diff --git a/.yamllint.yml b/.yamllint.yml index 8e2133ae4..f50c93057 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -10,6 +10,8 @@ ignore: - node_modules - charts/k8s-monitoring/vendir.lock.yml - charts/k8s-monitoring/docs/examples/**/output.yaml + - charts/k8s-monitoring/tests/integration/**/output.yaml + - charts/k8s-monitoring/tests/platform/**/output.yaml - charts/k8s-monitoring-v1/docs/examples/**/output.yaml - charts/**/templates diff --git a/charts/k8s-monitoring/Makefile b/charts/k8s-monitoring/Makefile index 28e278612..57138b016 100644 --- a/charts/k8s-monitoring/Makefile +++ b/charts/k8s-monitoring/Makefile @@ -84,6 +84,9 @@ EXAMPLE_README_FILES = $(EXAMPLE_VALUES_FILES:values.yaml=README.md) INTEGRATION_TEST_VALUES_FILES = $(shell find tests/integration -name values.yaml) INTEGRATION_TEST_OUTPUT_FILES = $(INTEGRATION_TEST_VALUES_FILES:values.yaml=.rendered/output.yaml) +PLATFORM_TEST_VALUES_FILES = $(shell find tests/platform -name values.yaml) +PLATFORM_TEST_OUTPUT_FILES = $(PLATFORM_TEST_VALUES_FILES:values.yaml=.rendered/output.yaml) + alloy_configs = $(shell \ DIR="$(shell dirname $(1))/" yq e 'with_entries(select(.key == "alloy-*")) | select(.[].enabled == true) | to_entries | env(DIR) + .[].key + ".alloy"' $(1) \ ) @@ -147,19 +150,21 @@ endif .PHONY: integration-test-checks integration-test-checks: $(INTEGRATION_TEST_OUTPUT_FILES) +.PHONY: platform-test-checks +platform-test-checks: $(PLATFORM_TEST_OUTPUT_FILES) .PHONY: clean clean: rm -f README.md values.schema.json $(UPDATECLI_FILES) templates/destinations/_destination_types.tpl schema-mods/destination-list.json $(DESTINATION_SCHEMA_FILES) $(DESTINATION_DOCS_FILES) - rm -f $(EXAMPLE_OUTPUT_FILES) $(EXAMPLE_ALLOY_FILES) $(EXAMPLE_README_FILES) $(INTEGRATION_TEST_OUTPUT_FILES) + rm -f $(EXAMPLE_OUTPUT_FILES) $(EXAMPLE_ALLOY_FILES) $(EXAMPLE_README_FILES) $(INTEGRATION_TEST_OUTPUT_FILES) $(PLATFORM_TEST_OUTPUT_FILES) # Build targets .PHONY: build -build: README.md alloyModules/LICENSE values.schema.json templates/destinations/_destination_types.tpl $(DESTINATION_DOCS_FILES) $(UPDATECLI_FILES) examples integration-test-checks +build: README.md alloyModules/LICENSE values.schema.json templates/destinations/_destination_types.tpl $(DESTINATION_DOCS_FILES) $(UPDATECLI_FILES) examples integration-test-checks platform-test-checks # Test targets .PHONY: test unittest lint-helm lint-configs -test: unittest lint-helm lint-configs integration-test-checks example-checks +test: unittest lint-helm lint-configs example-checks lint-configs: $(EXAMPLE_ALLOY_FILES) ../../scripts/lint-alloy.sh $(EXAMPLE_ALLOY_FILES) rm -rf data-alloy # Clean up the data-alloy directory, which is created by lint-alloy.sh when it runs Alloy. diff --git a/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml b/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml new file mode 100644 index 000000000..e182e87d0 --- /dev/null +++ b/charts/k8s-monitoring/tests/platform/remote-config/.rendered/output.yaml @@ -0,0 +1,340 @@ +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: k8smon-alloy-metrics + namespace: default + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac +--- +# Source: k8s-monitoring/templates/alloy-config.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: k8smon-alloy-metrics + namespace: default +data: + config.alloy: |- + + + + remotecfg { + url = "https://fleet-management-prod-008.grafana.net" + basic_auth { + username = env("GRAFANA_CLOUD_FLEET_MGMT_USER") + password = env("GRAFANA_CLOUD_FLEET_MGMT_TOKEN") + } + id = "remote-config-platform-test-default-" + constants.hostname + poll_frequency = "5m" + attributes = { + "cluster" = "remote-config-platform-test", + "platform" = "kubernetes", + "workloadType" = "statefulset", + } + } +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: k8smon-alloy-metrics + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac +rules: + # Rules which allow discovery.kubernetes to function. + - apiGroups: + - "" + - "discovery.k8s.io" + - "networking.k8s.io" + resources: + - endpoints + - endpointslices + - ingresses + - nodes + - nodes/proxy + - nodes/metrics + - pods + - services + verbs: + - get + - list + - watch + # Rules which allow loki.source.kubernetes and loki.source.podlogs to work. + - apiGroups: + - "" + resources: + - pods + - pods/log + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "monitoring.grafana.com" + resources: + - podlogs + verbs: + - get + - list + - watch + # Rules which allow mimir.rules.kubernetes to work. + - apiGroups: ["monitoring.coreos.com"] + resources: + - prometheusrules + verbs: + - get + - list + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + # Rules for prometheus.kubernetes.* + - apiGroups: ["monitoring.coreos.com"] + resources: + - podmonitors + - servicemonitors + - probes + verbs: + - get + - list + - watch + # Rules which allow eventhandler to work. + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + # needed for remote.kubernetes.* + - apiGroups: [""] + resources: + - "configmaps" + - "secrets" + verbs: + - get + - list + - watch + # needed for otelcol.processor.k8sattributes + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] + - apiGroups: ["extensions"] + resources: ["replicasets"] + verbs: ["get", "list", "watch"] +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: k8smon-alloy-metrics + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: rbac +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: k8smon-alloy-metrics +subjects: + - kind: ServiceAccount + name: k8smon-alloy-metrics + namespace: default +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/cluster_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: k8smon-alloy-metrics-cluster + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: networking +spec: + type: ClusterIP + clusterIP: 'None' + publishNotReadyAddresses: true + selector: + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + ports: + # Do not include the -metrics suffix in the port name, otherwise metrics + # can be double-collected with the non-headless Service if it's also + # enabled. + # + # This service should only be used for clustering, and not metric + # collection. + - name: http + port: 12345 + targetPort: 12345 + protocol: "TCP" +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: k8smon-alloy-metrics + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy + app.kubernetes.io/component: networking +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + internalTrafficPolicy: Cluster + ports: + - name: http-metrics + port: 12345 + targetPort: 12345 + protocol: "TCP" +--- +# Source: k8s-monitoring/charts/alloy-metrics/templates/controllers/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: k8smon-alloy-metrics + labels: + helm.sh/chart: alloy-metrics-0.10.0 + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + + app.kubernetes.io/version: "v1.5.0" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: alloy +spec: + replicas: 1 + podManagementPolicy: Parallel + minReadySeconds: 10 + serviceName: k8smon-alloy-metrics + selector: + matchLabels: + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alloy + k8s.grafana.com/logs.job: integrations/alloy + labels: + app.kubernetes.io/name: alloy-metrics + app.kubernetes.io/instance: k8smon + spec: + serviceAccountName: k8smon-alloy-metrics + containers: + - name: alloy + image: docker.io/grafana/alloy:v1.5.0 + imagePullPolicy: IfNotPresent + args: + - run + - /etc/alloy/config.alloy + - --storage.path=/tmp/alloy + - --server.http.listen-addr=0.0.0.0:12345 + - --server.http.ui-path-prefix=/ + - --cluster.enabled=true + - --cluster.join-addresses=k8smon-alloy-metrics-cluster + - --cluster.name="alloy-metrics" + - --stability.level=public-preview + env: + - name: ALLOY_DEPLOY_MODE + value: "helm" + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + envFrom: + - secretRef: + name: grafana-cloud-credentials + - configMapRef: + name: test-variables + ports: + - containerPort: 12345 + name: http-metrics + readinessProbe: + httpGet: + path: /-/ready + port: 12345 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - CHOWN + - DAC_OVERRIDE + - FOWNER + - FSETID + - KILL + - SETGID + - SETUID + - SETPCAP + - NET_BIND_SERVICE + - NET_RAW + - SYS_CHROOT + - MKNOD + - AUDIT_WRITE + - SETFCAP + drop: + - ALL + seccompProfile: + type: RuntimeDefault + volumeMounts: + - name: config + mountPath: /etc/alloy + - name: config-reloader + image: ghcr.io/jimmidyson/configmap-reload:v0.12.0 + args: + - --volume-dir=/etc/alloy + - --webhook-url=http://localhost:12345/-/reload + volumeMounts: + - name: config + mountPath: /etc/alloy + resources: + requests: + cpu: 1m + memory: 5Mi + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + volumes: + - name: config + configMap: + name: k8smon-alloy-metrics +--- +# Source: k8s-monitoring/templates/remote_config_secret.yaml +# create: false