From 07706937a89296cc13179b60ea0f4489254409d6 Mon Sep 17 00:00:00 2001 From: Jirka Kremser Date: Fri, 26 Apr 2024 10:40:19 +0200 Subject: [PATCH] All our tweaks should go here If there is another thing to add to our fork, pls add it here. Example: ``` echo -e "#foo?\n\n bar?" > foo-bar.md # Pls keep adding the changes to standalone files that are not present in the upstream to mitigate the risk of conflict add foo-bar.md git commit -s --ammend yada yada ``` Signed-off-by: Jirka Kremser Signed-off-by: Jan Wozniak Signed-off-by: Jirka Kremser --- .github/workflows/gh-release-chart.yml | 99 + .github/workflows/gh-sync.yml | 97 + CODEOWNERS | 5 + .../service-kedify_proxy_sink.yaml | 18 + http-add-on/values.schema.json | 578 ++++++ keda/templates/manager/kedify-rbac.yaml | 64 + keda/values.schema.json | 1602 +++++++++++++++++ 7 files changed, 2463 insertions(+) create mode 100644 .github/workflows/gh-release-chart.yml create mode 100644 .github/workflows/gh-sync.yml create mode 100644 CODEOWNERS create mode 100644 http-add-on/templates/interceptor/service-kedify_proxy_sink.yaml create mode 100644 http-add-on/values.schema.json create mode 100644 keda/templates/manager/kedify-rbac.yaml create mode 100644 keda/values.schema.json diff --git a/.github/workflows/gh-release-chart.yml b/.github/workflows/gh-release-chart.yml new file mode 100644 index 00000000..fe02f75a --- /dev/null +++ b/.github/workflows/gh-release-chart.yml @@ -0,0 +1,99 @@ +name: Helm Publish + +on: + release: + types: + - published + workflow_dispatch: +permissions: + contents: read + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Create k3s cluster + uses: AbsaOSS/k3d-action@v2 + with: + cluster-name: "test-cluster" + k3d-version: v5.6.0 + args: >- + --no-lb + --k3s-arg "--disable=traefik,servicelb,local-storage@server:*" + - name: Smoke test helm rendering and deployability + run: | + helm template ./keda \ + -n keda \ + --create-namespace \ + --set customManagedBy=kedify | kubectl apply -f - + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-admission-webhooks + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-operator-metrics-apiserver + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-operator + echo -e "\n\n\n pods:\n\n" + kubectl get pods -A + + publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Add the -N suffix to chart's version + run: | + sed -i keda/Chart.yaml -e 's;^version:.*;version: ${{ github.ref_name }};' + - name: Publish Helm chart + uses: stefanprodan/helm-gh-pages@master + with: + token: ${{ secrets.PAT_TOKEN }} + charts_dir: "." + - name: Create k3s cluster + uses: AbsaOSS/k3d-action@v2 + with: + cluster-name: "test-cluster" + k3d-version: v5.6.0 + args: >- + --no-lb + --k3s-arg "--disable=traefik,servicelb,local-storage@server:*" + - name: Smoke test helm installation + run: | + # exp-backoff - we wait for pages to become available here + for i in $(seq 16) + do + _sec=$(echo "1.5^$i" | bc) + echo "Waiting ${_sec} seconds.." + sleep ${_sec} + helm repo add kedify https://kedify.github.io/charts || continue + helm repo update + set -x + helm upgrade -i keda kedify/keda \ + -n keda \ + --create-namespace \ + --timeout 300s \ + --wait \ + --version ${{ github.ref_name }} \ + --set customManagedBy=kedify && break + set +x + [ "$i" = "16" ] && exit 1 + done + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-admission-webhooks + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-operator-metrics-apiserver + kubectl wait --timeout=300s -nkeda --for=condition=ready pod -lapp.kubernetes.io/name=keda-operator + + echo -e "\n\n\n pods:\n\n" + kubectl get pods -A + + echo "::group::values.yaml" + helm get values -n keda keda + echo "::endgroup::" + + echo "::group::resulting YAML manifests" + helm get manifest -n keda keda + echo "::endgroup::" + + echo -e "\n\nthe following command is supposed to fail:\n\n" + helm template keda kedify/keda \ + --version ${{ github.ref_name }} \ + --set crds.install=f4lse || true diff --git a/.github/workflows/gh-sync.yml b/.github/workflows/gh-sync.yml new file mode 100644 index 00000000..1f1dc70d --- /dev/null +++ b/.github/workflows/gh-sync.yml @@ -0,0 +1,97 @@ +name: Sync with upstream +on: + schedule: + # ┌───────────── minute (0 - 59) + # │ ┌───────────── hour (0 - 23) + # │ │ ┌───────────── day of the month (1 - 31) + # │ │ │ ┌───────────── month (1 - 12) + # │ │ │ │ ┌───────────── day of the week (0 - 6) + # │ │ │ │ │ + # │ │ │ │ │ + # │ │ │ │ │ + - cron: "* 7 * * *" + workflow_dispatch: + inputs: + upstreamRepo: + description: "Upstream Repo - Where we should get the changes from. If not specified, it's 'kedacore/charts'" + default: "kedacore/charts" + required: false + type: string + downstreamRepo: + description: "Downstream Repo - To what repo we are syncying. If not specified, it's 'kedify/charts' (this repo)" + default: "kedify/charts" + required: false + type: string + +env: + UPSTREAM_REPO: ${{ github.event.inputs.upstreamRepo || 'kedacore/charts' }} + DOWNSTREAM_REPO: ${{ github.event.inputs.downstreamRepo || 'kedify/charts' }} + +jobs: + repo-sync: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.PAT_TOKEN }} + fetch-depth: 0 + - run: | + git config --global user.email "github-actions@github.com" + git config --global user.name "Kedify Bot" + git remote add upstream https://github.com/${{ env.UPSTREAM_REPO }}.git + git pull -s recursive --rebase -X ours upstream main + git push origin +main + # - name: Open Pull Request + # id: cpr + # uses: peter-evans/create-pull-request@v6 + # with: + # token: ${{ secrets.PAT_TOKEN }} + # push-to-fork: ${{ env.DOWNSTREAM_REPO }} + # commit-message: Syncing upstream helm charts + # title: Syncing upstream helm charts + # body: | + # :package: Syncing upstream helm chart :package: + + # ### :shipit: Release? + + # The sync mechanism doesn't deal with releases. + + # ### :thinking: Rebase or merge? + + # Although merging is obviously better :trollface:, let's use rebasing for this sync. + # This way we will see our custom tweaks nicely on the tip of the `main`. + + # ### :hospital: Conflict? + + # This could have happened only if the PR was opened for a long time and meanwhile there + # was a change to this repo. :adhesive_bandage: Just close this PR and wait for the next one. + + # #### :bulb: Tip + + # Ideally, this repo has only one commits with all the necessary tweaks in it (like this gh action for instance). + # So that we can keep adding the changes to this commit by `g commit --ammend` and ideally the changes should be in + # new files so that the risk of conflict with the upstream repo is minimal. + + # ### :wrench: Important + + # Once this is merged, please don't forget to run this command if our 'All our tweaks should go here' commit is not on + # top: + + # ``` + # GIT_SEQUENCE_EDITOR=\"sed -i -n 'h;1n;2p;g;p'\" git rebase -i HEAD~2 + # ``` + + # To reorder last two commits. + + # This automated PR was created by [this action][1]. + + # [1]: https://github.com/kedify/charts/actions/runs/${{ github.run_id }} + # branch: upstream-sync + # delete-branch: true + # signoff: true + + # - name: Check PR + # run: | + # echo ":rocket:" + # echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" | tee -a "${GITHUB_STEP_SUMMARY}" + # echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" | tee -a "${GITHUB_STEP_SUMMARY}" diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..4a1097fd --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,5 @@ +# Teams: +* @kedify/all + +# Individuals: + diff --git a/http-add-on/templates/interceptor/service-kedify_proxy_sink.yaml b/http-add-on/templates/interceptor/service-kedify_proxy_sink.yaml new file mode 100644 index 00000000..a18cc86d --- /dev/null +++ b/http-add-on/templates/interceptor/service-kedify_proxy_sink.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: interceptor-proxy + {{- include "keda-http-add-on.labels" . | indent 4 }} + name: "{{ .Chart.Name }}-interceptor-kedify-proxy-metric-sink" + namespace: {{ .Release.Namespace }} +spec: + type: ClusterIP + ports: + - name: proxy + port: {{ default 9901 .Values.interceptor.proxy.kedifyMetricsSinkPort }} + protocol: TCP + targetPort: {{ default 9901 .Values.interceptor.proxy.kedifyMetricsSinkPort }} + selector: + app.kubernetes.io/component: interceptor + {{- include "keda-http-add-on.matchLabels" . | indent 4 }} diff --git a/http-add-on/values.schema.json b/http-add-on/values.schema.json new file mode 100644 index 00000000..bb750ae7 --- /dev/null +++ b/http-add-on/values.schema.json @@ -0,0 +1,578 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "schema for values.yaml for KEDA http-add-on helm chart", + "type": "object", + "allOf": [ + {"$ref": "#/$defs/Top-lvl"} + ], + "$defs": { + "Top-lvl": { + "properties": { + "additionalLabels": { + "type": "object", + "description": "Additional labels to be applied to installed resources.\n Note that not all resources will receive these labels.", + "required": [], + "properties": {} + }, + "crds": { + "type": "object", + "description": "Whether to install the HTTPScaledObject CustomResourceDefinition", + "required": [], + "properties": { + "install": { + "type": "boolean" + } + } + }, + "logging": { + "type": "object", + "required": [], + "properties": { + "operator": { + "description": "Logging level for KEDA http-add-on operator.", + "required": [], + "allOf": [ + { + "$ref": "#/$defs/LoggingOptions" + } + ], + "properties": { + "kubeRbacProxy": { + "type": "object", + "description": "Logging level for KEDA http-add-on operator rbac proxy.\n allowed values: \n - '0' for info\n - '4' for debug'n - or an integer value greater than 0", + "required": [], + "properties": { + "level": { + "type": "number", + "minimum": 0 + } + } + } + } + }, + "scaler": { + "description": "Logging level for KEDA http-add-on Scaler.", + "$ref": "#/$defs/LoggingOptions" + }, + "interceptor": { + "description": "Logging level for KEDA http-add-on Interceptor.", + "$ref": "#/$defs/LoggingOptions" + } + } + }, + "operator": { + "type": "object", + "description": "operator-specific configuration values", + "required": [], + "properties": { + "imagePullSecrets": { + "type": "array", + "description": "The image pull secrets for the operator component", + "items": { + "type": "string" + } + }, + "watchNamespace": { + "description": "The namespace to watch for new 'HTTPScaledObject's.\nLeave this blank (i.e. '') to tell the operator to watch all namespaces.", + "type": "string" + }, + "pullPolicy": { + "description": "The image pull policy for the operator component", + "default": "Always", + "enum": [ + "Always", + "IfNotPresent", + "Never" + ] + }, + "resources": { + "$ref": "#/$defs/ResourcesType" + }, + "port": { + "description": "The port for the operator main server to run on", + "type": "number", + "minimum": 1, + "maximum": 65535, + "default": 8443 + }, + "nodeSelector": { + "description": "Node selector for pod scheduling", + "type": "object", + "required": [], + "properties": {} + }, + "tolerations": { + "description": "Tolerations for pod scheduling", + "type": "array", + "items": { + "type": "string" + } + }, + "affinity": { + "description": "Affinity for pod scheduling", + "type": "object", + "required": [], + "properties": {} + }, + "kubeRbacProxy": { + "type": "object", + "required": [], + "properties": { + "resources": { + "$ref": "#/$defs/ResourcesType" + } + } + } + } + }, + "scaler": { + "type": "object", + "required": [], + "properties": { + "replicas": { + "type": "number", + "description": "Number of replicas of scaler deployment." + }, + "imagePullSecrets": { + "type": "array", + "items": { + "type": "string" + } + }, + "service": { + "type": "string" + }, + "pullPolicy": { + "description": "The image pull policy for the scaler component", + "default": "Always", + "enum": [ + "Always", + "IfNotPresent", + "Never" + ] + }, + "grpcPort": { + "type": "number", + "minimum": 1, + "maximum": 65535, + "default": 9090 + }, + "pendingRequestsInterceptor": { + "description": "The number of 'target requests' that the external scaler\n will report to KEDA for the interceptor's scaling metrics.\nSee the KEDA external scaler documentation: \n - https://keda.sh/docs/2.4/concepts/external-scalers/ for details on target requests", + "default": 200, + "type": "number" + }, + "streamInterval": { + "description": "Interval in ms for communicating IsActive to KEDA", + "default": 200, + "type": "number" + }, + "nodeSelector": { + "type": "object", + "required": [], + "properties": {} + }, + "tolerations": { + "type": "array", + "items": { + "type": "string" + } + }, + "affinity": { + "type": "object", + "required": [], + "properties": {} + }, + "resources": { + "$ref": "#/$defs/ResourcesType" + } + } + }, + "interceptor": { + "type": "object", + "required": [], + "properties": { + "imagePullSecrets": { + "type": "array", + "items": { + "type": "string" + } + }, + "pullPolicy": { + "description": "The image pull policy for the interceptor component", + "default": "Always", + "enum": [ + "Always", + "IfNotPresent", + "Never" + ] + }, + "admin": { + "type": "object", + "description": "configurable values for the interceptor's admin service.\n The admin service is a cluster-internal HTTP interface for triggering debugging behavior.", + "required": [], + "properties": { + "service": { + "type": "string" + }, + "port": { + "type": "number", + "minimum": 1, + "maximum": 65535, + "default": 9090 + } + } + }, + "proxy": { + "type": "object", + "description": "configurable values for the interceptor's proxy service.\n The proxy service is the publicly accessible HTTP interface\n that production requests go to", + "required": [], + "properties": { + "service": { + "type": "string" + }, + "port": { + "type": "number", + "minimum": 1, + "maximum": 65535, + "default": 8080 + } + } + }, + "replicas": { + "type": "object", + "required": [], + "properties": { + "min": { + "type": "number", + "description": "The minimum number of interceptor replicas that should ever be running", + "minimum": 0, + "default": 3 + }, + "max": { + "type": "number", + "description": "The maximum number of interceptor replicas that should ever be running", + "minimum": 0, + "default": 50 + }, + "waitTimeout": { + "type": "string", + "description": "The maximum time the interceptor should wait for an HTTP request to reach a backend before it is considered a failure", + "default": "20s" + } + } + }, + "scaledObject": { + "type": "object", + "required": [], + "properties": { + "pollingInterval": { + "type": "number", + "minimum": 0, + "default": 1 + } + } + }, + "tcpConnectTimeout": { + "description": "How long the interceptor waits to establish TCP connections with backends before failing a request.", + "type": "string", + "default": "500ms" + }, + "keepAlive": { + "description": "The interceptor's connection keep alive timeout", + "type": "string", + "default": "1s" + }, + "responseHeaderTimeout": { + "description": "ow long the interceptor will wait between forwarding a request to a backend\n and receiving response headers back before failing the request", + "type": "string", + "default": "500ms" + }, + "endpointsCachePollingIntervalMS": { + "description": "How often (in milliseconds) the interceptor does a full refresh of its endpoints cache.\nThe interceptor will also use Kubernetes events to stay up-to-date with the endpoints cache changes.\nThis duration is the maximum time it will take to see changes to the endpoints.", + "type": "number", + "minimum": 0, + "default": "250" + }, + "forceHTTP2": { + "description": "Whether or not the interceptor should force requests to use HTTP/2", + "type": "boolean", + "default": false + }, + "maxIdleConns": { + "description": "The maximum number of idle connections allowed in the interceptor's in-memory connection pool. Set to 0 to indicate no limit", + "type": "number", + "minimum": 0, + "default": "100" + }, + "idleConnTimeout": { + "description": "The timeout after which any idle connection is closed and removed from the interceptor's in-memory connection pool.", + "type": "string", + "default": "90s" + }, + "tlsHandshakeTimeout": { + "description": "The maximum amount of time the interceptor will wait for a TLS handshake. Set to zero to indicate no timeout.", + "type": "string", + "default": "10s" + }, + "expectContinueTimeout": { + "description": "Special handling for responses with 'Expect: 100-continue' response headers.\nsee https://pkg.go.dev/net/http#Transport under the 'ExpectContinueTimeout field for more details", + "type": "string", + "default": "1s" + }, + "nodeSelector": { + "type": "object", + "required": [], + "properties": {} + }, + "tolerations": { + "type": "array", + "items": { + "type": "string" + } + }, + "affinity": { + "type": "object", + "required": [], + "properties": {} + }, + "resources": { + "$ref": "#/$defs/ResourcesType" + }, + "tls": { + "type": "object", + "description": "configuration of tls for the interceptor", + "required": [], + "properties": { + "enabled": { + "description": "Whether a TLS server should be started on the interceptor proxy", + "type": "boolean", + "default": false + }, + "cert_path": { + "description": "Mount path of the certificate file to use with the interceptor proxy TLS server", + "type": "string" + }, + "key_path": { + "description": "Mount path of the certificate key file to use with the interceptor proxy TLS server", + "type": "string" + }, + "cert_secret": { + "description": "Name of the Kubernetes secret that contains the certificates to be used with the interceptor proxy TLS server", + "type": "string" + }, + "port": { + "description": "Port that the interceptor proxy TLS server should be started on", + "type": "number", + "minimum": 1, + "maximum": 65535, + "default": 8443 + } + } + } + } + }, + "images": { + "type": "object", + "required": [], + "properties": { + "tag": { + "description": "tag is the image tag to use for all images.\nfor example, if the operator image is 'myoperator' and\ntag is 'mytag', the operator image used will bed\n'myoperator:mytag'. 'latest' is used to indicate the latestd\nstable release in the official images, 'canary' isd\nthe build for the latest commit to the 'main' branch,d\nand you can target any other commit with 'sha-'d\n-- Image tag for the http add on. This tag is applied to the images listed in 'images.operator',d\n 'images.interceptor', and 'images.scaler'. d\nOptional, given app version of Helm chart is used by default", + "type": "string" + }, + "operator": { + "description": "Image name for the operator image component", + "type": "string", + "default": "ghcr.io/kedacore/http-add-on-operator" + }, + "interceptor": { + "description": "Image name for the interceptor image component", + "type": "string", + "default": "ghcr.io/kedacore/http-add-on-interceptor" + }, + "scaler": { + "description": "Image name for the scaler image component", + "type": "string", + "default": "ghcr.io/kedacore/http-add-on-scaler" + }, + "kubeRbacProxy": { + "description": "the kube-rbac-proxy image to use", + "type": "object", + "required": [], + "properties": { + "name": { + "type": "string", + "default": "gcr.io/kubebuilder/kube-rbac-proxy" + }, + "tag": { + "type": "string", + "default": "v0.13.0" + } + } + } + } + }, + "rbac": { + "type": "object", + "required": [], + "properties": { + "aggregateToDefaultRoles": { + "description": "Install aggregate roles for edit and view", + "default": false, + "type": "boolean" + } + } + }, + "securityContext": { + "type": "object", + "required": [], + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean", + "default": false + }, + "capabilities": { + "type": "object", + "required": [], + "properties": { + "drop": { + "type": "array", + "items": { + "type": "string", + "default": "ALL" + } + } + } + }, + "privileged": { + "type": "boolean", + "default": false + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "default": true + } + } + }, + "podSecurityContext": { + "type": "object", + "required": [], + "properties": { + "fsGroup": { + "type": "number" + }, + "supplementalGroups": { + "type": "array", + "items": { + "type": "number" + } + } + } + } + } + }, + "TimeEncodingType": { + "timeEncoding": { + "default": "rfc3339", + "description": "allowed values are:\n -'epoch',\n - 'millis',\n - 'nano',\n - 'iso8601',\n - 'rfc3339'\n - 'rfc3339nano'", + "enum": [ + "epoch", + "millis", + "nano", + "iso8601", + "rfc3339", + "rfc3339nano" + ] + } + }, + "LoggingLevelType": { + "default": "info", + "description": "allowed values are:\n -'debug',\n - 'info',\n - 'error',\n - or any integer greater than 0", + "anyOf": [ + { + "enum": [ + "debug", + "info", + "error" + ] + }, + { + "type": "integer", + "minimum": 0 + } + ] + }, + "LoggingOptions": { + "type": "object", + "properties": { + "level": { + "$ref": "#/$defs/LoggingLevelType" + }, + "format": { + "enum": [ + "console", + "json" + ], + "default": "console", + "description": "allowed values:\n - 'json'\n - 'console'" + }, + "timeEncoding": { + "$ref": "#/$defs/TimeEncodingType" + } + } + }, + "ResourcesType": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The CPU/memory resource limit for the operator component.\nHard limit, anything above will be OOMKilled (for memory).", + "properties": { + "cpu": { + "anyOf": [ + { + "type": "string", + "pattern": "^[1-9]([0-9]*)?m$" + }, + { + "type": "number", + "minimum": 0, + "maximum": 128 + } + ] + }, + "memory": { + "type": "string", + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$" + } + }, + "required": [ + "cpu", + "memory" + ] + }, + "requests": { + "type": "object", + "description": "The CPU/memory resource request for the operator component.\n This value is used by k8s scheduler to select a node.", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "cpu", + "memory" + ] + } + }, + "required": [ + "limits", + "requests" + ] + } + } +} diff --git a/keda/templates/manager/kedify-rbac.yaml b/keda/templates/manager/kedify-rbac.yaml new file mode 100644 index 00000000..93f22ec3 --- /dev/null +++ b/keda/templates/manager/kedify-rbac.yaml @@ -0,0 +1,64 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + {{- with .Values.additionalAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: "kedify-{{ .Values.operator.name }}-http-admin" + {{- include "keda.labels" . | indent 4 }} + name: kedify-{{ .Values.operator.name }}-http-admin +rules: +- apiGroups: ["http.keda.sh"] + resources: ["httpscaledobjects"] + verbs: ["create", "get", "list", "watch", "update", "patch", "delete"] +--- +{{- if not .Values.watchNamespace }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + {{- with .Values.additionalAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: kedify-{{ .Values.operator.name }}-http-admin + {{- include "keda.labels" . | indent 4 }} + name: "kedify-{{ .Values.operator.name }}-http-admin" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "kedify-{{ .Values.operator.name }}-http-admin" +subjects: +- kind: ServiceAccount + name: {{ (.Values.serviceAccount.operator).name | default .Values.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- else }} + {{- range ( split "," .Values.watchNamespace ) }} +# Role binding for namespace '{{ . }}' +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + {{- with $.Values.additionalAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: "kedify-{{ $.Values.operator.name }}-http-admin" + {{- include "keda.labels" $ | indent 4 }} + name: "kedify-{{ $.Values.operator.name }}-http-admin" + namespace: {{ . | trim }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "kedify-{{ $.Values.operator.name }}-http-admin" +subjects: +- kind: ServiceAccount + name: {{ ($.Values.serviceAccount.operator).name | default $.Values.serviceAccount.name }} + namespace: {{ $.Release.Namespace }} +--- + {{- end }} +{{- end }} +{{- end }} diff --git a/keda/values.schema.json b/keda/values.schema.json new file mode 100644 index 00000000..a3c0b93b --- /dev/null +++ b/keda/values.schema.json @@ -0,0 +1,1602 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "schema for values.yaml for KEDA helm chart", + "$ref": "#/definitions/Top-lvl", + "definitions": { + "Top-lvl": { + "properties": { + "global": { + "$ref": "#/definitions/Global" + }, + "image": { + "$ref": "#/definitions/Images" + }, + "clusterName": { + "type": "string" + }, + "clusterDomain": { + "type": "string" + }, + "crds": { + "$ref": "#/definitions/Crds" + }, + "watchNamespace": { + "$ref": "#/definitions/WatchNamespace" + }, + "imagePullSecrets": { + "$ref": "#/definitions/ImagePullSecrets" + }, + "networkPolicy": { + "$ref": "#/definitions/NetworkPolicy" + }, + "operator": { + "$ref": "#/definitions/Operator" + }, + "metricsServer": { + "$ref": "#/definitions/MetricsServer" + }, + "webhooks": { + "$ref": "#/definitions/Webhooks" + }, + "upgradeStrategy": { + "$ref": "#/definitions/UpgradeStrategy" + }, + "podDisruptionBudget": { + "$ref": "#/definitions/PodDisruptionBudget" + }, + "additionalLabels": { + "$ref": "#/definitions/AdditionalLabels" + }, + "podAnnotations": { + "$ref": "#/definitions/PodAnnotations" + }, + "podLabels": { + "$ref": "#/definitions/PodLabels" + }, + "rbac": { + "$ref": "#/definitions/Rbac" + }, + "serviceAccount": { + "$ref": "#/definitions/ServiceAccount" + }, + "podIdentity": { + "$ref": "#/definitions/PodIdentity" + }, + "grpcTLSCertsSecret": { + "type": "string" + }, + "hashiCorpVaultTLS": { + "type": "string" + }, + "logging": { + "$ref": "#/definitions/Logging" + }, + "securityContext": { + "$ref": "#/definitions/SecurityContext" + }, + "podSecurityContext": { + "$ref": "#/definitions/PodSecurityContext" + }, + "service": { + "$ref": "#/definitions/Service" + }, + "resources": { + "$ref": "#/definitions/Resources" + }, + "nodeSelector": { + "$ref": "#/definitions/NodeSelector" + }, + "tolerations": { + "$ref": "#/definitions/Tolerations" + }, + "topologySpreadConstraints": { + "$ref": "#/definitions/TopologySpreadConstraints" + }, + "affinity": { + "$ref": "#/definitions/Affinity" + }, + "priorityClassName": { + "type": "string" + }, + "http": { + "$ref": "#/definitions/Http" + }, + "profiling": { + "$ref": "#/definitions/Profiling" + }, + "extraArgs": { + "$ref": "#/definitions/ExtraArgs" + }, + "env": { + "$ref": "#/definitions/Env" + }, + "volumes": { + "$ref": "#/definitions/Volumes" + }, + "prometheus": { + "$ref": "#/definitions/Prometheus" + }, + "opentelemetry": { + "$ref": "#/definitions/Opentelemetry" + }, + "certificates": { + "$ref": "#/definitions/Certificates" + }, + "permissions": { + "$ref": "#/definitions/Permissions" + }, + "extraObjects": { + "$ref": "#/definitions/ExtraObjects" + }, + "asciiArt": { + "type": "boolean" + }, + "customManagedBy": { + "type": "string" + } + }, + "required": [ + "global", + "image", + "clusterName", + "clusterDomain", + "crds", + "watchNamespace", + "imagePullSecrets", + "networkPolicy", + "operator", + "metricsServer", + "webhooks", + "upgradeStrategy", + "podDisruptionBudget", + "additionalLabels", + "additionalAnnotations", + "podAnnotations", + "podLabels", + "rbac", + "serviceAccount", + "podIdentity", + "logging", + "securityContext", + "podSecurityContext", + "service", + "resources", + "nodeSelector", + "tolerations", + "topologySpreadConstraints", + "affinity", + "priorityClassName", + "http", + "profiling", + "extraArgs", + "env", + "volumes", + "prometheus", + "opentelemetry", + "certificates", + "permissions", + "extraObjects", + "asciiArt", + "customManagedBy" + ] + }, + "Global": { + "type": "object", + "properties": { + "image": { + "type": "object", + "properties": { + "registry": { + "type": ["string", "null"] + } + } + } + } + }, + "Images": { + "type": "object", + "properties": { + "keda": { + "$ref": "#/definitions/Image" + }, + "metricsApiServer": { + "$ref": "#/definitions/Image" + }, + "webhooks": { + "$ref": "#/definitions/Image" + }, + "pullPolicy": { + "enum": [ + "Always", + "IfNotPresent", + "Never" + ] + } + }, + "required": [ + "keda", + "metricsApiServer", + "webhooks", + "pullPolicy" + ] + }, + "Image": { + "type": "object", + "properties": { + "registry": { + "type": ["string", "null"] + }, + "repository": { + "type": "string", + "minLength": 1 + }, + "tag": { + "type": "string", + "minLength": 0 + } + }, + "required": [ + "repository", + "tag" + ] + }, + "Crds": { + "type": "object", + "properties": { + "install": { + "type": "boolean", + "default": true + }, + "additionalAnnotations": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "install", + "additionalAnnotations" + ] + }, + "WatchNamespace": { + "type": "string", + "description": "Either empty string denoting all the namespaces or comma separated list of k8s namespaces", + "examples": [ + "", + "keda", + "keda,default,kube-system" + ], + "anyOf": [ + { + "maxLength": 0 + }, + { + "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(,[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$" + } + ] + }, + "ImagePullSecrets": { + "type": "array", + "items": { + "type": "string" + } + }, + "NetworkPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "flavor": { + "type": "string" + }, + "cilium": { + "type": "object", + "properties": { + "operator": { + "type": "object", + "properties": { + "extraEgressRules": { + "type": "array", + "items": {} + } + }, + "required": [ + "extraEgressRules" + ] + } + }, + "required": [ + "operator" + ] + } + }, + "required": [ + "enabled", + "flavor", + "cilium" + ] + }, + "Probe": { + "type": "object", + "properties": { + "initialDelaySeconds": { + "type": "integer", + "minimum": 0 + }, + "periodSeconds": { + "type": "integer", + "minimum": 0 + }, + "timeoutSeconds": { + "type": "integer", + "minimum": 0 + }, + "failureThreshold": { + "type": "integer", + "minimum": 0 + }, + "successThreshold": { + "type": "integer", + "minimum": 0 + } + }, + "required": [ + "initialDelaySeconds", + "periodSeconds", + "timeoutSeconds", + "failureThreshold", + "successThreshold" + ] + }, + "Operator": { + "allOf": [{ "$ref": "#/definitions/Component" }], + "properties": { + "extraContainers": { + "type": "array", + "items": {} + }, + "extraInitContainers": { + "type": "array", + "items": {} + }, + "disableCompression": { + "type": "boolean", + "default": true + }, + "name": { + "type": "string", + "default": "keda-operator" + } + }, + "required": [ + "extraContainers", + "extraInitContainers", + "disableCompression", + "name" + ] + }, + "MetricsServer": { + "allOf": [{ "$ref": "#/definitions/Component" }], + "properties": { + "disableCompression": { + "type": "boolean", + "default": true + }, + "dnsPolicy": { + "enum": [ + "Default", + "ClusterFirst", + "ClusterFirstWithHostNet" + ] + }, + "useHostNetwork": { + "type": "boolean" + } + }, + "required": [ + "disableCompression", + "dnsPolicy", + "useHostNetwork" + ] + }, + "Webhooks": { + "allOf": [{ "$ref": "#/definitions/Component" }], + "properties": { + "useHostNetwork": { + "type": "boolean" + }, + "name": { + "type": "string", + "default": "keda-admission-webhooks" + } + }, + "required": [ + "useHostNetwork", + "name" + ] + }, + "Component": { + "type": "object", + "properties": { + "revisionHistoryLimit": { + "type": "integer" + }, + "replicaCount": { + "type": "integer", + "default": 1, + "minimum": 0 + }, + "affinity": { + "type": "object", + "properties": {}, + "required": [] + }, + "livenessProbe": { + "$ref": "#/definitions/Probe" + }, + "readinessProbe": { + "$ref": "#/definitions/Probe" + } + }, + "required": [ + "revisionHistoryLimit", + "replicaCount", + "affinity", + "livenessProbe", + "readinessProbe" + ] + }, + "UpgradeStrategyType": { + "type": "object", + "properties": { + "type": { + "enum": [ + "RollingUpdate", + "Recreate" + ] + }, + "rollingUpdate": { + "type": "object", + "properties": { + "maxSurge": { + "type": "integer", + "minimum": 0 + }, + "maxUnavailable": { + "type": "integer", + "minimum": 0 + } + } + } + }, + "required": [ + "type", + "rollingUpdate" + ] + }, + "UpgradeStrategy": { + "type": "object", + "upgradeStrategy": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/UpgradeStrategyType" + }, + "metricsApiServer": { + "$ref": "#/definitions/UpgradeStrategyType" + }, + "webhooks": { + "$ref": "#/definitions/UpgradeStrategyType" + } + }, + "required": [ + "operator", + "metricsApiServer", + "webhooks" + ] + } + }, + "PodDisruptionBudgetType": { + "type": "object", + "properties": { + "maxUnavailable": { + "type": ["integer", "null"], + "minimum": 0 + }, + "minAvailable": { + "type": ["integer", "null"], + "minimum": 0 + } + } + }, + "PodDisruptionBudget": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/PodDisruptionBudgetType" + }, + "metricServer": { + "$ref": "#/definitions/PodDisruptionBudgetType" + }, + "webhooks": { + "$ref": "#/definitions/PodDisruptionBudgetType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "AdditionalLabels": { + "type": "object", + "properties": {}, + "required": [] + }, + "AdditionalAnnotations": { + "type": "object", + "properties": {}, + "required": [] + }, + "PodAnnotations": { + "type": "object", + "properties": { + "keda": { + "type": "object", + "properties": {}, + "required": [] + }, + "metricsAdapter": { + "type": "object", + "properties": {}, + "required": [] + }, + "webhooks": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "keda", + "metricsAdapter", + "webhooks" + ] + }, + "PodLabels": { + "type": "object", + "properties": { + "keda": { + "type": "object", + "properties": {}, + "required": [] + }, + "metricsAdapter": { + "type": "object", + "properties": {}, + "required": [] + }, + "webhooks": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "keda", + "metricsAdapter", + "webhooks" + ] + }, + "Rbac": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "default": true + }, + "aggregateToDefaultRoles": { + "type": "boolean", + "default": false + }, + "enabledCustomScaledRefKinds": { + "type": "boolean", + "default": true + }, + "scaledRefKinds": { + "type": ["array", "null"], + "items": { + "type": "object", + "properties": { + "apiGroup": { + "type": "string", + "minLength": 1 + }, + "kind": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "apiGroup", + "kind" + ] + } + } + }, + "required": [ + "create", + "aggregateToDefaultRoles", + "enabledCustomScaledRefKinds" + ] + }, + "ServiceAccountType": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "default": true + }, + "name": { + "type": "string", + "minLength": 1 + }, + "automountServiceAccountToken": { + "type": "boolean", + "default": true + }, + "annotations": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "create", + "name", + "automountServiceAccountToken", + "annotations" + ] + }, + "ServiceAccount": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/ServiceAccountType" + }, + "metricServer": { + "$ref": "#/definitions/ServiceAccountType" + }, + "webhooks": { + "$ref": "#/definitions/ServiceAccountType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "PodIdentity": { + "type": "object", + "properties": { + "activeDirectory": { + "type": "object", + "properties": { + "identity": { + "type": "string" + } + } + }, + "azureWorkload": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "clientId": { + "type": "string" + }, + "tenantId": { + "type": "string" + }, + "tokenExpiration": { + "type": "integer", + "minimum": 0 + } + }, + "required": [ + "enabled", + "tokenExpiration" + ] + }, + "aws": { + "type": "object", + "properties": { + "irsa": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "audience": { + "type": "string", + "minLength": 1 + }, + "roleArn": { + "type": "string" + }, + "stsRegionalEndpoints": { + "type": "string" + }, + "tokenExpiration": { + "type": "integer" + } + }, + "required": [ + "enabled", + "audience", + "stsRegionalEndpoints", + "tokenExpiration" + ] + } + }, + "required": [ + "irsa" + ] + }, + "gcp": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "gcpIAMServiceAccount": { + "type": "string" + } + }, + "required": [ + "enabled" + ] + } + } + }, + "TimeEncodingType": { + "timeEncoding": { + "default": "rfc3339", + "enum": [ + "epoch", + "millis", + "nano", + "iso8601", + "rfc3339", + "rfc3339nano" + ] + } + }, + "LoggingLevelType": { + "default": "info", + "anyOf": [ + { + "enum": [ + "debug", + "info", + "error" + ] + }, + { + "type": "integer", + "minimum": 0 + } + ] + }, + "Logging": { + "type": "object", + "properties": { + "operator": { + "type": "object", + "properties": { + "level": { + "$ref": "#/definitions/LoggingLevelType" + }, + "format": { + "enum": [ + "console", + "json" + ], + "default": "console" + }, + "timeEncoding": { + "$ref": "#/definitions/TimeEncodingType" + }, + "stackTracesEnabled": { + "type": "boolean", + "default": false + } + }, + "required": [ + "level", + "format", + "timeEncoding", + "stackTracesEnabled" + ] + }, + "metricServer": { + "type": "object", + "properties": { + "level": { + "type": "integer", + "minimum": 0 + }, + "stderrthreshold": { + "enum": [ + "ERROR", + "DEBUG", + "WARN", + "ALERT", + "EMERG", + "INFO" + ], + "default": "ERROR" + } + }, + "required": [ + "level", + "stderrthreshold" + ] + }, + "webhooks": { + "type": "object", + "properties": { + "level": { + "$ref": "#/definitions/LoggingLevelType" + }, + "format": { + "enum": [ + "console", + "json" + ], + "default": "console" + }, + "timeEncoding": { + "$ref": "#/definitions/TimeEncodingType" + } + }, + "required": [ + "level", + "format", + "timeEncoding" + ] + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "SecurityContextType": { + "type": "object", + "properties": { + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "items": { + "type": "string", + "default": "ALL" + } + } + }, + "required": [ + "drop" + ] + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "default": false + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "default": true + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "default": "RuntimeDefault" + } + }, + "required": [ + "type" + ] + } + }, + "required": [ + "capabilities", + "allowPrivilegeEscalation", + "readOnlyRootFilesystem", + "seccompProfile" + ] + }, + "SecurityContext": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/SecurityContextType" + }, + "metricServer": { + "$ref": "#/definitions/SecurityContextType" + }, + "webhooks": { + "$ref": "#/definitions/SecurityContextType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "PodSecurityContextType": { + "type": "object", + "properties": { + "runAsNonRoot": { + "type": "boolean", + "default": true + }, + "runAsUser": { + "type": "integer", + "minimum": 0 + }, + "runAsGroup": { + "type": "integer", + "minimum": 0 + }, + "fsGroup": { + "type": "integer", + "minimum": 0 + } + }, + "required": [ + "runAsNonRoot" + ] + }, + "PodSecurityContext": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/PodSecurityContextType" + }, + "metricServer": { + "$ref": "#/definitions/PodSecurityContextType" + }, + "webhooks": { + "$ref": "#/definitions/PodSecurityContextType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "Service": { + "type": "object", + "properties": { + "type": { + "enum": [ + "ClusterIP", + "NodePort", + "LoadBalancer", + "ExternalName" + ], + "default": "ClusterIP" + }, + "portHttps": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "portHttpsTarget": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "annotations": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "type", + "portHttps", + "portHttpsTarget", + "annotations" + ] + }, + "Resources": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/ResourcesType" + }, + "metricServer": { + "$ref": "#/definitions/ResourcesType" + }, + "webhooks": { + "$ref": "#/definitions/ResourcesType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "ResourcesType": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "properties": { + "cpu": { + "anyOf": [ + { + "type": "string", + "pattern": "^[1-9]([0-9]*)?m$" + }, + { + "type": "number", + "minimum": 0, + "maximum": 128 + } + ] + }, + "memory": { + "type": "string", + "pattern": "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$" + } + }, + "required": [ + "cpu", + "memory" + ] + }, + "requests": { + "type": "object", + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string", + "minLength": 1 + } + }, + "required": [ + "cpu", + "memory" + ] + } + }, + "required": [ + "limits", + "requests" + ] + }, + "NodeSelector": { + "type": "object", + "properties": {}, + "required": [] + }, + "Tolerations": { + "type": "array", + "items": {} + }, + "TopologySpreadConstraints": { + "type": "object", + "properties": { + "operator": { + "type": "array", + "items": {} + }, + "metricsServer": { + "type": "array", + "items": {} + }, + "webhooks": { + "type": "array", + "items": {} + } + }, + "required": [ + "operator", + "metricsServer", + "webhooks" + ] + }, + "Affinity": { + "type": "object", + "properties": {}, + "required": [] + }, + "Http": { + "type": "object", + "properties": { + "timeout": { + "type": "integer", + "minimum": 0 + }, + "keepAlive": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": true + } + }, + "required": [ + "enabled" + ] + }, + "minTlsVersion": { + "type": "string", + "default": "TLS12", + "minLength": 1 + } + }, + "required": [ + "timeout", + "keepAlive", + "minTlsVersion" + ] + }, + "ProfilingType": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "port": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + } + }, + "required": [ + "enabled", + "port" + ] + }, + "Profiling": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/ProfilingType" + }, + "metricServer": { + "$ref": "#/definitions/ProfilingType" + }, + "webhooks": { + "$ref": "#/definitions/ProfilingType" + } + }, + "required": [ + "operator", + "metricsServer", + "webhooks" + ] + }, + "ExtraArgs": { + "type": "object", + "properties": { + "keda": { + "type": "object", + "properties": {}, + "required": [] + }, + "metricsAdapter": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "keda", + "metricsAdapter" + ] + }, + "Env": { + "type": "array", + "items": {} + }, + "VolumesType": { + "type": "object", + "properties": { + "extraVolumes": { + "type": "array", + "items": {} + }, + "extraVolumeMounts": { + "type": "array", + "items": {} + } + }, + "required": [ + "extraVolumes", + "extraVolumeMounts" + ] + }, + "Volumes": { + "type": "object", + "properties": { + "keda": { + "$ref": "#/definitions/VolumesType" + }, + "metricsApiServer": { + "$ref": "#/definitions/VolumesType" + }, + "webhooks": { + "$ref": "#/definitions/VolumesType" + } + }, + "required": [ + "keda", + "metricsApiServer", + "webhooks" + ] + }, + "PrometheusType": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "port": { + "type": "integer", + "default": 8080, + "minimum": 1, + "maximum": 65535 + }, + "portName": { + "type": "string" + }, + "serviceMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "jobLabel": { + "type": "string" + }, + "targetLabels": { + "type": "array", + "items": {} + }, + "podTargetLabels": { + "type": "array", + "items": {} + }, + "port": { + "type": "string" + }, + "targetPort": { + "type": "string" + }, + "interval": { + "type": "string" + }, + "scrapeTimeout": { + "type": "string" + }, + "relabellings": { + "type": "array", + "items": {} + }, + "relabelings": { + "type": "array", + "items": {} + }, + "metricRelabelings": { + "type": "array", + "items": {} + }, + "additionalLabels": { + "type": "object", + "properties": {}, + "required": [] + }, + "scheme": { + "type": "string", + "default": "http", + "minLength": 1 + }, + "tlsConfig": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "enabled", + "jobLabel", + "targetLabels", + "podTargetLabels", + "port", + "targetPort", + "interval", + "scrapeTimeout", + "relabellings", + "relabelings", + "metricRelabelings", + "additionalLabels", + "scheme", + "tlsConfig" + ] + }, + "podMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "interval": { + "type": "string" + }, + "scrapeTimeout": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "additionalLabels": { + "type": "object", + "properties": {}, + "required": [] + }, + "relabelings": { + "type": "array", + "items": {} + }, + "metricRelabelings": { + "type": "array", + "items": {} + } + }, + "required": [ + "enabled", + "interval", + "scrapeTimeout", + "namespace", + "additionalLabels", + "relabelings", + "metricRelabelings" + ] + } + }, + "required": [ + "enabled", + "port", + "serviceMonitor" + ] + }, + "Prometheus": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/definitions/PrometheusType" + }, + "metricServer": { + "$ref": "#/definitions/PrometheusType" + }, + "webhooks": { + "$ref": "#/definitions/PrometheusType" + } + }, + "required": [ + "operator", + "metricServer", + "webhooks" + ] + }, + "Opentelemetry": { + "type": "object", + "properties": { + "collector": { + "type": "object", + "properties": { + "uri": { + "type": "string" + } + }, + "required": [ + "uri" + ] + }, + "operator": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + } + }, + "required": [ + "enabled" + ] + } + }, + "required": [ + "collector", + "operator" + ] + }, + + "Certificates": { + "type": "object", + "properties": { + "autoGenerated": { + "type": "boolean", + "default": true + }, + "secretName": { + "type": "string", + "default": "kedaorg-certs", + "minLength": 1 + }, + "mountPath": { + "type": "string", + "default": "/certs", + "minLength": 1 + }, + "certManager": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false + }, + "duration": { + "type": "string", + "default": "8760h0m0s", + "minLength": 1 + }, + "renewBefore": { + "type": "string", + "default": "5840h0m0s", + "minLength": 1 + }, + "generateCA": { + "type": "boolean", + "default": true + }, + "caSecretName": { + "type": "string" + }, + "secretTemplate": { + "type": "object", + "properties": {}, + "required": [] + }, + "issuer": { + "type": "object", + "properties": { + "generate": { + "type": "boolean", + "default": true + }, + "name": { + "type": "string", + "default": "foo-org-ca", + "minLength": 1 + }, + "kind": { + "type": "string", + "default": "ClusterIssuer", + "minLength": 1 + }, + "group": { + "type": "string", + "default": "cert-manager.io", + "minLength": 1 + } + }, + "required": [ + "generate", + "name", + "kind", + "group" + ] + } + }, + "required": [ + "enabled", + "duration", + "renewBefore", + "generateCA", + "caSecretName", + "secretTemplate", + "issuer" + ] + } + }, + "required": [ + "autoGenerated", + "secretName", + "mountPath", + "certManager" + ] + }, + "Permissions": { + "type": "object", + "properties": { + "metricServer": { + "type": "object", + "properties": { + "restrict": { + "type": "object", + "properties": { + "secret": { + "type": "boolean", + "default": false + } + }, + "required": [ + "secret" + ] + } + }, + "required": [ + "restrict" + ] + }, + "operator": { + "type": "object", + "properties": { + "restrict": { + "type": "object", + "properties": { + "secret": { + "type": "boolean", + "default": false + }, + "namesAllowList": { + "type": "array", + "items": {} + } + }, + "required": [ + "secret", + "namesAllowList" + ] + } + }, + "required": [ + "restrict" + ] + } + }, + "required": [ + "metricServer", + "operator" + ] + }, + "ExtraObjects": { + "type": "array", + "items": {} + } + } +}