From 71839032014c802575e919d602578e0f640f534f Mon Sep 17 00:00:00 2001 From: Thomas Runyon Date: Wed, 20 Jan 2021 09:32:57 -0500 Subject: [PATCH 1/3] feat: added podmonitor to collect metrics on gatekeeper when monitoring is deployed --- chart/Chart.yaml | 2 +- chart/templates/monitoring/podmonitor.yaml | 20 ++++++++++++++++++++ chart/values.yaml | 6 +++++- 3 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 chart/templates/monitoring/podmonitor.yaml diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 7d159a7..543fac5 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -3,7 +3,7 @@ description: A Helm chart for Gatekeeper name: gatekeeper keywords: - open policy agent -version: 3.1.2-bb.2 +version: 3.1.2-bb.3 home: https://github.com/open-policy-agent/gatekeeper sources: - https://github.com/open-policy-agent/gatekeeper.git diff --git a/chart/templates/monitoring/podmonitor.yaml b/chart/templates/monitoring/podmonitor.yaml new file mode 100644 index 0000000..505cc99 --- /dev/null +++ b/chart/templates/monitoring/podmonitor.yaml @@ -0,0 +1,20 @@ +{{- if .Values.monitoring.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: gatekeeper + namespace: gatekeeper-system + labels: + monitoring: gatekeeper + release: gatekeeper-system-gatekeeper +spec: + selector: + matchLabels: + app: gatekeeper + namespaceSelector: + matchNames: + - gatekeeper-system + podMetricsEndpoints: + - port: metrics + interval: 10s +{{- end }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index 5e8f59e..514ba89 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,3 +1,7 @@ +monitoring: + enabled: false + + replicas: 3 auditInterval: 60 constraintViolationsLimit: 20 @@ -22,7 +26,7 @@ resources: memory: 512Mi requests: cpu: 100m - memory: 256Mi + memory: 512Mi customResourceDefinitions: create: true -- GitLab From 296f206a37c9dbbbbd3f4cb73b1e26f34d7fd449 Mon Sep 17 00:00:00 2001 From: Thomas Runyon Date: Wed, 20 Jan 2021 09:34:57 -0500 Subject: [PATCH 2/3] chore: fix template reference --- .gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 36d706e..e871a67 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,5 @@ include: - project: 'platform-one/big-bang/pipeline-templates/pipeline-templates' - ref: ib-check file: '/templates/package-tests.yml' variables: PROJECT_NAME: gatekeeper-system -- GitLab From 913a5f93fed25ecae4f24ef9cfd5d958f18beff5 Mon Sep 17 00:00:00 2001 From: "garcia.ryan" Date: Tue, 26 Jan 2021 11:28:33 -0700 Subject: [PATCH 3/3] fix: Templating out podmonitor namespace var --- chart/templates/monitoring/podmonitor.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/chart/templates/monitoring/podmonitor.yaml b/chart/templates/monitoring/podmonitor.yaml index 505cc99..4b3c2e2 100644 --- a/chart/templates/monitoring/podmonitor.yaml +++ b/chart/templates/monitoring/podmonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: PodMonitor metadata: name: gatekeeper - namespace: gatekeeper-system + namespace: {{ .Release.Namespace }} labels: monitoring: gatekeeper release: gatekeeper-system-gatekeeper @@ -13,8 +13,8 @@ spec: app: gatekeeper namespaceSelector: matchNames: - - gatekeeper-system + - {{ .Release.Namespace }} podMetricsEndpoints: - port: metrics interval: 10s -{{- end }} \ No newline at end of file +{{- end }} -- GitLab