From 3bd4b2e0c985ba65bca2b24efd050c99957e27ac Mon Sep 17 00:00:00 2001 From: Camila Macedo <7708031+camilamacedo86@users.noreply.github.com> Date: Tue, 11 Feb 2025 06:25:28 +0000 Subject: [PATCH] (go/v4,helm/v1-alpha): Fix prometheus integration with TLS check --- .../testdata/project/config/prometheus/monitor_tls_patch.yaml | 1 + .../project/dist/chart/templates/prometheus/monitor.yaml | 1 + .../book/src/cronjob-tutorial/testdata/project/dist/install.yaml | 1 + .../testdata/project/config/prometheus/monitor_tls_patch.yaml | 1 + .../project/dist/chart/templates/prometheus/monitor.yaml | 1 + .../testdata/project/config/prometheus/monitor_tls_patch.yaml | 1 + .../project/dist/chart/templates/prometheus/monitor.yaml | 1 + .../src/multiversion-tutorial/testdata/project/dist/install.yaml | 1 + .../internal/templates/config/prometheus/monitor_tls_patch.go | 1 + .../internal/templates/chart-templates/prometheus/monitor.go | 1 + .../config/prometheus/monitor_tls_patch.yaml | 1 + .../config/prometheus/monitor_tls_patch.yaml | 1 + .../dist/chart/templates/prometheus/monitor.yaml | 1 + testdata/project-v4/config/prometheus/monitor_tls_patch.yaml | 1 + 14 files changed, 14 insertions(+) diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..78ab2b78800 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml b/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml index 2ff384a1435..b52d9861628 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml @@ -15,6 +15,7 @@ spec: bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: {{- if .Values.certmanager.enable }} + serverName: project-controller-manager-metrics-service.project-system.svc # Apply secure TLS configuration with cert-manager insecureSkipVerify: false ca: diff --git a/docs/book/src/cronjob-tutorial/testdata/project/dist/install.yaml b/docs/book/src/cronjob-tutorial/testdata/project/dist/install.yaml index a240adc8607..8c83510f842 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/dist/install.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/dist/install.yaml @@ -4289,6 +4289,7 @@ spec: keySecret: key: tls.key name: metrics-server-cert + serverName: project-controller-manager-metrics-service.project-system.svc selector: matchLabels: app.kubernetes.io/name: project diff --git a/docs/book/src/getting-started/testdata/project/config/prometheus/monitor_tls_patch.yaml b/docs/book/src/getting-started/testdata/project/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..78ab2b78800 100644 --- a/docs/book/src/getting-started/testdata/project/config/prometheus/monitor_tls_patch.yaml +++ b/docs/book/src/getting-started/testdata/project/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/docs/book/src/getting-started/testdata/project/dist/chart/templates/prometheus/monitor.yaml b/docs/book/src/getting-started/testdata/project/dist/chart/templates/prometheus/monitor.yaml index 2ff384a1435..b52d9861628 100644 --- a/docs/book/src/getting-started/testdata/project/dist/chart/templates/prometheus/monitor.yaml +++ b/docs/book/src/getting-started/testdata/project/dist/chart/templates/prometheus/monitor.yaml @@ -15,6 +15,7 @@ spec: bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: {{- if .Values.certmanager.enable }} + serverName: project-controller-manager-metrics-service.project-system.svc # Apply secure TLS configuration with cert-manager insecureSkipVerify: false ca: diff --git a/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml b/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..78ab2b78800 100644 --- a/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml +++ b/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml b/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml index 2ff384a1435..b52d9861628 100644 --- a/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml +++ b/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/prometheus/monitor.yaml @@ -15,6 +15,7 @@ spec: bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: {{- if .Values.certmanager.enable }} + serverName: project-controller-manager-metrics-service.project-system.svc # Apply secure TLS configuration with cert-manager insecureSkipVerify: false ca: diff --git a/docs/book/src/multiversion-tutorial/testdata/project/dist/install.yaml b/docs/book/src/multiversion-tutorial/testdata/project/dist/install.yaml index 0f6e2f94388..4d60dee56ce 100644 --- a/docs/book/src/multiversion-tutorial/testdata/project/dist/install.yaml +++ b/docs/book/src/multiversion-tutorial/testdata/project/dist/install.yaml @@ -8135,6 +8135,7 @@ spec: keySecret: key: tls.key name: metrics-server-cert + serverName: project-controller-manager-metrics-service.project-system.svc selector: matchLabels: app.kubernetes.io/name: project diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/prometheus/monitor_tls_patch.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/prometheus/monitor_tls_patch.go index b134911a7e1..66e8c50184e 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/prometheus/monitor_tls_patch.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/prometheus/monitor_tls_patch.go @@ -52,6 +52,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: {{ .ProjectName }}-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/pkg/plugins/optional/helm/v1alpha/scaffolds/internal/templates/chart-templates/prometheus/monitor.go b/pkg/plugins/optional/helm/v1alpha/scaffolds/internal/templates/chart-templates/prometheus/monitor.go index 8acd4d6ae15..33c36823298 100644 --- a/pkg/plugins/optional/helm/v1alpha/scaffolds/internal/templates/chart-templates/prometheus/monitor.go +++ b/pkg/plugins/optional/helm/v1alpha/scaffolds/internal/templates/chart-templates/prometheus/monitor.go @@ -59,6 +59,7 @@ spec: bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: {{ "{{- if .Values.certmanager.enable }}" }} + serverName: {{ .ProjectName }}-controller-manager-metrics-service.project-system.svc # Apply secure TLS configuration with cert-manager insecureSkipVerify: false ca: diff --git a/testdata/project-v4-multigroup/config/prometheus/monitor_tls_patch.yaml b/testdata/project-v4-multigroup/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..d6cb210c21d 100644 --- a/testdata/project-v4-multigroup/config/prometheus/monitor_tls_patch.yaml +++ b/testdata/project-v4-multigroup/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-v4-multigroup-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/testdata/project-v4-with-plugins/config/prometheus/monitor_tls_patch.yaml b/testdata/project-v4-with-plugins/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..c09ad5e6974 100644 --- a/testdata/project-v4-with-plugins/config/prometheus/monitor_tls_patch.yaml +++ b/testdata/project-v4-with-plugins/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-v4-with-plugins-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: diff --git a/testdata/project-v4-with-plugins/dist/chart/templates/prometheus/monitor.yaml b/testdata/project-v4-with-plugins/dist/chart/templates/prometheus/monitor.yaml index abb87440c0a..7d3d3242d70 100644 --- a/testdata/project-v4-with-plugins/dist/chart/templates/prometheus/monitor.yaml +++ b/testdata/project-v4-with-plugins/dist/chart/templates/prometheus/monitor.yaml @@ -15,6 +15,7 @@ spec: bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: {{- if .Values.certmanager.enable }} + serverName: project-v4-with-plugins-controller-manager-metrics-service.project-system.svc # Apply secure TLS configuration with cert-manager insecureSkipVerify: false ca: diff --git a/testdata/project-v4/config/prometheus/monitor_tls_patch.yaml b/testdata/project-v4/config/prometheus/monitor_tls_patch.yaml index e824dd0ff86..8f95afa5863 100644 --- a/testdata/project-v4/config/prometheus/monitor_tls_patch.yaml +++ b/testdata/project-v4/config/prometheus/monitor_tls_patch.yaml @@ -8,6 +8,7 @@ metadata: spec: endpoints: - tlsConfig: + serverName: project-v4-controller-manager-metrics-service.project-system.svc insecureSkipVerify: false ca: secret: