diff --git a/apis/installer/v1alpha1/aws_credential_manager_types.go b/apis/installer/v1alpha1/aws_credential_manager_types.go
index 8ebb7327..bbd2aae4 100644
--- a/apis/installer/v1alpha1/aws_credential_manager_types.go
+++ b/apis/installer/v1alpha1/aws_credential_manager_types.go
@@ -77,13 +77,14 @@ type AwsCredentialManagerSpec struct {
// +optional
LivenessProbe *core.Probe `json:"livenessProbe"`
// +optional
- ReadinessProbe *core.Probe `json:"readinessProbe"`
- Service ServiceSpec `json:"service"`
- ServiceAccount ServiceAccountSpec `json:"serviceAccount"`
- Volumes []core.Volume `json:"volumes"`
- VolumeMounts []core.VolumeMount `json:"volumeMounts"`
+ ReadinessProbe *core.Probe `json:"readinessProbe"`
+ Service ServiceSpec `json:"service"`
+ ServiceAccount StaticServiceAccountSpec `json:"serviceAccount"`
+ Volumes []core.Volume `json:"volumes"`
+ VolumeMounts []core.VolumeMount `json:"volumeMounts"`
// +optional
- Distro shared.DistroSpec `json:"distro"`
+ Distro shared.DistroSpec `json:"distro"`
+ Monitoring Monitoring `json:"monitoring"`
// +optional
Apiserver AwsCredentialManagerApiserver `json:"apiserver"`
// +optional
diff --git a/apis/installer/v1alpha1/gcp_credential_manager_types.go b/apis/installer/v1alpha1/gcp_credential_manager_types.go
index 60c95a14..797884a5 100644
--- a/apis/installer/v1alpha1/gcp_credential_manager_types.go
+++ b/apis/installer/v1alpha1/gcp_credential_manager_types.go
@@ -77,13 +77,14 @@ type GcpCredentialManagerSpec struct {
// +optional
LivenessProbe *core.Probe `json:"livenessProbe"`
// +optional
- ReadinessProbe *core.Probe `json:"readinessProbe"`
- Service ServiceSpec `json:"service"`
- ServiceAccount ServiceAccountSpec `json:"serviceAccount"`
- Volumes []core.Volume `json:"volumes"`
- VolumeMounts []core.VolumeMount `json:"volumeMounts"`
+ ReadinessProbe *core.Probe `json:"readinessProbe"`
+ Service ServiceSpec `json:"service"`
+ ServiceAccount StaticServiceAccountSpec `json:"serviceAccount"`
+ Volumes []core.Volume `json:"volumes"`
+ VolumeMounts []core.VolumeMount `json:"volumeMounts"`
// +optional
- Distro shared.DistroSpec `json:"distro"`
+ Distro shared.DistroSpec `json:"distro"`
+ Monitoring Monitoring `json:"monitoring"`
// +optional
Apiserver GcpCredentialManagerApiserver `json:"apiserver"`
// +optional
diff --git a/apis/installer/v1alpha1/types.go b/apis/installer/v1alpha1/types.go
index bb43b3e2..5f89768f 100644
--- a/apis/installer/v1alpha1/types.go
+++ b/apis/installer/v1alpha1/types.go
@@ -42,6 +42,12 @@ type ServiceAccountSpec struct {
Annotations map[string]string `json:"annotations"`
}
+type StaticServiceAccountSpec struct {
+ Create bool `json:"create"`
+ //+optional
+ Annotations map[string]string `json:"annotations"`
+}
+
// +kubebuilder:validation:Enum=prometheus.io;prometheus.io/operator;prometheus.io/builtin
type MonitoringAgent string
diff --git a/apis/installer/v1alpha1/zz_generated.deepcopy.go b/apis/installer/v1alpha1/zz_generated.deepcopy.go
index 81f87f99..2c355112 100644
--- a/apis/installer/v1alpha1/zz_generated.deepcopy.go
+++ b/apis/installer/v1alpha1/zz_generated.deepcopy.go
@@ -180,6 +180,7 @@ func (in *AwsCredentialManagerSpec) DeepCopyInto(out *AwsCredentialManagerSpec)
}
}
out.Distro = in.Distro
+ in.Monitoring.DeepCopyInto(&out.Monitoring)
out.Apiserver = in.Apiserver
out.BucketAccessor = in.BucketAccessor
}
@@ -773,6 +774,7 @@ func (in *GcpCredentialManagerSpec) DeepCopyInto(out *GcpCredentialManagerSpec)
}
}
out.Distro = in.Distro
+ in.Monitoring.DeepCopyInto(&out.Monitoring)
out.Apiserver = in.Apiserver
out.BucketAccessor = in.BucketAccessor
}
@@ -941,3 +943,25 @@ func (in *ServingCerts) DeepCopy() *ServingCerts {
in.DeepCopyInto(out)
return out
}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *StaticServiceAccountSpec) DeepCopyInto(out *StaticServiceAccountSpec) {
+ *out = *in
+ if in.Annotations != nil {
+ in, out := &in.Annotations, &out.Annotations
+ *out = make(map[string]string, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticServiceAccountSpec.
+func (in *StaticServiceAccountSpec) DeepCopy() *StaticServiceAccountSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(StaticServiceAccountSpec)
+ in.DeepCopyInto(out)
+ return out
+}
diff --git a/charts/aws-credential-manager/README.md b/charts/aws-credential-manager/README.md
index f766a017..766caeb1 100644
--- a/charts/aws-credential-manager/README.md
+++ b/charts/aws-credential-manager/README.md
@@ -58,7 +58,6 @@ The following table lists the configurable parameters of the `aws-credential-man
| fullnameOverride | | "" |
| serviceAccount.create | Specifies whether a service account should be created | true |
| serviceAccount.annotations | Annotations to add to the service account | {} |
-| serviceAccount.name | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | "" |
| podAnnotations | | {} |
| podLabels | | {} |
| podSecurityContext | | {} |
@@ -97,6 +96,8 @@ The following table lists the configurable parameters of the `aws-credential-man
| apiserver.servingCerts.caCrt | CA certficate used by serving certificate of webhook server. | "" |
| apiserver.servingCerts.serverCrt | Serving certficate used by webhook server. | "" |
| apiserver.servingCerts.serverKey | Private key for the serving certificate used by webhook server. | "" |
+| monitoring.agent | Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin") | "" |
+| monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is `prometheus.io/operator`. | {} |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example:
diff --git a/charts/aws-credential-manager/templates/_helpers.tpl b/charts/aws-credential-manager/templates/_helpers.tpl
index 18034fa0..1ef127c9 100644
--- a/charts/aws-credential-manager/templates/_helpers.tpl
+++ b/charts/aws-credential-manager/templates/_helpers.tpl
@@ -54,11 +54,7 @@ app.kubernetes.io/instance: {{ .Release.Name }}
Create the name of the service account to use
*/}}
{{- define "aws-credential-manager.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "aws-credential-manager.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
+aws-credential-manager
{{- end }}
{{/*
diff --git a/charts/aws-credential-manager/templates/metrics-token-secret.yaml b/charts/aws-credential-manager/templates/metrics-token-secret.yaml
new file mode 100644
index 00000000..24364413
--- /dev/null
+++ b/charts/aws-credential-manager/templates/metrics-token-secret.yaml
@@ -0,0 +1,12 @@
+{{- if eq .Values.monitoring.agent "prometheus.io/operator" }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "aws-credential-manager.fullname" . }}-metrics-token
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "aws-credential-manager.labels" . | nindent 4 }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "aws-credential-manager.serviceAccountName" . }}
+type: kubernetes.io/service-account-token
+{{- end }}
diff --git a/charts/aws-credential-manager/templates/serviceaccount.yaml b/charts/aws-credential-manager/templates/serviceaccount.yaml
index e0c38b25..d1da1db9 100644
--- a/charts/aws-credential-manager/templates/serviceaccount.yaml
+++ b/charts/aws-credential-manager/templates/serviceaccount.yaml
@@ -2,7 +2,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
- name: aws-credential-manager
+ name: {{ include "aws-credential-manager.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "aws-credential-manager.labels" . | nindent 4 }}
diff --git a/charts/aws-credential-manager/templates/servicemonitor.yaml b/charts/aws-credential-manager/templates/servicemonitor.yaml
new file mode 100644
index 00000000..fb63b90c
--- /dev/null
+++ b/charts/aws-credential-manager/templates/servicemonitor.yaml
@@ -0,0 +1,37 @@
+{{- if eq .Values.monitoring.agent "prometheus.io/operator" }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ include "aws-credential-manager.fullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- if .Values.monitoring.serviceMonitor.labels }}
+ {{- range $key, $val := .Values.monitoring.serviceMonitor.labels }}
+ {{ $key }}: {{ $val }}
+ {{- end }}
+ {{- else }}
+ {{- include "aws-credential-manager.selectorLabels" . | nindent 4 }}
+ {{- end }}
+spec:
+ namespaceSelector:
+ matchNames:
+ - {{ .Release.Namespace }}
+ selector:
+ matchLabels:
+ {{- include "aws-credential-manager.selectorLabels" . | nindent 6 }}
+ endpoints:
+ - targetPort: 9443
+ authorization:
+ credentials:
+ key: token
+ name: {{ include "aws-credential-manager.fullname" . }}-metrics-token
+ type: Bearer
+ path: /metrics
+ scheme: https
+ tlsConfig:
+ ca:
+ secret:
+ name: {{ include "aws-credential-manager.fullname" . }}-apiserver-cert
+ key: ca.crt
+ serverName: "{{ include "aws-credential-manager.webhookServiceName" . }}.{{ .Release.Namespace }}.svc"
+{{- end }}
diff --git a/charts/aws-credential-manager/values.openapiv3_schema.yaml b/charts/aws-credential-manager/values.openapiv3_schema.yaml
index 3125a200..56d440a2 100644
--- a/charts/aws-credential-manager/values.openapiv3_schema.yaml
+++ b/charts/aws-credential-manager/values.openapiv3_schema.yaml
@@ -610,6 +610,25 @@ properties:
format: int32
type: integer
type: object
+ monitoring:
+ properties:
+ agent:
+ enum:
+ - prometheus.io
+ - prometheus.io/operator
+ - prometheus.io/builtin
+ type: string
+ serviceMonitor:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ required:
+ - agent
+ - serviceMonitor
+ type: object
nameOverride:
type: string
nodeSelector:
@@ -912,8 +931,6 @@ properties:
type: object
create:
type: boolean
- name:
- type: string
required:
- create
type: object
@@ -1774,6 +1791,7 @@ properties:
type: array
required:
- image
+- monitoring
- replicaCount
- service
- serviceAccount
diff --git a/charts/aws-credential-manager/values.yaml b/charts/aws-credential-manager/values.yaml
index 1313bce2..55c09cb9 100644
--- a/charts/aws-credential-manager/values.yaml
+++ b/charts/aws-credential-manager/values.yaml
@@ -21,9 +21,6 @@ serviceAccount:
create: true
# Annotations to add to the service account
annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
podAnnotations: {}
podLabels: {}
podSecurityContext: {}
@@ -126,3 +123,12 @@ apiserver:
serverCrt: ""
# Private key for the serving certificate used by webhook server.
serverKey: ""
+
+monitoring:
+ # Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin")
+ agent: ""
+ serviceMonitor:
+ # Specify the labels for ServiceMonitor.
+ # Prometheus crd will select ServiceMonitor using these labels.
+ # Only usable when monitoring agent is `prometheus.io/operator`.
+ labels: {}
diff --git a/charts/capa-vpc-peering-operator/templates/metrics-token-secret.yaml b/charts/capa-vpc-peering-operator/templates/metrics-token-secret.yaml
new file mode 100644
index 00000000..3b5e8652
--- /dev/null
+++ b/charts/capa-vpc-peering-operator/templates/metrics-token-secret.yaml
@@ -0,0 +1,12 @@
+{{- if eq "prometheus.io/operator" ( include "monitoring.agent" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "capa-vpc-peering-operator.fullname" . }}-metrics-token
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "capa-vpc-peering-operator.labels" . | nindent 4 }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "capa-vpc-peering-operator.serviceAccountName" . }}
+type: kubernetes.io/service-account-token
+{{- end }}
diff --git a/charts/capa-vpc-peering-operator/templates/servicemonitor.yaml b/charts/capa-vpc-peering-operator/templates/servicemonitor.yaml
index ed2ad6b1..a8dc6653 100644
--- a/charts/capa-vpc-peering-operator/templates/servicemonitor.yaml
+++ b/charts/capa-vpc-peering-operator/templates/servicemonitor.yaml
@@ -19,7 +19,11 @@ spec:
{{- include "capa-vpc-peering-operator.selectorLabels" . | nindent 6 }}
endpoints:
- port: api
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+ authorization:
+ credentials:
+ key: token
+ name: {{ include "capa-vpc-peering-operator.fullname" . }}-metrics-token
+ type: Bearer
scheme: https
tlsConfig:
ca:
diff --git a/charts/capi-ops-manager/templates/webhook/monitoring/metrics-token-secret.yaml b/charts/capi-ops-manager/templates/webhook/monitoring/metrics-token-secret.yaml
new file mode 100644
index 00000000..778d394f
--- /dev/null
+++ b/charts/capi-ops-manager/templates/webhook/monitoring/metrics-token-secret.yaml
@@ -0,0 +1,12 @@
+{{- if and (eq .Values.monitoring.agent "prometheus.io/operator") .Values.monitoring.operator }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "capi-ops-manager.fullname" . }}-metrics-token
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "capi-ops-manager.labels" . | nindent 4 }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "capi-ops-manager.serviceAccountName" . }}
+type: kubernetes.io/service-account-token
+{{- end }}
diff --git a/charts/capi-ops-manager/templates/webhook/monitoring/servicemonitor.yaml b/charts/capi-ops-manager/templates/webhook/monitoring/servicemonitor.yaml
index b322fa36..3fcc1b22 100644
--- a/charts/capi-ops-manager/templates/webhook/monitoring/servicemonitor.yaml
+++ b/charts/capi-ops-manager/templates/webhook/monitoring/servicemonitor.yaml
@@ -22,7 +22,11 @@ spec:
endpoints:
{{- if .Values.monitoring.operator }}
- port: https
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+ authorization:
+ credentials:
+ key: token
+ name: {{ include "capi-ops-manager.fullname" . }}-metrics-token
+ type: Bearer
path: /metrics
scheme: https
tlsConfig:
diff --git a/charts/docker-machine-operator/templates/metrics-token-secret.yaml b/charts/docker-machine-operator/templates/metrics-token-secret.yaml
new file mode 100644
index 00000000..f81a0855
--- /dev/null
+++ b/charts/docker-machine-operator/templates/metrics-token-secret.yaml
@@ -0,0 +1,12 @@
+{{- if eq "prometheus.io/operator" ( include "monitoring.agent" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "docker-machine-operator.fullname" . }}-metrics-token
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "docker-machine-operator.labels" . | nindent 4 }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "docker-machine-operator.serviceAccountName" . }}
+type: kubernetes.io/service-account-token
+{{- end }}
diff --git a/charts/docker-machine-operator/templates/servicemonitor.yaml b/charts/docker-machine-operator/templates/servicemonitor.yaml
index e7849318..6cb75518 100644
--- a/charts/docker-machine-operator/templates/servicemonitor.yaml
+++ b/charts/docker-machine-operator/templates/servicemonitor.yaml
@@ -19,7 +19,11 @@ spec:
{{- include "docker-machine-operator.selectorLabels" . | nindent 6 }}
endpoints:
- port: api
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+ authorization:
+ credentials:
+ key: token
+ name: {{ include "docker-machine-operator.fullname" . }}-metrics-token
+ type: Bearer
scheme: https
tlsConfig:
ca:
diff --git a/charts/gcp-credential-manager/README.md b/charts/gcp-credential-manager/README.md
index 513b2876..1af75bed 100644
--- a/charts/gcp-credential-manager/README.md
+++ b/charts/gcp-credential-manager/README.md
@@ -58,7 +58,6 @@ The following table lists the configurable parameters of the `gcp-credential-man
| fullnameOverride | | "" |
| serviceAccount.create | Specifies whether a service account should be created | true |
| serviceAccount.annotations | Annotations to add to the service account | {} |
-| serviceAccount.name | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | "" |
| podAnnotations | | {} |
| podLabels | | {} |
| podSecurityContext | | {} |
@@ -97,6 +96,8 @@ The following table lists the configurable parameters of the `gcp-credential-man
| apiserver.servingCerts.caCrt | CA certficate used by serving certificate of webhook server. | "" |
| apiserver.servingCerts.serverCrt | Serving certficate used by webhook server. | "" |
| apiserver.servingCerts.serverKey | Private key for the serving certificate used by webhook server. | "" |
+| monitoring.agent | Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin") | "" |
+| monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is `prometheus.io/operator`. | {} |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example:
diff --git a/charts/gcp-credential-manager/templates/_helpers.tpl b/charts/gcp-credential-manager/templates/_helpers.tpl
index 1ba7a9e6..f9aad56e 100644
--- a/charts/gcp-credential-manager/templates/_helpers.tpl
+++ b/charts/gcp-credential-manager/templates/_helpers.tpl
@@ -54,11 +54,7 @@ app.kubernetes.io/instance: {{ .Release.Name }}
Create the name of the service account to use
*/}}
{{- define "gcp-credential-manager.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "gcp-credential-manager.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
+gcp-credential-manager
{{- end }}
{{/*
diff --git a/charts/gcp-credential-manager/templates/metrics-token-secret.yaml b/charts/gcp-credential-manager/templates/metrics-token-secret.yaml
new file mode 100644
index 00000000..45f64da4
--- /dev/null
+++ b/charts/gcp-credential-manager/templates/metrics-token-secret.yaml
@@ -0,0 +1,12 @@
+{{- if eq .Values.monitoring.agent "prometheus.io/operator" }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "gcp-credential-manager.fullname" . }}-metrics-token
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "gcp-credential-manager.labels" . | nindent 4 }}
+ annotations:
+ kubernetes.io/service-account.name: {{ include "gcp-credential-manager.serviceAccountName" . }}
+type: kubernetes.io/service-account-token
+{{- end }}
diff --git a/charts/gcp-credential-manager/templates/mutating-webhook.yaml b/charts/gcp-credential-manager/templates/mutating-webhook.yaml
similarity index 100%
rename from charts/gcp-credential-manager/templates/mutating-webhook.yaml
rename to charts/gcp-credential-manager/templates/mutating-webhook.yaml
diff --git a/charts/gcp-credential-manager/templates/serviceaccount.yaml b/charts/gcp-credential-manager/templates/serviceaccount.yaml
index bb96876a..6c261d67 100644
--- a/charts/gcp-credential-manager/templates/serviceaccount.yaml
+++ b/charts/gcp-credential-manager/templates/serviceaccount.yaml
@@ -2,7 +2,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
- name: gcp-credential-manager
+ name: {{ include "gcp-credential-manager.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "gcp-credential-manager.labels" . | nindent 4 }}
diff --git a/charts/gcp-credential-manager/templates/servicemonitor.yaml b/charts/gcp-credential-manager/templates/servicemonitor.yaml
new file mode 100644
index 00000000..cc8402b4
--- /dev/null
+++ b/charts/gcp-credential-manager/templates/servicemonitor.yaml
@@ -0,0 +1,37 @@
+{{- if eq .Values.monitoring.agent "prometheus.io/operator" }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ include "gcp-credential-manager.fullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- if .Values.monitoring.serviceMonitor.labels }}
+ {{- range $key, $val := .Values.monitoring.serviceMonitor.labels }}
+ {{ $key }}: {{ $val }}
+ {{- end }}
+ {{- else }}
+ {{- include "gcp-credential-manager.selectorLabels" . | nindent 4 }}
+ {{- end }}
+spec:
+ namespaceSelector:
+ matchNames:
+ - {{ .Release.Namespace }}
+ selector:
+ matchLabels:
+ {{- include "gcp-credential-manager.selectorLabels" . | nindent 6 }}
+ endpoints:
+ - targetPort: 9443
+ authorization:
+ credentials:
+ key: token
+ name: {{ include "gcp-credential-manager.fullname" . }}-metrics-token
+ type: Bearer
+ path: /metrics
+ scheme: https
+ tlsConfig:
+ ca:
+ secret:
+ name: {{ include "gcp-credential-manager.fullname" . }}-apiserver-cert
+ key: ca.crt
+ serverName: "{{ include "gcp-credential-manager.webhookServiceName" . }}.{{ .Release.Namespace }}.svc"
+{{- end }}
diff --git a/charts/gcp-credential-manager/values.openapiv3_schema.yaml b/charts/gcp-credential-manager/values.openapiv3_schema.yaml
index 01cbc7d5..188a2c22 100644
--- a/charts/gcp-credential-manager/values.openapiv3_schema.yaml
+++ b/charts/gcp-credential-manager/values.openapiv3_schema.yaml
@@ -610,6 +610,25 @@ properties:
format: int32
type: integer
type: object
+ monitoring:
+ properties:
+ agent:
+ enum:
+ - prometheus.io
+ - prometheus.io/operator
+ - prometheus.io/builtin
+ type: string
+ serviceMonitor:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ required:
+ - agent
+ - serviceMonitor
+ type: object
nameOverride:
type: string
nodeSelector:
@@ -912,8 +931,6 @@ properties:
type: object
create:
type: boolean
- name:
- type: string
required:
- create
type: object
@@ -1774,6 +1791,7 @@ properties:
type: array
required:
- image
+- monitoring
- replicaCount
- service
- serviceAccount
diff --git a/charts/gcp-credential-manager/values.yaml b/charts/gcp-credential-manager/values.yaml
index 4cb62a5f..3c7091e4 100644
--- a/charts/gcp-credential-manager/values.yaml
+++ b/charts/gcp-credential-manager/values.yaml
@@ -21,9 +21,6 @@ serviceAccount:
create: true
# Annotations to add to the service account
annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
podAnnotations: {}
podLabels: {}
podSecurityContext: {}
@@ -105,3 +102,12 @@ apiserver:
serverCrt: ""
# Private key for the serving certificate used by webhook server.
serverKey: ""
+
+monitoring:
+ # Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin")
+ agent: ""
+ serviceMonitor:
+ # Specify the labels for ServiceMonitor.
+ # Prometheus crd will select ServiceMonitor using these labels.
+ # Only usable when monitoring agent is `prometheus.io/operator`.
+ labels: {}