diff --git a/.github/renovate.json b/.github/renovate.json
index cbc44bb5b..836290545 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -38,7 +38,7 @@
"reviewers": [
"team:team"
],
- "commitMessageExtra": "to {{newVersion}} (was {{curentVersion}})",
+ "commitMessageExtra": "to {{newVersion}} (was {{currentVersion}})",
"prHourlyLimit": 0,
"packageRules": [
{
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
index 7b2d85a91..070609a25 100644
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -22,7 +22,7 @@ jobs:
- name: Get root directories
id: dirs
- uses: clowdhaus/terraform-composite-actions/directories@v1.11.0
+ uses: clowdhaus/terraform-composite-actions/directories@v1.11.1
preCommitMinVersions:
name: Min TF pre-commit
@@ -44,7 +44,7 @@ jobs:
- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory != '.' }}
- uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.0
+ uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.1
with:
terraform-version: ${{ steps.minMax.outputs.minVersion }}
args: 'terraform_validate --color=always --show-diff-on-failure --files ${{ matrix.directory }}/*'
@@ -52,7 +52,7 @@ jobs:
- name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
# Run only validate pre-commit check on min version supported
if: ${{ matrix.directory == '.' }}
- uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.0
+ uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.1
with:
terraform-version: ${{ steps.minMax.outputs.minVersion }}
args: 'terraform_validate --color=always --show-diff-on-failure --files $(ls *.tf)'
@@ -73,7 +73,7 @@ jobs:
uses: clowdhaus/terraform-min-max@v1.3.1
- name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
- uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.0
+ uses: clowdhaus/terraform-composite-actions/pre-commit@v1.11.1
with:
terraform-version: ${{ steps.minMax.outputs.maxVersion }}
terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index d08006a75..a4c73eb1c 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.96.1
+ rev: v1.96.2
hooks:
- id: terraform_fmt
- id: terraform_validate
@@ -9,11 +9,11 @@ repos:
- --tf-init-args=-upgrade
- id: terraform_docs
- repo: https://github.com/pre-commit/pre-commit-hooks
- rev: v4.6.0
+ rev: v5.0.0
hooks:
- id: check-merge-conflict
- id: end-of-file-fixer
- repo: https://github.com/renovatebot/pre-commit-hooks
- rev: 38.106.4
+ rev: 38.142.6
hooks:
- id: renovate-config-validator
diff --git a/csi-external-snapshotter.tf b/csi-external-snapshotter.tf
index 5c9f599e1..6257b4f6f 100644
--- a/csi-external-snapshotter.tf
+++ b/csi-external-snapshotter.tf
@@ -3,7 +3,7 @@ locals {
csi-external-snapshotter = merge(
{
enabled = false
- version = "v6.1.0"
+ version = "v8.1.0"
},
var.csi-external-snapshotter
)
diff --git a/helm-dependencies.yaml b/helm-dependencies.yaml
index 2db29b978..2c0f03471 100644
--- a/helm-dependencies.yaml
+++ b/helm-dependencies.yaml
@@ -6,10 +6,10 @@ dependencies:
version: 0.13.2
repository: https://charts.admiralty.io
- name: secrets-store-csi-driver
- version: 1.4.5
+ version: 1.4.6
repository: https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts
- name: aws-ebs-csi-driver
- version: 2.35.1
+ version: 2.36.0
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
- name: aws-efs-csi-driver
version: 3.0.8
@@ -18,19 +18,19 @@ dependencies:
version: 0.1.34
repository: https://aws.github.io/eks-charts
- name: aws-load-balancer-controller
- version: 1.9.0
+ version: 1.10.0
repository: https://aws.github.io/eks-charts
- name: aws-node-termination-handler
version: 0.21.0
repository: https://aws.github.io/eks-charts
- name: cert-manager
- version: v1.16.0
+ version: v1.16.1
repository: https://charts.jetstack.io
- name: cert-manager-csi-driver
version: v0.10.1
repository: https://charts.jetstack.io
- name: cluster-autoscaler
- version: 9.43.0
+ version: 9.43.1
repository: https://kubernetes.github.io/autoscaler
- name: external-dns
version: 1.15.0
@@ -39,7 +39,7 @@ dependencies:
version: 1.13.3
repository: https://charts.fluxcd.io
- name: ingress-nginx
- version: 4.11.2
+ version: 4.11.3
repository: https://kubernetes.github.io/ingress-nginx
- name: k8gb
version: v0.14.0
@@ -48,16 +48,16 @@ dependencies:
version: 1.7.2
repository: https://charts.helm.sh/stable
- name: karpenter
- version: 1.0.6
+ version: 1.0.7
repository: oci://public.ecr.aws/karpenter
- name: keda
- version: 2.15.1
+ version: 2.15.2
repository: https://kedacore.github.io/charts
- name: kong
version: 2.42.0
repository: https://charts.konghq.com
- name: kube-prometheus-stack
- version: 65.0.0
+ version: 65.5.1
repository: https://prometheus-community.github.io/helm-charts
- name: linkerd2-cni
version: 30.12.2
@@ -72,16 +72,16 @@ dependencies:
version: 30.12.11
repository: https://helm.linkerd.io/stable
- name: loki
- version: 6.16.0
+ version: 6.18.0
repository: https://grafana.github.io/helm-charts
- name: promtail
version: 6.16.6
repository: https://grafana.github.io/helm-charts
- name: metrics-server
- version: 3.12.1
+ version: 3.12.2
repository: https://kubernetes-sigs.github.io/metrics-server/
- name: node-problem-detector
- version: 2.3.13
+ version: 2.3.14
repository: https://charts.deliveryhero.io/
- name: prometheus-adapter
version: 4.11.0
@@ -90,7 +90,7 @@ dependencies:
version: 0.26.0
repository: https://prometheus-community.github.io/helm-charts
- name: prometheus-blackbox-exporter
- version: 9.0.0
+ version: 9.0.1
repository: https://prometheus-community.github.io/helm-charts
- name: scaleway-webhook
version: v0.0.1
@@ -99,22 +99,22 @@ dependencies:
version: 2.16.1
repository: https://bitnami-labs.github.io/sealed-secrets
- name: thanos
- version: 15.7.27
+ version: 15.8.0
repository: https://charts.bitnami.com/bitnami
- name: tigera-operator
- version: v3.28.2
+ version: v3.29.0
repository: https://docs.projectcalico.org/charts
- name: traefik
- version: 32.1.0
+ version: 33.0.0
repository: https://helm.traefik.io/traefik
- name: memcached
- version: 7.5.0
+ version: 7.5.2
repository: https://charts.bitnami.com/bitnami
- name: velero
- version: 7.2.1
+ version: 7.2.2
repository: https://vmware-tanzu.github.io/helm-charts
- name: victoria-metrics-k8s-stack
- version: 0.27.0
+ version: 0.27.6
repository: https://victoriametrics.github.io/helm-charts/
- name: yet-another-cloudwatch-exporter
version: 0.14.0
diff --git a/loki-stack.tf b/loki-stack.tf
index 1dd38dedc..03c14ec3d 100644
--- a/loki-stack.tf
+++ b/loki-stack.tf
@@ -22,6 +22,10 @@ locals {
priorityClassName: ${local.priority-class["create"] ? kubernetes_priority_class.kubernetes_addons[0].metadata[0].name : ""}
serviceMonitor:
enabled: ${local.kube-prometheus-stack["enabled"] || local.victoria-metrics-k8s-stack["enabled"]}
+gateway:
+ service:
+ labels:
+ prometheus.io/service-monitor: "false"
VALUES
}
diff --git a/modules/aws/loki-stack.tf b/modules/aws/loki-stack.tf
index fba1f0a4e..e581e9222 100644
--- a/modules/aws/loki-stack.tf
+++ b/modules/aws/loki-stack.tf
@@ -30,6 +30,10 @@ locals {
enabled: false
serviceMonitor:
enabled: ${local.kube-prometheus-stack["enabled"] || local.victoria-metrics-k8s-stack["enabled"]}
+ gateway:
+ service:
+ labels:
+ prometheus.io/service-monitor: "false"
priorityClassName: ${local.priority-class["create"] ? kubernetes_priority_class.kubernetes_addons[0].metadata[0].name : ""}
serviceAccount:
name: ${local.loki-stack["name"]}
diff --git a/modules/google/README.md b/modules/google/README.md
index dc23b9a80..27e25cb7b 100644
--- a/modules/google/README.md
+++ b/modules/google/README.md
@@ -48,30 +48,30 @@ Provides various Kubernetes addons that are often used on Kubernetes with GCP
| Name | Source | Version |
|------|--------|---------|
-| [cert\_manager\_workload\_identity](#module\_cert\_manager\_workload\_identity) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0.0 |
-| [external\_dns\_workload\_identity](#module\_external\_dns\_workload\_identity) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0.0 |
-| [iam\_assumable\_sa\_kube-prometheus-stack\_grafana](#module\_iam\_assumable\_sa\_kube-prometheus-stack\_grafana) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_kube-prometheus-stack\_thanos](#module\_iam\_assumable\_sa\_kube-prometheus-stack\_thanos) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_loki-stack](#module\_iam\_assumable\_sa\_loki-stack) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-compactor](#module\_iam\_assumable\_sa\_thanos-compactor) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-receive](#module\_iam\_assumable\_sa\_thanos-receive) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-receive-compactor](#module\_iam\_assumable\_sa\_thanos-receive-compactor) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-receive-receive](#module\_iam\_assumable\_sa\_thanos-receive-receive) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-receive-sg](#module\_iam\_assumable\_sa\_thanos-receive-sg) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-sg](#module\_iam\_assumable\_sa\_thanos-sg) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
-| [iam\_assumable\_sa\_thanos-storegateway](#module\_iam\_assumable\_sa\_thanos-storegateway) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 33.0 |
+| [cert\_manager\_workload\_identity](#module\_cert\_manager\_workload\_identity) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0.0 |
+| [external\_dns\_workload\_identity](#module\_external\_dns\_workload\_identity) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0.0 |
+| [iam\_assumable\_sa\_kube-prometheus-stack\_grafana](#module\_iam\_assumable\_sa\_kube-prometheus-stack\_grafana) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_kube-prometheus-stack\_thanos](#module\_iam\_assumable\_sa\_kube-prometheus-stack\_thanos) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_loki-stack](#module\_iam\_assumable\_sa\_loki-stack) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-compactor](#module\_iam\_assumable\_sa\_thanos-compactor) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-receive](#module\_iam\_assumable\_sa\_thanos-receive) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-receive-compactor](#module\_iam\_assumable\_sa\_thanos-receive-compactor) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-receive-receive](#module\_iam\_assumable\_sa\_thanos-receive-receive) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-receive-sg](#module\_iam\_assumable\_sa\_thanos-receive-sg) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-sg](#module\_iam\_assumable\_sa\_thanos-sg) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
+| [iam\_assumable\_sa\_thanos-storegateway](#module\_iam\_assumable\_sa\_thanos-storegateway) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | ~> 34.0 |
| [kube-prometheus-stack\_grafana-iam-member](#module\_kube-prometheus-stack\_grafana-iam-member) | terraform-google-modules/iam/google//modules/member_iam | ~> 8.0 |
-| [kube-prometheus-stack\_kube-prometheus-stack\_bucket](#module\_kube-prometheus-stack\_kube-prometheus-stack\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 6.0 |
+| [kube-prometheus-stack\_kube-prometheus-stack\_bucket](#module\_kube-prometheus-stack\_kube-prometheus-stack\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 8.0 |
| [kube-prometheus-stack\_thanos\_kms\_bucket](#module\_kube-prometheus-stack\_thanos\_kms\_bucket) | terraform-google-modules/kms/google | ~> 3.0 |
-| [loki-stack\_bucket](#module\_loki-stack\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 6.0 |
+| [loki-stack\_bucket](#module\_loki-stack\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 8.0 |
| [loki-stack\_bucket\_iam](#module\_loki-stack\_bucket\_iam) | terraform-google-modules/iam/google//modules/storage_buckets_iam | ~> 8.0 |
| [loki-stack\_kms\_bucket](#module\_loki-stack\_kms\_bucket) | terraform-google-modules/kms/google | ~> 3.0 |
-| [thanos-receive\_bucket](#module\_thanos-receive\_bucket) | terraform-google-modules/cloud-storage/google | ~> 6.0 |
+| [thanos-receive\_bucket](#module\_thanos-receive\_bucket) | terraform-google-modules/cloud-storage/google | ~> 8.0 |
| [thanos-receive\_kms\_bucket](#module\_thanos-receive\_kms\_bucket) | terraform-google-modules/kms/google | ~> 3.0 |
| [thanos-storegateway\_bucket\_iam](#module\_thanos-storegateway\_bucket\_iam) | terraform-google-modules/iam/google//modules/storage_buckets_iam | ~> 8.0 |
-| [thanos\_bucket](#module\_thanos\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 6.0 |
+| [thanos\_bucket](#module\_thanos\_bucket) | terraform-google-modules/cloud-storage/google//modules/simple_bucket | ~> 8.0 |
| [thanos\_kms\_bucket](#module\_thanos\_kms\_bucket) | terraform-google-modules/kms/google | ~> 3.0 |
-| [velero\_bucket](#module\_velero\_bucket) | github.com/terraform-google-modules/terraform-google-cloud-storage//modules/simple_bucket | v6.1.0 |
+| [velero\_bucket](#module\_velero\_bucket) | github.com/terraform-google-modules/terraform-google-cloud-storage//modules/simple_bucket | v8.0.1 |
## Resources
diff --git a/modules/google/cert-manager.tf b/modules/google/cert-manager.tf
index 3752bf8af..730e6093f 100644
--- a/modules/google/cert-manager.tf
+++ b/modules/google/cert-manager.tf
@@ -58,7 +58,7 @@ VALUES
module "cert_manager_workload_identity" {
count = local.cert-manager.create_iam_resources && local.cert-manager.enabled ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0.0"
+ version = "~> 34.0.0"
name = local.cert-manager.service_account_name
namespace = local.cert-manager.namespace
project_id = local.cert-manager.project_id
diff --git a/modules/google/external-dns.tf b/modules/google/external-dns.tf
index 510fe427c..24acc9604 100644
--- a/modules/google/external-dns.tf
+++ b/modules/google/external-dns.tf
@@ -55,7 +55,7 @@ locals {
# to be allowed to use the workload identity on GKE.
module "external_dns_workload_identity" {
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0.0"
+ version = "~> 34.0.0"
for_each = { for k, v in local.external-dns : k => v if v.enabled && v.create_iam_resources }
diff --git a/modules/google/kube-prometheus.tf b/modules/google/kube-prometheus.tf
index b27d48755..356880762 100644
--- a/modules/google/kube-prometheus.tf
+++ b/modules/google/kube-prometheus.tf
@@ -283,7 +283,7 @@ VALUES
module "iam_assumable_sa_kube-prometheus-stack_grafana" {
count = local.kube-prometheus-stack["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.kube-prometheus-stack["namespace"]
project_id = var.project_id
name = local.kube-prometheus-stack["grafana_service_account_name"]
@@ -294,7 +294,7 @@ module "iam_assumable_sa_kube-prometheus-stack_grafana" {
module "iam_assumable_sa_kube-prometheus-stack_thanos" {
count = local.kube-prometheus-stack["enabled"] && local.kube-prometheus-stack["thanos_sidecar_enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.kube-prometheus-stack["namespace"]
project_id = var.project_id
name = "${local.kube-prometheus-stack["name_prefix"]}-thanos"
@@ -363,7 +363,7 @@ module "kube-prometheus-stack_kube-prometheus-stack_bucket" {
count = local.kube-prometheus-stack["enabled"] && local.kube-prometheus-stack["thanos_create_bucket"] && local.kube-prometheus-stack["thanos_sidecar_enabled"] ? 1 : 0
source = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
- version = "~> 6.0"
+ version = "~> 8.0"
project_id = var.project_id
location = data.google_client_config.current.region
@@ -417,7 +417,7 @@ resource "helm_release" "kube-prometheus-stack" {
values = compact([
local.values_kube-prometheus-stack,
local.ingress-nginx["enabled"] ? local.values_dashboard_ingress-nginx : null,
- local.thanos["enabled"] && local.kube-prometheus-stack["thanos_dashboard_enabled"] ? local.values_dashboard_thanos : null,
+ ((local.thanos["enabled"] && local.kube-prometheus-stack["thanos_dashboard_enabled"]) || local.thanos-receive["enabled"]) ? local.values_dashboard_thanos : null,
local.values_dashboard_node_exporter,
local.kube-prometheus-stack["thanos_sidecar_enabled"] ? local.values_thanos_sidecar : null,
local.thanos-receive["enabled"] ? local.values_thanos_receive : null,
diff --git a/modules/google/loki-stack.tf b/modules/google/loki-stack.tf
index 795c2adc7..513a902cd 100644
--- a/modules/google/loki-stack.tf
+++ b/modules/google/loki-stack.tf
@@ -32,6 +32,10 @@ locals {
enabled: false
serviceMonitor:
enabled: ${local.kube-prometheus-stack["enabled"] || local.victoria-metrics-k8s-stack["enabled"]}
+ gateway:
+ service:
+ labels:
+ prometheus.io/service-monitor: "false"
priorityClassName: ${local.priority-class["create"] ? kubernetes_priority_class.kubernetes_addons[0].metadata[0].name : ""}
serviceAccount:
create: false
@@ -66,7 +70,7 @@ locals {
module "iam_assumable_sa_loki-stack" {
count = local.loki-stack["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.loki-stack["namespace"]
project_id = var.project_id
name = local.loki-stack["name"]
@@ -180,7 +184,7 @@ module "loki-stack_bucket" {
count = local.loki-stack["enabled"] && local.loki-stack["create_bucket"] ? 1 : 0
source = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
- version = "~> 6.0"
+ version = "~> 8.0"
project_id = var.project_id
location = local.loki-stack["bucket_location"]
diff --git a/modules/google/thanos-receive.tf b/modules/google/thanos-receive.tf
index 37aa4c781..964d918d1 100644
--- a/modules/google/thanos-receive.tf
+++ b/modules/google/thanos-receive.tf
@@ -22,18 +22,18 @@ locals {
var.thanos-receive
)
- thanos-receive_bucket = local.thanos["bucket"]
-
values_thanos-receive = <<-VALUES
receive:
extraFlags:
- --receive.hashrings-algorithm=ketama
enabled: true
- replicaCount: 2
- replicationFactor: 1
+ replicaCount: 3
+ replicationFactor: 2
pdb:
create: true
minAvailable: 1
+ service:
+ additionalHeadless: true
serviceAccount:
annotations:
iam.gke.io/gcp-service-account: "${local.thanos-receive["enabled"] && local.thanos-receive["create_iam_resources"] ? module.iam_assumable_sa_thanos-receive-receive[0].gcp_service_account_email : ""}"
@@ -120,10 +120,10 @@ locals {
module "iam_assumable_sa_thanos-receive-receive" {
count = local.thanos-receive["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos-receive["namespace"]
project_id = var.project_id
- name = local.thanos-receive["name"]
+ name = "${local.thanos-receive["name"]}-receive"
use_existing_k8s_sa = true
annotate_k8s_sa = false
}
@@ -131,7 +131,7 @@ module "iam_assumable_sa_thanos-receive-receive" {
module "iam_assumable_sa_thanos-receive-compactor" {
count = local.thanos-receive["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos-receive["namespace"]
project_id = var.project_id
name = "${local.thanos-receive["name"]}-compactor"
@@ -142,7 +142,7 @@ module "iam_assumable_sa_thanos-receive-compactor" {
module "iam_assumable_sa_thanos-receive-sg" {
count = local.thanos-receive["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos-receive["namespace"]
project_id = var.project_id
name = "${local.thanos-receive["name"]}-storegateway"
@@ -154,7 +154,7 @@ module "thanos-receive_bucket" {
count = local.thanos-receive["enabled"] && local.thanos-receive["create_bucket"] ? 1 : 0
source = "terraform-google-modules/cloud-storage/google"
- version = "~> 6.0"
+ version = "~> 8.0"
project_id = var.project_id
location = data.google_client_config.current.region
diff --git a/modules/google/thanos-storegateway.tf b/modules/google/thanos-storegateway.tf
index 0d735574d..916cad208 100644
--- a/modules/google/thanos-storegateway.tf
+++ b/modules/google/thanos-storegateway.tf
@@ -58,7 +58,7 @@ locals {
module "iam_assumable_sa_thanos-storegateway" {
for_each = local.thanos-storegateway
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = each.value["namespace"]
project_id = data.google_project.current.id
name = "${each.value["name_prefix"]}-${each.key}"
diff --git a/modules/google/thanos.tf b/modules/google/thanos.tf
index 33d94c261..e16590d23 100644
--- a/modules/google/thanos.tf
+++ b/modules/google/thanos.tf
@@ -224,7 +224,7 @@ locals {
module "iam_assumable_sa_thanos-receive" {
count = local.thanos["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos["namespace"]
project_id = var.project_id
name = "${local.thanos["name"]}-receive"
@@ -235,7 +235,7 @@ module "iam_assumable_sa_thanos-receive" {
module "iam_assumable_sa_thanos-compactor" {
count = local.thanos["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos["namespace"]
project_id = var.project_id
name = "${local.thanos["name"]}-compactor"
@@ -246,7 +246,7 @@ module "iam_assumable_sa_thanos-compactor" {
module "iam_assumable_sa_thanos-sg" {
count = local.thanos["enabled"] ? 1 : 0
source = "terraform-google-modules/kubernetes-engine/google//modules/workload-identity"
- version = "~> 33.0"
+ version = "~> 34.0"
namespace = local.thanos["namespace"]
project_id = var.project_id
name = "${local.thanos["name"]}-storegateway"
@@ -258,7 +258,7 @@ module "thanos_bucket" {
count = local.thanos["enabled"] && local.thanos["create_bucket"] ? 1 : 0
source = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
- version = "~> 6.0"
+ version = "~> 8.0"
project_id = var.project_id
location = local.thanos["bucket_location"]
diff --git a/modules/google/velero.tf b/modules/google/velero.tf
index f3e1943dd..498038b4d 100644
--- a/modules/google/velero.tf
+++ b/modules/google/velero.tf
@@ -49,7 +49,7 @@ serviceAccount:
name: ${local.velero["service_account_name"]}
create: true
annotations:
- iam.gke.io/gcp-service-account: ${local.velero["create_iam_account"] ? google_service_account.velero[0].email : ""}
+ ${local.velero["create_iam_account"] ? "iam.gke.io/gcp-service-account: ${google_service_account.velero[0].email}" : ""}
priorityClassName: ${local.priority-class-ds["create"] ? kubernetes_priority_class.kubernetes_addons_ds[0].metadata[0].name : ""}
credentials:
useSecret: false
@@ -121,7 +121,7 @@ resource "google_service_account_iam_policy" "admin-account-iam" {
module "velero_bucket" {
count = (local.velero["enabled"] && local.velero["create_bucket"]) ? 1 : 0
- source = "github.com/terraform-google-modules/terraform-google-cloud-storage//modules/simple_bucket?ref=v6.1.0"
+ source = "github.com/terraform-google-modules/terraform-google-cloud-storage//modules/simple_bucket?ref=v8.0.1"
name = local.velero["name_prefix"]
project_id = data.google_project.current.project_id
diff --git a/modules/scaleway/loki-stack.tf b/modules/scaleway/loki-stack.tf
index 4d508acaf..2d503ecdc 100644
--- a/modules/scaleway/loki-stack.tf
+++ b/modules/scaleway/loki-stack.tf
@@ -26,6 +26,10 @@ locals {
dnsService: coredns
serviceMonitor:
enabled: ${local.kube-prometheus-stack["enabled"] || local.victoria-metrics-k8s-stack["enabled"]}
+ gateway:
+ service:
+ labels:
+ prometheus.io/service-monitor: "false"
priorityClassName: ${local.priority-class["create"] ? kubernetes_priority_class.kubernetes_addons[0].metadata[0].name : ""}
persistence:
enabled: true