Bump Chart version

apps/user-demo.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: <user>-demo
+  namespace: argocd
+spec:
+  destination:
+    namespace: <user>
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    repoURL: 'https://gitea.training.cluster.acend.ch/<user>/prometheus-training-lab-setup'
+    path: charts/user-monitoring-demo/
+    targetRevision: main
+    helm:
+      values: |
+        user: <user>
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - Replace=true

apps/user-prom-stack.yaml

@@ -0,0 +1,42 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: <user>-prom-stack
+  namespace: argocd
+spec:
+  destination:
+    namespace: <user>-monitoring
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    repoURL: 'https://gitea.training.cluster.acend.ch/<user>/prometheus-training-lab-setup'
+    path: charts/user-monitoring/
+    targetRevision: main
+    helm:
+      values: |
+        user: <user>
+        # alertmanager
+        alertmanager:
+          enabled: false
+        # grafana
+        grafana:
+          enabled: false
+        # prometheus
+        prometheus:
+          enabled: false
+        # pushgateway
+        pushgateway:
+          enabled: false
+        # thanos-ruler
+        ruler:
+          enabled: false
+        # thanos-query
+        query:
+          enabled: false
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - Replace=true

charts/user-monitoring-demo/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 0.1.1
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/user-monitoring-demo/demo-role.yaml

@@ -1,20 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: prometheus-{{ .Values.user }}
-rules:
-- apiGroups: [""]
-  resources:
-  - services
-  - endpoints
-  - pods
-  verbs: ["get", "list", "watch"]
-- apiGroups: [""]
-  resources:
-  - configmaps
-  verbs: ["get"]
-- apiGroups:
-  - networking.k8s.io
-  resources:
-  - ingresses
-  verbs: ["get", "list", "watch"]

charts/user-monitoring-demo/values.yaml

@@ -1 +1 @@
-user: user1
+user: userX # Replace me

charts/user-monitoring/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.4
+version: 0.2.5
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/user-monitoring/templates/_user-am.yaml

@@ -1,3 +1,5 @@
+{{- define "alertmanager.alertmanager" }}
+---
 apiVersion: monitoring.coreos.com/v1
 kind: Alertmanager
 metadata:
@@ -5,3 +7,4 @@ metadata:
     app.kubernetes.io/name: {{ .Values.user }}-am
   name: {{ .Values.user }}-am
 spec: {}
+{{- end }}

charts/user-monitoring/templates/_user-blackboxexporter-cm.yaml

@@ -1,3 +1,5 @@
+{{- define  "blackboxexporter.cm" }}
+---
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -34,3 +36,4 @@ data:
           valid_status_codes: [400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 416, 417, 421, 422, 423, 424, 425, 426, 428, 429, 431, 451, 418, 420, 444, 449, 499]
       tcp_connect:
         prober: tcp
+{{- end }}

charts/user-monitoring/templates/_user-blackboxexporter-deploy.yaml

@@ -1,3 +1,5 @@
+{{- define  "blackboxexporter.deploy" }}
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -38,3 +40,4 @@ spec:
           configMap:
             defaultMode: 420
             name: blackbox-exporter-config
+{{- end }}

charts/user-monitoring/templates/_user-grafana-cm.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.dashboardprovider" }}
+---
 kind: ConfigMap
 apiVersion: v1
 metadata:
@@ -15,3 +17,4 @@ data:
         path: /var/lib/grafana/dashboards/general
       orgId: 1
       type: file
+{{- end }}

charts/user-monitoring/templates/_user-grafana-datasource-secret.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.datasource" }}
+---
 apiVersion: v1
 kind: Secret
 type: Opaque
@@ -16,3 +18,7 @@ stringData:
         type: prometheus
         url: http://thanos-query.{{ .Values.user }}-monitoring.svc.cluster.local:10902
         version: 1
+      {{- if .Values.grafana.datasources }}
+      {{- toYaml .Values.grafana.datasources | nindent 6 }} 
+      {{- end }}
+{{- end }}

charts/user-monitoring/templates/_user-grafana-deploy.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.deploy" }}
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -111,3 +113,4 @@ spec:
           name: dashboard-volume
         - emptyDir: {}
           name: datasource-volume
+{{- end }}

charts/user-monitoring/templates/_user-grafana-ingress.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.ingress" }}
+---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -23,3 +25,4 @@ spec:
   - hosts:
     - {{ .Values.user }}-grafana.training.cluster.acend.ch
     secretName: acend-wildcard
+{{- end }}

charts/user-monitoring/templates/_user-grafana-rolebinding.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.rolebinding" }}
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@@ -11,3 +13,4 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: grafana
+{{- end }}

charts/user-monitoring/templates/_user-grafana-sa.yaml

@@ -1,6 +1,9 @@
+{{- define "grafana.sa" }}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
     app.kubernetes.io/name: grafana
   name: grafana
+{{- end }}

charts/user-monitoring/templates/_user-grafana-svc.yaml

@@ -1,3 +1,5 @@
+{{- define "grafana.svc" }}
+---
 apiVersion: v1
 kind: Service
 metadata:
@@ -13,3 +15,4 @@ spec:
   selector:
     app.kubernetes.io/name: grafana
   type: ClusterIP
+{{- end }}

charts/user-monitoring/templates/_user-prom-ingress.yaml

@@ -1,3 +1,5 @@
+{{- define "prometheus.ingress" }}
+---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -25,3 +27,4 @@ spec:
   - hosts:
     - {{ .Values.user }}-prometheus.training.cluster.acend.ch
     secretName: acend-wildcard
+{{- end }}

charts/user-monitoring/templates/_user-prom-role.yaml

@@ -1,3 +1,5 @@
+{{- define "prometheus.role" }}
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -20,3 +22,4 @@ rules:
   resources:
   - ingresses
   verbs: ["get", "list", "watch"]
+{{- end }}

charts/user-monitoring/templates/_user-prom-rolebinding.yaml

@@ -1,3 +1,5 @@
+{{- define "prometheus.rolebinding" }}
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
@@ -11,3 +13,4 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: prometheus-{{ .Values.user }}
+{{- end }}

charts/user-monitoring/templates/_user-prom-sa.yaml

@@ -1,7 +1,9 @@
+{{- define "prometheus.sa" }}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
     app.kubernetes.io/name: prometheus-{{ .Values.user }}
   name: prometheus-{{ .Values.user }}
-
+{{- end }}

charts/user-monitoring/templates/_user-prometheus.yaml

@@ -1,3 +1,5 @@
+{{- define "prometheus.prometheus" }}
+---
 apiVersion: monitoring.coreos.com/v1
 kind: Prometheus
 metadata:
@@ -25,3 +27,4 @@ spec:
   enableAdminAPI: true
   externalLabels:
     monitoring: {{ .Values.user }}
+{{- end }}

charts/user-monitoring/templates/_user-pushgateway-deploy.yaml

@@ -1,3 +1,5 @@
+{{- define "pushgateway.deploy" }}
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -28,3 +30,4 @@ spec:
             httpGet:
               path: /-/ready
               port: web
+{{- end }}

charts/user-monitoring/templates/_user-pushgateway-servicemonitor.yaml

@@ -1,3 +1,5 @@
+{{- define "pushgateway.servicemonitor" }}
+---
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
@@ -7,9 +9,10 @@ metadata:
 spec:
   endpoints:
     - interval: 30s
-      port: web
+      port: http
       honorLabels: true
   namespaceSelector: {}
   selector:
     matchLabels:
       app.kubernetes.io/name: pushgateway
+{{- end }}

charts/user-monitoring/templates/_user-pushgateway-svc.yaml

@@ -1,3 +1,5 @@
+{{- define "pushgateway.svc" }}
+---
 apiVersion: v1
 kind: Service
 metadata:
@@ -13,3 +15,4 @@ spec:
   selector:
     app.kubernetes.io/name: pushgateway
   type: ClusterIP
+{{- end }}

charts/user-monitoring/templates/_user-thanos-query-deploy.yaml

@@ -1,3 +1,5 @@
+{{- define "query.deploy" }}
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -32,3 +34,4 @@ spec:
           name: http
         - containerPort: 10901
           name: grpc
+{{- end }}

charts/user-monitoring/templates/_user-thanos-query-ingress.yaml

@@ -1,3 +1,5 @@
+{{- define "query.ingress" }}
+---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -25,3 +27,4 @@ spec:
   - hosts:
     - {{ .Values.user }}-thanos-query.training.cluster.acend.ch
     secretName: acend-wildcard
+{{- end }}

charts/user-monitoring/templates/_user-thanos-query-svc.yaml

@@ -1,3 +1,5 @@
+{{- define "query.svc" }}
+---
 apiVersion: v1
 kind: Service
 metadata:
@@ -13,3 +15,4 @@ spec:
   selector:
     app.kubernetes.io/name: thanos-query
   type: ClusterIP
+{{- end }}

charts/user-monitoring/templates/_user-thanosruler-ingress.yaml

@@ -1,3 +1,5 @@
+{{- define "ruler.ingress" }}
+---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -5,11 +7,11 @@ metadata:
     haproxy.org/auth-secret: basic-auth
     haproxy.org/auth-type: basic-auth
     haproxy.org/auth-realm: Authentication Required
-  name: user1-thanos-ruler
+  name: {{ .Values.user }}-thanos-ruler
 spec:
   ingressClassName: haproxy
   rules:
-  - host: user1-thanos-ruler.training.cluster.acend.ch
+  - host: {{ .Values.user }}-thanos-ruler.training.cluster.acend.ch
     http:
       paths:
       - backend:
@@ -21,5 +23,6 @@ spec:
         pathType: ImplementationSpecific
   tls:
   - hosts:
-    - user1-thanos-ruler.training.cluster.acend.ch
+    - {{ .Values.user }}-thanos-ruler.training.cluster.acend.ch
     secretName: acend-wildcard
+{{- end }}

charts/user-monitoring/templates/_user-thanosruler.yaml

@@ -1,3 +1,5 @@
+{{- define "ruler.ruler" }}
+---
 apiVersion: monitoring.coreos.com/v1
 kind: ThanosRuler
 metadata:
@@ -13,3 +15,4 @@ spec:
   ruleNamespaceSelector:
     matchLabels:
       user: {{ .Values.user }}
+{{- end }}

charts/user-monitoring/templates/monitoring.yaml

@@ -0,0 +1,44 @@
+# alertmanager
+
+{{- if .Values.alertmanager.enabled }}
+  {{- template "alertmanager.alertmanager" . }}
+{{- end }}
+
+# grafana
+{{- if .Values.grafana.enabled }}
+  {{- template "grafana.datasource" . }}
+  {{- template "grafana.dashboardprovider" . }}
+  {{- template "grafana.rolebinding" . }}
+  {{- template "grafana.svc" . }}
+  {{- template "grafana.sa" . }}
+  {{- template "grafana.deploy" . }}
+  {{- template "grafana.ingress" . }}
+{{- end }}
+
+# prometheus
+{{- if .Values.prometheus.enabled }}
+  {{- template "prometheus.ingress" . }}
+  {{- template "prometheus.prometheus" . }}
+  {{- template "prometheus.role" . }}
+  {{- template "prometheus.rolebinding" . }}
+  {{- template "prometheus.sa" . }}
+{{- end }}
+
+{{- if .Values.pushgateway.enabled }}
+  {{- template "pushgateway.deploy" . }}
+  {{- template "pushgateway.servicemonitor" . }}
+  {{- template "pushgateway.svc" . }}
+{{- end }}
+
+# thanos-ruler
+{{- if .Values.ruler.enabled }}
+  {{- template "ruler.ruler" . }}
+  {{- template "ruler.ingress" . }}
+{{- end }}
+
+# thanos-query
+{{- if .Values.query.enabled }}
+  {{- template "query.deploy" . }}
+  {{- template "query.ingress" . }}
+  {{- template "query.svc" . }}
+{{- end }}

charts/user-monitoring/templates/user-basic-auth-secret.yaml

@@ -2,6 +2,7 @@ apiVersion: v1
 data:
   admin: JDEkSzNRZUlsOHAkZVZZb1h2RERNWk40b3RJT2tBc3AwLw== # $(openssl passwd -1 admin)
   {{ .Values.user }}: JDEkSzNRZUlsOHAkZVZZb1h2RERNWk40b3RJT2tBc3AwLw== # $(openssl passwd -1 admin)
+  grafana_user: {{ .Values.user }}
 kind: Secret
 metadata:
   labels:

charts/user-monitoring/values.yaml

@@ -1 +1,31 @@
-user: user1
+user: userX # Replace me
+
+# alertmanager
+alertmanager:
+  enabled: false
+
+# grafana
+grafana:
+  datasources:
+  - name: prometheus
+    access: proxy
+    editable: false
+    type: prometheus
+    url: http://prometheus-operated.user4-monitoring.svc.cluster.local:9090
+  enabled: true
+
+# prometheus
+prometheus:
+  enabled: false
+
+# pushgateway
+pushgateway:
+  enabled: false
+
+# thanos-ruler
+ruler:
+  enabled: false
+
+# thanos-query
+query:
+  enabled: false

user-umbrella.yaml

@@ -0,0 +1,21 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: <user>-umbrella
+  namespace: argocd
+spec:
+  destination:
+    namespace: argocd
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    repoURL: 'https://gitea.training.cluster.acend.ch/<user>/prometheus-training-lab-setup'
+    path: apps/
+    targetRevision: main
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - Replace=true