diff --git a/chart/templates/monitoring/values.yaml b/chart/templates/monitoring/values.yaml
index 390ba4a575e166667ddb2938c78b76d20eb9a411..96960687d6851fc5364627de51b0725e3889a8eb 100644
--- a/chart/templates/monitoring/values.yaml
+++ b/chart/templates/monitoring/values.yaml
@@ -1,5 +1,5 @@
{{- if .Values.monitoring.enabled }}
-{{- include "values-secret" (dict "root" $ "package" .Values.monitoring "name" "monitoring" "defaults" (include "bigbang.defaults.monitoring" .)) }}
+{{- include "values-secret" (dict "root" $ "package" (dict "values" (fromYaml (include "bigbang.overlays.monitoring" .))) "name" "monitoring" "defaults" (include "bigbang.defaults.monitoring" .)) }}
{{- end }}
{{- define "bigbang.defaults.monitoring" -}}
@@ -122,6 +122,24 @@ prometheus:
{{- end }}
{{- end }}
{{- end }}
+ {{- if .Values.addons.vault.enabled }}
+ additionalScrapeConfigs:
+ - job_name: vault
+ metrics_path: /v1/sys/metrics
+ params:
+ format: ['prometheus']
+ scheme: https
+ authorization:
+ credentials_file: /vault/secrets/token
+ {{- $vaultHosts := (dig "istio" "vault" "hosts" dict .Values.addons.vault.values) }}
+ {{- if $vaultHosts }}
+ static_configs:
+ - targets: [{{ tpl ($vaultHosts | first) $ }}]
+ {{- else }}
+ static_configs:
+ - targets: [vault.{{ .Values.domain }}]
+ {{- end }}
+ {{- end }}
{{- if $istioInjection }}
# Add volume/mount for Istio certs for mTLS scraping
volumes:
@@ -379,3 +397,27 @@ prometheusOperator:
{{ include "istioAnnotation" . }}
{{- end }}
{{- end }}
+
+{{- /* This function merges defaults in lists from above into overlays */ -}}
+{{- /* The end user will not have to replicate additionalScrapeConfigs from above when providing an overlay */ -}}
+{{- /* There is a hidden flag `skipOverlayMerge` that can be added to any additionalScrapeConfigs to ignore the defaults */ -}}
+{{- define "bigbang.overlays.monitoring" }}
+
+ {{- $defaults := fromYaml (include "bigbang.defaults.monitoring" .) }}
+
+ {{- $overlays := dig "values" dict .Values.monitoring }}
+ {{- range $prometheusConfig, $default := $defaults.prometheus }}
+ {{- $overlay := (dig "prometheus" $prometheusConfig dict $overlays) }}
+ # Only continue if an overlay matches a default constriant and hidden "skipOverlayMerge" is not set
+ {{- if and $overlay (not $overlay.skipOverlayMerge) }}
+
+ # Add any default additionalScrapeConfigs to overlay
+ {{- if and (dig "additionalScrapeConfigs" list $default) (dig "additionalScrapeConfigs" list $overlay) }}
+ {{ $_ := set $overlay "additionalScrapeConfigs" (concat $default.additionalScrapeConfigs $overlay.additionalScrapeConfigs) }}
+ {{- end }}
+
+
+ {{- end }}
+ {{- end }}
+{{ toYaml $overlays }}
+{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 0b9d5ffeebcaf38717c3b83b3df99f051109f289..8861b37b326fafb756866e7f31b6ee625c26ccba 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -614,7 +614,7 @@ monitoring:
git:
repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git
path: "./chart"
- tag: "40.0.0-bb.0"
+ tag: "40.0.0-bb.1"
# -- Flux reconciliation overrides specifically for the Monitoring Package
flux: