
Make target `manifests` has a dependency on build.sh which if untouched
wouldn't generate the manifests after the first run. This patch fixes it
by removing the `build.sh` dependency
Signed-off-by: Sunil Thaha <sthaha@redhat.com>
This change updates the version of kubeconform to 0.4.7. It simplifies the
`validate` Makefile target and extracts the kubernetes version into a variable.
The `find` call in the Makefile doesn't actually output any `*.libsonnet` file due to the way `find` handles operators. This was discovered using GNU `find` on a Mac. From the manpages:
> Please note that -a when specified implicitly (for example by two tests appearing without an explicit operator between them) or explicitly has higher precedence than -o. This means that find . -name afile -o -name bfile -print will never print afile.
A simple addition of `-print` to force the print fixes the issue.
The new version (v0.3.1) of jsonnet bundler causes some changes
to go.mod and jsonnetfile.json. The build should 'go get' a
specific version instead of the latest to prevent new releases
from breaking existing builds.
Since 1664600, manifests are built using `examples/kustomize.jsonnet`
instead of `example.jsonnet`.
This commit updates the dependencies in the `manifests` target to
reflect that change.
* [Modified] Makefile to run kustomize.jsonnet
* [Modified] Moved kustomization from example.jsonnet to
examples/kustomize.jsonnet
* [Modified] kustomization file to land at root of kube-prometheus so
current users can continue to use `kubectl apply -f manifests`
Previously the `manifests` and `vendor` folder content has been build
via `manifests/**` and `vendor/**` target definitions. This results in
two issues:
1. The GNU Make recipe is executed for every single file in the folders.
2. Not all timestamps inside the `manifests` folder would be updated on
every run, thereby needing to be rerun on all following target
executions.
Solution:
1. Define the target based on the folder, not individual files
2. Remove target folder before execution recipe to ensure all timestamps
are updated.
- Move prometheus-config-reloader to cmd/
- Refactor Makefile & contrib/kube-prometheus/Makefile
- Only execute a target if its dependencies changed
- Create empty target file for docker builds
- Replace promu with plain static `go build`
This patch introduces a new Custom Resource Definition to the
Prometheus Operator - the Rule CRD. It addresses two main
needs:
1. Prometheus (alerting and recording) Rule validation during creation time
via Kubernetes Custom Resource Definition validation.
2. Life-cycle management of Prometheus application Rules alongside the
application itself, inside the applications Kubernetes namespace, not
necessarily the namespace of the scraping Prometheus instance.
A user defines Prometheus alerting and recording Rules via a Kubernetes
Custom Resource Definition. These Custom Resource Definitions can be
fully validated by the Kubernetes API server during creation time via
automatically generated OpenAPI specifications. Instead of the
restriction of a Prometheus instance to only select Rule definitions
inside its own namespace, the Prometheus specification is extended to
also specify namespaces to look for Rule Custom Resource Definitions
outside its own namespace.
---
Dependent technical changes:
- prometheus: Use github.com/jimmidyson/configmap-reload to reload rules
- prometheus: Remove Prometheus Statefulset deletion function. Starting
with K8s >=1.8 this is handled via OwnerReferences.
- prometheus: Do not add rule files checksum to Prometheus configuration
secret
- prometheus: Update StatefulSet only on relevant changes. Instead of
updating the Prometheus StatefulSet on every `sync()` run, only update
it if the input parameters to `makeStatefulSet` change. Enforce this
via a checksum of the parameters which is saved inside the annotations
of the statefulset.
- e2e/prometheus: Check how often resources (Secret, ConfigMap,
Prometheus CRD, Service) are updated to enforce that Prometheus Operator
only updated created resources if necessary.
- contrib/prometheus-config-reloader: Remove logic to retriev K8s
ConfigMaps. These are mounted into the pod right away now.
