easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,519 Commits 19 Branches 14 Tags
85de14dd8d1f21d6492af66607fe64d27e1e6f45
Commit Graph

2519 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paweł Krupa
85de14dd8d Merge pull request #1606 from paulfantom/revert-1598 2022-01-31 18:01:24 +01:00
Paweł Krupa (paulfantom)
a44622ed54 Revert "workflows/versions: Enable auto-merge" 
This reverts commit f0d9be27b3.
 2022-01-31 17:52:19 +01:00
Arthur Silva Sens
b113c45a18 Merge pull request #1600 from ArthurSens/readOnlyRootFilesystem 2022-01-28 11:59:47 +00:00
ArthurSens
98664db925 Adjust Kubescape threshold 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-01-27 16:05:39 +00:00
Arthur Silva Sens
57c46a2861 components/*: Forbid write access to root filesystem 
Signed-off-by: GitHub <noreply@github.com>
 2022-01-27 16:03:58 +00:00
Simon Pasquier
48b2bb6a72 Merge pull request #1601 from PhilipGough/kubescape-1 
docs: Update broken link
 2022-01-27 16:09:38 +01:00
Paweł Krupa
b68f3f0f07 Merge pull request #1556 from arajkumar/fix-thanos-sidecar-selector 2022-01-27 13:06:59 +01:00
Philip Gough
ea7141ffe2 docs: Update broken link 2022-01-27 10:52:09 +00:00
Philip Gough
3521698843 Merge pull request #1590 from PhilipGough/kubescape-1 
Document security audit exceptions for node-exporter
 2022-01-27 09:59:22 +00:00
Paweł Krupa
c2d6b3e8c6 Merge pull request #1598 from ArthurSens/as/dependency-automerge 2022-01-25 17:34:29 +01:00
ArthurSens
f0d9be27b3 workflows/versions: Enable auto-merge 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-01-25 15:30:57 +00:00
Philip Gough
586fc87b81 make: Lower the threshold for the security scan to account for documented exceptions 2022-01-24 10:58:08 +00:00
Philip Gough
b924650344 docs: Add details about security scanning of manifests and exceptions 2022-01-24 10:58:08 +00:00
Philip Gough
02f1550261 ci: Add exceptions for node-exporter to kubescape config 2022-01-24 10:45:52 +00:00
Arthur Silva Sens
4d004393e1 Merge pull request #1593 from prometheus-operator/as/forbid-privilege-scalation 
Explicitly declare allowPrivilegeEscalation to false in all components
 2022-01-24 10:38:33 +00:00
Arthur Silva Sens
2d02121731 kubescape: Adjust risk threshold 
Signed-off-by: GitHub <noreply@github.com>
 2022-01-24 10:31:48 +00:00
Arthur Silva Sens
b60b302499 Explicitly declare allowPrivilegeEscalation to false 
Although containers that do not run as privileged already have this set to false by kubernetes
Kubespace [asks us](https://hub.armo.cloud/docs/c-0016) to explicitly declare it to false where not needed.

Signed-off-by: Arthur Silva Sens <arthursens2005@gmail.com>
 2022-01-24 10:31:43 +00:00
Arthur Silva Sens
90ad3c99fc Merge pull request #1594 from prometheus-operator/automated-updates-main 
[bot] [main] Automated version update
 2022-01-24 08:31:53 +00:00
Prometheus Operator Bot
ef40bc5759 [bot] [main] Automated version update 2022-01-24 07:43:49 +00:00
Arthur Silva Sens
f7d3019a8f Merge pull request #1584 from PhilipGough/fix-1466 
Scan generated manifests with kubescape in CI
 2022-01-18 11:51:29 -03:00
Philip Gough
9c9f73f6c5 ci: Add check for security scan of manifest 2022-01-17 16:08:19 +00:00
Philip Gough
e286f74647 make: Target for security scan 2022-01-17 16:08:19 +00:00
Philip Gough
b8a05f4197 scripts: Adds kubescape to tooling 
https://github.com/armosec/kubescape allows us to
run a scan of the generated manifests and assess the
security risk.
 2022-01-17 16:08:19 +00:00
Philip Gough
d2cae36f84 Merge pull request #1586 from PhilipGough/go-version-bump 
build: Bump to build with Go 1.17
 2022-01-17 16:08:00 +00:00
Philip Gough
1344092b36 build: Bump to build with Go 1.17 2022-01-17 15:18:50 +00:00
Paweł Krupa
fabf443d4d Merge pull request #1583 from prometheus-operator/automated-updates-main 2022-01-17 11:49:19 +01:00
Prometheus Operator Bot
b8bbb57b28 [bot] [main] Automated version update 2022-01-17 07:42:02 +00:00
Philip Gough
f2559e0ced Merge pull request #1566 from primeroz/fix/do-not-add-namespace-to-clusterwide-resources 
Hide namespace for prometheus clusterRole and clusterRolebinding
 2022-01-10 11:19:31 +00:00
Paweł Krupa
6ce05e2541 Merge pull request #1579 from prometheus-operator/automated-updates-main 
[bot] [main] Automated version update
 2022-01-10 10:40:05 +01:00
Andrei Nistor
1d3dbe61cb Inhibit info alerts unless other alerts fire (#1507) 
* Inhibit info alerts unless other alerts fire

* Fix nits
 2022-01-10 10:37:43 +01:00
Prometheus Operator Bot
69c2281866 [bot] [main] Automated version update 2022-01-10 07:42:01 +00:00
Paweł Krupa
b2a250f39b Merge pull request #1472 from paulfantom/prom-agent 2022-01-07 11:49:46 +01:00
Arunprasad Rajkumar
b7a135a101 Fix thanos sidecar selector 
Previous PR[1] which deprecated `thanosSelector` accidentally broke the
usage of it. This commit restores the old behaviour along with newly
introduced `thanos` config variable.

[1] https://github.com/prometheus-operator/kube-prometheus/pull/1543

Co-authored-by: Pawe? Krupa <pawel@krupa.net.pl>
Signed-off-by: Arunprasad Rajkumar <arajkuma@redhat.com>
 2022-01-05 16:23:24 +05:30
Paweł Krupa
529739d5ef Merge pull request #1572 from ArthurSens/as/projected-psp 2022-01-04 13:37:13 +01:00
ArthurSens
f4a5ff3e3b addon/podsecuritypolicies: Add projected volumes permission 
Signed-off-by: ArthurSens <arthursens2005@gmail.com>
 2022-01-04 12:24:05 +00:00
Paweł Krupa
d3e6d4601e Merge pull request #1458 from paulfantom/grafana-mixin 2022-01-04 12:45:23 +01:00
Francesco Ciocchetti
f7738d7434 Set namespace to null for clusterwide resources and generate manifests 2022-01-04 10:03:14 +01:00
Paweł Krupa (paulfantom)
8c8a9662b1 docs: regenerate 2022-01-04 09:44:24 +01:00
Paweł Krupa (paulfantom)
f01d3e6c87 examples: prometheus version no longer needed for agent snippet 2022-01-04 09:43:55 +01:00
Paweł Krupa (paulfantom)
a8485f599b *: regenerate 2022-01-04 09:14:47 +01:00
paulfantom
ec40014ac3 jsonnet: add grafana-mixin 
Signed-off-by: paulfantom <pawel@krupa.net.pl>
Signed-off-by: Paweł Krupa (paulfantom) <pawel@krupa.net.pl>
 2022-01-04 09:14:43 +01:00
Paweł Krupa
9d4ba547b8 Merge pull request #1571 from paulfantom/jsonnet-0.18 2022-01-03 13:34:13 +01:00
Paweł Krupa
afd216df43 Merge pull request #1569 from inductor/fix_kubeadm_integration 2022-01-03 13:04:53 +01:00
Paweł Krupa (paulfantom)
5a844df97e scripts: bump jsonnet to 0.18 2022-01-03 12:19:20 +01:00
Paweł Krupa
7f634d7e38 Merge pull request #1570 from prometheus-operator/automated-updates-main 2022-01-03 10:33:28 +01:00
Prometheus Operator Bot
0298cc1d61 [bot] [main] Automated version update 2022-01-03 07:41:37 +00:00
inductor
e884935646 add period at the end of the sentence 2021-12-31 00:02:17 +09:00
inductor
20e2c58eb6 fix https://github.com/prometheus-operator/kube-prometheus/issues/1194 2021-12-30 23:53:23 +09:00
Philip Gough
136b818c9a Merge pull request #1560 from prometheus-operator/automated-updates-main 
[bot] [main] Automated version update
 2021-12-20 14:20:21 +00:00
Prometheus Operator Bot
8aca1fb1cb [bot] [main] Automated version update 2021-12-20 14:15:02 +00:00