diff --git a/go.mod b/go.mod index e03445fe4..3c679b1c8 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/onsi/ginkgo/v2 v2.22.2 github.com/onsi/gomega v1.36.2 github.com/openshift/api v0.0.0-20240722135205-ae4f370f361f - github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.76.1 + github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.79.2 github.com/prometheus/common v0.55.0 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.10.0 @@ -26,7 +26,7 @@ require ( k8s.io/client-go v0.32.1 k8s.io/klog v1.0.0 k8s.io/kube-aggregator v0.32.1 - k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 + k8s.io/utils v0.0.0-20241210054802-24370beab758 sigs.k8s.io/controller-runtime v0.20.1 sigs.k8s.io/yaml v1.4.0 ) @@ -173,8 +173,8 @@ require ( k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect lukechampine.com/uint128 v1.2.0 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 // indirect - sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect ) replace github.com/prometheus/common v0.55.0 => github.com/netobserv/prometheus-common v0.55.0-netobserv diff --git a/go.sum b/go.sum index 2cb48d39c..c30300935 100644 --- a/go.sum +++ b/go.sum @@ -800,8 +800,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.76.1 h1:QU2cs0xxKYvF1JfibP/8vs+pFy6OvIpqNR2lYC4jYNU= -github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.76.1/go.mod h1:Rd8YnCqz+2FYsiGmE2DMlaLjQRB4v2jFNnzCt9YY4IM= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.79.2 h1:DGv150w4UyxnjNHlkCw85R3+lspOxegtdnbpP2vKRrk= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.79.2/go.mod h1:AVMP4QEW8xuGWnxaWSpI3kKjP9fDA31nO68zsyREJZA= github.com/prometheus/alertmanager v0.21.0/go.mod h1:h7tJ81NA0VLWvWEayi1QltevFkLF3KxmC/malTcT8Go= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= @@ -1540,8 +1540,8 @@ k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= -k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= +k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI= lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= @@ -1552,13 +1552,13 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 h1:CPT0ExVicCzcp sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.20.1 h1:JbGMAG/X94NeM3xvjenVUaBjy6Ui4Ogd/J5ZtjZnHaE= sigs.k8s.io/controller-runtime v0.20.1/go.mod h1:BrP3w158MwvB3ZbNpaAcIKkHQ7YGpYnzpoSTZ8E14WU= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/network-policy-api v0.1.5 h1:xyS7VAaM9EfyB428oFk7WjWaCK6B129i+ILUF4C8l6E= sigs.k8s.io/network-policy-api v0.1.5/go.mod h1:D7Nkr43VLNd7iYryemnj8qf0N/WjBzTZDxYA+g4u1/Y= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA= -sigs.k8s.io/structured-merge-diff/v4 v4.4.2/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= +sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk= +sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go index 5566305fa..f56bf57b3 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/alertmanager_types.go @@ -15,6 +15,7 @@ package v1 import ( + appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -152,6 +153,13 @@ type AlertmanagerSpec struct { // VolumeMounts specified will be appended to other VolumeMounts in the alertmanager container, // that are generated as a result of StorageSpec objects. VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` + // The field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + // The default behavior is all PVCs are retained. + // This is an alpha field from kubernetes 1.23 until 1.26 and a beta field from 1.26. + // It requires enabling the StatefulSetAutoDeletePVC feature gate. + // + // +optional + PersistentVolumeClaimRetentionPolicy *appsv1.StatefulSetPersistentVolumeClaimRetentionPolicy `json:"persistentVolumeClaimRetentionPolicy,omitempty"` // The external URL the Alertmanager instances will be available under. This is // necessary to generate correct URLs. This is necessary if Alertmanager is not // served from root of a DNS name. @@ -177,6 +185,14 @@ type AlertmanagerSpec struct { // SecurityContext holds pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` + // Defines the DNS policy for the pods. + // + // +optional + DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` + // Defines the DNS configuration for the pods. + // + // +optional + DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` // ServiceAccountName is the name of the ServiceAccount to use to run the // Prometheus Pods. ServiceAccountName string `json:"serviceAccountName,omitempty"` @@ -465,9 +481,9 @@ type HTTPConfig struct { // TLS configuration for the client. // +optional TLSConfig *SafeTLSConfig `json:"tlsConfig,omitempty"` - // Optional proxy URL. - // +optional - ProxyURL string `json:"proxyURL,omitempty"` + + ProxyConfig `json:",inline"` + // FollowRedirects specifies whether the client should follow HTTP 3xx redirects. // +optional FollowRedirects *bool `json:"followRedirects,omitempty"` diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go new file mode 100644 index 000000000..a4731458b --- /dev/null +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/dns_types.go @@ -0,0 +1,82 @@ +// Copyright 2024 The prometheus-operator Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package v1 + +// PodDNSConfig defines the DNS parameters of a pod in addition to +// those generated from DNSPolicy. +type PodDNSConfig struct { + // A list of DNS name server IP addresses. + // This will be appended to the base nameservers generated from DNSPolicy. + // +kubebuilder:validation:Optional + // +listType:=set + // +kubebuilder:validation:items:MinLength:=1 + Nameservers []string `json:"nameservers,omitempty"` + + // A list of DNS search domains for host-name lookup. + // This will be appended to the base search paths generated from DNSPolicy. + // +kubebuilder:validation:Optional + // +listType:=set + // +kubebuilder:validation:items:MinLength:=1 + Searches []string `json:"searches,omitempty"` + + // A list of DNS resolver options. + // This will be merged with the base options generated from DNSPolicy. + // Resolution options given in Options + // will override those that appear in the base DNSPolicy. + // +kubebuilder:validation:Optional + // +listType=map + // +listMapKey=name + Options []PodDNSConfigOption `json:"options,omitempty"` +} + +// PodDNSConfigOption defines DNS resolver options of a pod. +type PodDNSConfigOption struct { + // Name is required and must be unique. + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // Value is optional. + // +kubebuilder:validation:Optional + Value *string `json:"value,omitempty"` +} + +// DNSPolicy specifies the DNS policy for the pod. +// +kubebuilder:validation:Enum=ClusterFirstWithHostNet;ClusterFirst;Default;None +type DNSPolicy string + +const ( + // DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS + // first, if it is available, then fall back on the default + // (as determined by kubelet) DNS settings. + DNSClusterFirstWithHostNet DNSPolicy = "ClusterFirstWithHostNet" + + // DNSClusterFirst indicates that the pod should use cluster DNS + // first unless hostNetwork is true, if it is available, then + // fall back on the default (as determined by kubelet) DNS settings. + DNSClusterFirst DNSPolicy = "ClusterFirst" + + // DNSDefault indicates that the pod should use the default (as + // determined by kubelet) DNS settings. + DNSDefault DNSPolicy = "Default" + + // DNSNone indicates that the pod should use empty DNS settings. DNS + // parameters such as nameservers and search paths should be defined via + // DNSConfig. + DNSNone DNSPolicy = "None" +) + +const ( +// DefaultTerminationGracePeriodSeconds indicates the default duration in +// seconds a pod needs to terminate gracefully. +) diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go index 5a3ced2f9..aa316dfed 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/podmonitor_types.go @@ -78,6 +78,17 @@ type PodMonitorSpec struct { // Label selector to select the Kubernetes `Pod` objects to scrape metrics from. Selector metav1.LabelSelector `json:"selector"` + + // Mechanism used to select the endpoints to scrape. + // By default, the selection process relies on relabel configurations to filter the discovered targets. + // Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + // Which strategy is best for your use case needs to be carefully evaluated. + // + // It requires Prometheus >= v2.17.0. + // + // +optional + SelectorMechanism *SelectorMechanism `json:"selectorMechanism,omitempty"` + // `namespaceSelector` defines in which namespace(s) Prometheus should discover the pods. // By default, the pods are discovered in the same namespace as the `PodMonitor` object but it is possible to select pods across different/all namespaces. NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` @@ -105,6 +116,12 @@ type PodMonitorSpec struct { // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` + // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // + // It requires Prometheus >= v3.0.0. + // +optional + FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` + // Per-scrape limit on number of labels that will be accepted for a sample. // // It requires Prometheus >= v2.27.0. @@ -123,6 +140,9 @@ type PodMonitorSpec struct { // // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + + NativeHistogramConfig `json:",inline"` + // Per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // @@ -174,15 +194,22 @@ func (l *PodMonitorList) DeepCopyObject() runtime.Object { // // +k8s:openapi-gen=true type PodMetricsEndpoint struct { - // Name of the Pod port which this endpoint refers to. + // The `Pod` port name which exposes the endpoint. // - // It takes precedence over `targetPort`. - Port string `json:"port,omitempty"` + // It takes precedence over the `portNumber` and `targetPort` fields. + // +optional + Port *string `json:"port,omitempty"` + + // The `Pod` port number which exposes the endpoint. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=65535 + // +optional + PortNumber *int32 `json:"portNumber,omitempty"` // Name or number of the target port of the `Pod` object behind the Service, the // port must be specified with container port property. // - // Deprecated: use 'port' instead. + // Deprecated: use 'port' or 'portNumber' instead. TargetPort *intstr.IntOrString `json:"targetPort,omitempty"` // HTTP path from which to scrape for metrics. diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go index 203f72075..e549d32af 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/probe_types.go @@ -100,6 +100,11 @@ type ProbeSpec struct { // +listType=set // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` + // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // + // It requires Prometheus >= v3.0.0. + // +optional + FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` // Per-scrape limit on number of labels that will be accepted for a sample. // Only valid in Prometheus versions 2.27.0 and newer. // +optional @@ -112,6 +117,8 @@ type ProbeSpec struct { // Only valid in Prometheus versions 2.27.0 and newer. // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + + NativeHistogramConfig `json:",inline"` // Per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go index b3baf2482..9f9d37413 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheus_types.go @@ -38,9 +38,27 @@ const ( // * `OpenMetricsText1.0.0` // * `PrometheusProto` // * `PrometheusText0.0.4` -// +kubebuilder:validation:Enum=PrometheusProto;OpenMetricsText0.0.1;OpenMetricsText1.0.0;PrometheusText0.0.4 +// * `PrometheusText1.0.0` +// +kubebuilder:validation:Enum=PrometheusProto;OpenMetricsText0.0.1;OpenMetricsText1.0.0;PrometheusText0.0.4;PrometheusText1.0.0 type ScrapeProtocol string +const ( + PrometheusProto ScrapeProtocol = "PrometheusProto" + PrometheusText0_0_4 ScrapeProtocol = "PrometheusText0.0.4" + PrometheusText1_0_0 ScrapeProtocol = "PrometheusText1.0.0" + OpenMetricsText0_0_1 ScrapeProtocol = "OpenMetricsText0.0.1" + OpenMetricsText1_0_0 ScrapeProtocol = "OpenMetricsText1.0.0" +) + +// RuntimeConfig configures the values for the process behavior. +type RuntimeConfig struct { + // The Go garbage collection target percentage. Lowering this number may increase the CPU usage. + // See: https://tip.golang.org/doc/gc-guide#GOGC + // +optional + // +kubebuilder:validation:Minimum=-1 + GoGC *int32 `json:"goGC,omitempty"` +} + // PrometheusInterface is used by Prometheus and PrometheusAgent to share common methods, e.g. config generation. // +k8s:deepcopy-gen=false type PrometheusInterface interface { @@ -223,19 +241,30 @@ type CommonPrometheusFields struct { // Default: 1 // +optional Replicas *int32 `json:"replicas,omitempty"` - // Number of shards to distribute targets onto. `spec.replicas` - // multiplied by `spec.shards` is the total number of Pods created. + + // Number of shards to distribute scraped targets onto. // - // Note that scaling down shards will not reshard data onto remaining + // `spec.replicas` multiplied by `spec.shards` is the total number of Pods + // being created. + // + // When not defined, the operator assumes only one shard. + // + // Note that scaling down shards will not reshard data onto the remaining // instances, it must be manually moved. Increasing shards will not reshard // data either but it will continue to be available from the same // instances. To query globally, use Thanos sidecar and Thanos querier or // remote write data to a central location. + // Alerting and recording rules // - // Sharding is performed on the content of the `__address__` target meta-label - // for PodMonitors and ServiceMonitors and `__param_target__` for Probes. + // By default, the sharding is performed on: + // * The `__address__` target's metadata label for PodMonitor, + // ServiceMonitor and ScrapeConfig resources. + // * The `__param_target__` label for Probe resources. + // + // Users can define their own sharding implementation by setting the + // `__tmp_hash` label during the target discovery with relabeling + // configuration (either in the monitoring resources or via scrape class). // - // Default: 1 // +optional Shards *int32 `json:"shards,omitempty"` @@ -276,6 +305,8 @@ type CommonPrometheusFields struct { // // It requires Prometheus >= v2.49.0. // + // `PrometheusText1.0.0` requires Prometheus >= v3.0.0. + // // +listType=set // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` @@ -298,6 +329,24 @@ type CommonPrometheusFields struct { // It requires Prometheus >= v2.33.0. EnableRemoteWriteReceiver bool `json:"enableRemoteWriteReceiver,omitempty"` + // Enable Prometheus to be used as a receiver for the OTLP Metrics protocol. + // + // Note that the OTLP receiver endpoint is automatically enabled if `.spec.otlpConfig` is defined. + // + // It requires Prometheus >= v2.47.0. + // +optional + EnableOTLPReceiver *bool `json:"enableOTLPReceiver,omitempty"` + + // List of the protobuf message versions to accept when receiving the + // remote writes. + // + // It requires Prometheus >= v2.54.0. + // + // +kubebuilder:validation:MinItems=1 + // +listType:=set + // +optional + RemoteWriteReceiverMessageVersions []RemoteWriteMessageVersion `json:"remoteWriteReceiverMessageVersions,omitempty"` + // Enable access to Prometheus feature flags. By default, no features are enabled. // // Enabling features which are disabled by default is entirely outside the @@ -391,11 +440,25 @@ type CommonPrometheusFields struct { // +optional RemoteWrite []RemoteWriteSpec `json:"remoteWrite,omitempty"` + // Settings related to the OTLP receiver feature. + // It requires Prometheus >= v2.55.0. + // + // +optional + OTLP *OTLPConfig `json:"otlp,omitempty"` + // SecurityContext holds pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. // +optional SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` + // Defines the DNS policy for the pods. + // + // +optional + DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` + // Defines the DNS configuration for the pods. + // + // +optional + DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` // When true, the Prometheus server listens on the loopback address // instead of the Pod IP's address. ListenLocal bool `json:"listenLocal,omitempty"` @@ -622,6 +685,10 @@ type CommonPrometheusFields struct { // EnforcedBodySizeLimit ByteSize `json:"enforcedBodySizeLimit,omitempty"` + // Specifies the validation scheme for metric and label names. + // +optional + NameValidationScheme *NameValidationSchemeOptions `json:"nameValidationScheme,omitempty"` + // Minimum number of seconds for which a newly created Pod should be ready // without any of its container crashing for it to be considered available. // Defaults to 0 (pod will be considered available as soon as it is ready) @@ -677,7 +744,8 @@ type CommonPrometheusFields struct { // it (https://kubernetes.io/docs/concepts/configuration/overview/). // // When hostNetwork is enabled, this will set the DNS policy to - // `ClusterFirstWithHostNet` automatically. + // `ClusterFirstWithHostNet` automatically (unless `.spec.DNSPolicy` is set + // to a different value). HostNetwork bool `json:"hostNetwork,omitempty"` // PodTargetLabels are appended to the `spec.podTargetLabels` field of all @@ -781,8 +849,32 @@ type CommonPrometheusFields struct { // // +optional ServiceDiscoveryRole *ServiceDiscoveryRole `json:"serviceDiscoveryRole,omitempty"` + + // Defines the runtime reloadable configuration of the timeseries database(TSDB). + // It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. + // + // +optional + TSDB *TSDBSpec `json:"tsdb,omitempty"` + + // RuntimeConfig configures the values for the Prometheus process behavior + // +optional + Runtime *RuntimeConfig `json:"runtime,omitempty"` } +// Specifies the validation scheme for metric and label names. +// Supported values are: +// * `UTF8NameValidationScheme` for UTF-8 support. +// * `LegacyNameValidationScheme` for letters, numbers, colons, and underscores. +// +// Note that `LegacyNameValidationScheme` cannot be used along with the OpenTelemetry `NoUTF8EscapingWithSuffixes` translation strategy (if enabled). +// +kubebuilder:validation:Enum=UTF8;Legacy +type NameValidationSchemeOptions string + +const ( + UTF8NameValidationScheme NameValidationSchemeOptions = "UTF8" + LegacyNameValidationScheme NameValidationSchemeOptions = "Legacy" +) + // +kubebuilder:validation:Enum=HTTP;ProcessSignal type ReloadStrategyType string @@ -894,6 +986,8 @@ type PrometheusSpec struct { RetentionSize ByteSize `json:"retentionSize,omitempty"` // When true, the Prometheus compaction is disabled. + // When `spec.thanos.objectStorageConfig` or `spec.objectStorageConfigFile` are defined, the operator automatically + // disables block compaction to avoid race conditions during block uploads (as the Thanos documentation recommends). DisableCompaction bool `json:"disableCompaction,omitempty"` // Defines the configuration of the Prometheus rules' engine. @@ -993,6 +1087,11 @@ type PrometheusSpec struct { // +kubebuilder:default:="30s" EvaluationInterval Duration `json:"evaluationInterval,omitempty"` + // Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + // It requires Prometheus >= v2.53.0. + // +optional + RuleQueryOffset *Duration `json:"ruleQueryOffset,omitempty"` + // Enables access to the Prometheus web admin API. // // WARNING: Enabling the admin APIs enables mutating endpoints, to delete data, @@ -1003,10 +1102,6 @@ type PrometheusSpec struct { // For more information: // https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis EnableAdminAPI bool `json:"enableAdminAPI,omitempty"` - - // Defines the runtime reloadable configuration of the timeseries database - // (TSDB). - TSDB TSDBSpec `json:"tsdb,omitempty"` } type PrometheusTracingConfig struct { @@ -1303,6 +1398,8 @@ type ThanosSpec struct { // +k8s:openapi-gen=true type RemoteWriteSpec struct { // The URL of the endpoint to send samples to. + // +kubebuilder:validation:MinLength=1 + // +required URL string `json:"url"` // The name of the remote write queue, it must be unique if specified. The @@ -1310,10 +1407,27 @@ type RemoteWriteSpec struct { // // It requires Prometheus >= v2.15.0. // - Name string `json:"name,omitempty"` + //+optional + Name *string `json:"name,omitempty"` + + // The Remote Write message's version to use when writing to the endpoint. + // + // `Version1.0` corresponds to the `prometheus.WriteRequest` protobuf message introduced in Remote Write 1.0. + // `Version2.0` corresponds to the `io.prometheus.write.v2.Request` protobuf message introduced in Remote Write 2.0. + // + // When `Version2.0` is selected, Prometheus will automatically be + // configured to append the metadata of scraped metrics to the WAL. + // + // Before setting this field, consult with your remote storage provider + // what message version it supports. + // + // It requires Prometheus >= v2.54.0. + // + // +optional + MessageVersion *RemoteWriteMessageVersion `json:"messageVersion,omitempty"` // Enables sending of exemplars over remote write. Note that - // exemplar-storage itself must be enabled using the `spec.enableFeature` + // exemplar-storage itself must be enabled using the `spec.enableFeatures` // option for exemplars to be scraped in the first place. // // It requires Prometheus >= v2.27.0. @@ -1330,7 +1444,8 @@ type RemoteWriteSpec struct { SendNativeHistograms *bool `json:"sendNativeHistograms,omitempty"` // Timeout for requests to the remote write endpoint. - RemoteTimeout Duration `json:"remoteTimeout,omitempty"` + // +optional + RemoteTimeout *Duration `json:"remoteTimeout,omitempty"` // Custom HTTP headers to be sent along with each remote write request. // Be aware that headers that are set by Prometheus itself can't be overwritten. @@ -1351,16 +1466,19 @@ type RemoteWriteSpec struct { // Cannot be set at the same time as `sigv4`, `authorization`, `basicAuth`, or `azureAd`. // +optional OAuth2 *OAuth2 `json:"oauth2,omitempty"` + // BasicAuth configuration for the URL. // // Cannot be set at the same time as `sigv4`, `authorization`, `oauth2`, or `azureAd`. // // +optional BasicAuth *BasicAuth `json:"basicAuth,omitempty"` + // File from which to read bearer token for the URL. // // Deprecated: this will be removed in a future release. Prefer using `authorization`. BearerTokenFile string `json:"bearerTokenFile,omitempty"` + // Authorization section for the URL. // // It requires Prometheus >= v2.26.0. @@ -1369,6 +1487,7 @@ type RemoteWriteSpec struct { // // +optional Authorization *Authorization `json:"authorization,omitempty"` + // Sigv4 allows to configures AWS's Signature Verification 4 for the URL. // // It requires Prometheus >= v2.26.0. @@ -1421,6 +1540,16 @@ type RemoteWriteSpec struct { EnableHttp2 *bool `json:"enableHTTP2,omitempty"` } +// +kubebuilder:validation:Enum=V1.0;V2.0 +type RemoteWriteMessageVersion string + +const ( + // Remote Write message's version 1.0. + RemoteWriteMessageVersion1_0 = RemoteWriteMessageVersion("V1.0") + // Remote Write message's version 2.0. + RemoteWriteMessageVersion2_0 = RemoteWriteMessageVersion("V2.0") +) + // QueueConfig allows the tuning of remote write's queue_config parameters. // This object is referenced in the RemoteWriteSpec object. // +k8s:openapi-gen=true @@ -1558,7 +1687,8 @@ type RemoteReadSpec struct { RequiredMatchers map[string]string `json:"requiredMatchers,omitempty"` // Timeout for requests to the remote read endpoint. - RemoteTimeout Duration `json:"remoteTimeout,omitempty"` + // +optional + RemoteTimeout *Duration `json:"remoteTimeout,omitempty"` // Custom HTTP headers to be sent along with each remote read request. // Be aware that headers that are set by Prometheus itself can't be overwritten. @@ -1724,6 +1854,14 @@ type APIServerConfig struct { BearerToken string `json:"bearerToken,omitempty"` } +// +kubebuilder:validation:Enum=v1;V1;v2;V2 +type AlertmanagerAPIVersion string + +const ( + AlertmanagerAPIVersion1 = AlertmanagerAPIVersion("V1") + AlertmanagerAPIVersion2 = AlertmanagerAPIVersion("V2") +) + // AlertmanagerEndpoints defines a selection of a single Endpoints object // containing Alertmanager IPs to fire alerts against. // +k8s:openapi-gen=true @@ -1787,9 +1925,15 @@ type AlertmanagerEndpoints struct { // +optional Sigv4 *Sigv4 `json:"sigv4,omitempty"` + // ProxyConfig + ProxyConfig `json:",inline"` + // Version of the Alertmanager API that Prometheus uses to send alerts. - // It can be "v1" or "v2". - APIVersion string `json:"apiVersion,omitempty"` + // It can be "V1" or "V2". + // The field has no effect for Prometheus >= v3.0.0 because only the v2 API is supported. + // + // +optional + APIVersion *AlertmanagerAPIVersion `json:"apiVersion,omitempty"` // Timeout is a per-target Alertmanager timeout when pushing alerts. // @@ -1875,8 +2019,9 @@ type TSDBSpec struct { // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. // - // It requires Prometheus >= v2.39.0. - OutOfOrderTimeWindow Duration `json:"outOfOrderTimeWindow,omitempty"` + // It requires Prometheus >= v2.39.0 or PrometheusAgent >= v2.54.0. + // +optional + OutOfOrderTimeWindow *Duration `json:"outOfOrderTimeWindow,omitempty"` } type Exemplars struct { @@ -1935,6 +2080,10 @@ type Authorization struct { // Validate semantically validates the given Authorization section. func (c *Authorization) Validate() error { + if c == nil { + return nil + } + if c.Credentials != nil && c.CredentialsFile != "" { return &AuthorizationValidationError{"Authorization can not specify both Credentials and CredentialsFile"} } @@ -1981,6 +2130,11 @@ type ScrapeClass struct { // +optional TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` + // Authorization section for the ScrapeClass. + // It will only apply if the scrape resource doesn't specify any Authorization. + // +optional + Authorization *Authorization `json:"authorization,omitempty"` + // Relabelings configures the relabeling rules to apply to all scrape targets. // // The Operator automatically adds relabelings for a few standard Kubernetes fields @@ -2011,3 +2165,35 @@ type ScrapeClass struct { // +optional AttachMetadata *AttachMetadata `json:"attachMetadata,omitempty"` } + +// TranslationStrategyOption represents a translation strategy option for the OTLP endpoint. +// Supported values are: +// * `NoUTF8EscapingWithSuffixes` +// * `UnderscoreEscapingWithSuffixes` +// +kubebuilder:validation:Enum=NoUTF8EscapingWithSuffixes;UnderscoreEscapingWithSuffixes +type TranslationStrategyOption string + +const ( + NoUTF8EscapingWithSuffixes TranslationStrategyOption = "NoUTF8EscapingWithSuffixes" + UnderscoreEscapingWithSuffixes TranslationStrategyOption = "UnderscoreEscapingWithSuffixes" +) + +// OTLPConfig is the configuration for writing to the OTLP endpoint. +// +// +k8s:openapi-gen=true +type OTLPConfig struct { + // List of OpenTelemetry Attributes that should be promoted to metric labels, defaults to none. + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:items:MinLength=1 + // +listType=set + // +optional + PromoteResourceAttributes []string `json:"promoteResourceAttributes,omitempty"` + + // Configures how the OTLP receiver endpoint translates the incoming metrics. + // If unset, Prometheus uses its default value. + // + // It requires Prometheus >= v3.0.0. + // +optional + TranslationStrategy *TranslationStrategyOption `json:"translationStrategy,omitempty"` +} diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go index f0a1cf4b1..229daa9a0 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/prometheusrule_types.go @@ -63,9 +63,22 @@ type RuleGroup struct { // Name of the rule group. // +kubebuilder:validation:MinLength=1 Name string `json:"name"` + // Labels to add or overwrite before storing the result for its rules. + // The labels defined at the rule level take precedence. + // + // It requires Prometheus >= 3.0.0. + // The field is ignored for Thanos Ruler. + // +optional + Labels map[string]string `json:"labels,omitempty"` // Interval determines how often rules in the group are evaluated. // +optional Interval *Duration `json:"interval,omitempty"` + // Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. + // + // It requires Prometheus >= v2.53.0. + // It is not supported for ThanosRuler. + // +optional + QueryOffset *Duration `json:"query_offset,omitempty"` // List of alerting and recording rules. // +optional Rules []Rule `json:"rules,omitempty"` diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go index 2b977a33e..558dfc359 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/servicemonitor_types.go @@ -83,6 +83,17 @@ type ServiceMonitorSpec struct { // Label selector to select the Kubernetes `Endpoints` objects to scrape metrics from. Selector metav1.LabelSelector `json:"selector"` + + // Mechanism used to select the endpoints to scrape. + // By default, the selection process relies on relabel configurations to filter the discovered targets. + // Alternatively, you can opt in for role selectors, which may offer better efficiency in large clusters. + // Which strategy is best for your use case needs to be carefully evaluated. + // + // It requires Prometheus >= v2.17.0. + // + // +optional + SelectorMechanism *SelectorMechanism `json:"selectorMechanism,omitempty"` + // `namespaceSelector` defines in which namespace(s) Prometheus should discover the services. // By default, the services are discovered in the same namespace as the `ServiceMonitor` object but it is possible to select pods across different/all namespaces. NamespaceSelector NamespaceSelector `json:"namespaceSelector,omitempty"` @@ -104,6 +115,12 @@ type ServiceMonitorSpec struct { // +optional ScrapeProtocols []ScrapeProtocol `json:"scrapeProtocols,omitempty"` + // The protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type. + // + // It requires Prometheus >= v3.0.0. + // +optional + FallbackScrapeProtocol *ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"` + // `targetLimit` defines a limit on the number of scraped targets that will // be accepted. // @@ -128,6 +145,9 @@ type ServiceMonitorSpec struct { // // +optional LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"` + + NativeHistogramConfig `json:",inline"` + // Per-scrape limit on the number of targets dropped by relabeling // that will be kept in memory. 0 means no limit. // diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go index 14908da1a..ebea3cd73 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/thanos_types.go @@ -71,7 +71,9 @@ type ThanosRulerList struct { // +k8s:openapi-gen=true type ThanosRulerSpec struct { // Version of Thanos to be deployed. - Version string `json:"version,omitempty"` + // +optional + Version *string `json:"version,omitempty"` + // PodMetadata configures labels and annotations which are propagated to the ThanosRuler pods. // // The following items are reserved and cannot be overridden: @@ -80,7 +82,9 @@ type ThanosRulerSpec struct { // * "app.kubernetes.io/instance" label, set to the name of the ThanosRuler instance. // * "thanos-ruler" label, set to the name of the ThanosRuler instance. // * "kubectl.kubernetes.io/default-container" annotation, set to "thanos-ruler". + // +optional PodMetadata *EmbeddedObjectMetadata `json:"podMetadata,omitempty"` + // Thanos container image URL. Image string `json:"image,omitempty"` // Image pull policy for the 'thanos', 'init-config-reloader' and 'config-reloader' containers. @@ -90,71 +94,149 @@ type ThanosRulerSpec struct { // An optional list of references to secrets in the same namespace // to use for pulling thanos images from registries // see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + // +optional ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + // When a ThanosRuler deployment is paused, no actions except for deletion // will be performed on the underlying objects. Paused bool `json:"paused,omitempty"` + // Number of thanos ruler instances to deploy. + // +optional Replicas *int32 `json:"replicas,omitempty"` + // Define which Nodes the Pods are scheduled on. + // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // Resources defines the resource requirements for single Pods. // If not provided, no requests/limits will be set Resources v1.ResourceRequirements `json:"resources,omitempty"` + // If specified, the pod's scheduling constraints. + // +optional Affinity *v1.Affinity `json:"affinity,omitempty"` // If specified, the pod's tolerations. + // +optional Tolerations []v1.Toleration `json:"tolerations,omitempty"` // If specified, the pod's topology spread constraints. + // +optional TopologySpreadConstraints []v1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + // SecurityContext holds pod-level security attributes and common container settings. // This defaults to the default PodSecurityContext. + // +optional SecurityContext *v1.PodSecurityContext `json:"securityContext,omitempty"` + + // Defines the DNS policy for the pods. + // + // +optional + DNSPolicy *DNSPolicy `json:"dnsPolicy,omitempty"` + // Defines the DNS configuration for the pods. + // + // +optional + DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty"` + // Priority class assigned to the Pods PriorityClassName string `json:"priorityClassName,omitempty"` + // ServiceAccountName is the name of the ServiceAccount to use to run the // Thanos Ruler Pods. ServiceAccountName string `json:"serviceAccountName,omitempty"` + // Storage spec to specify how storage shall be used. + // +optional Storage *StorageSpec `json:"storage,omitempty"` // Volumes allows configuration of additional volumes on the output StatefulSet definition. Volumes specified will // be appended to other volumes that are generated as a result of StorageSpec objects. + // +optional Volumes []v1.Volume `json:"volumes,omitempty"` // VolumeMounts allows configuration of additional VolumeMounts on the output StatefulSet definition. // VolumeMounts specified will be appended to other VolumeMounts in the ruler container, // that are generated as a result of StorageSpec objects. + // +optional VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"` - // ObjectStorageConfig configures object storage in Thanos. - // Alternative to ObjectStorageConfigFile, and lower order priority. + + // Configures object storage. + // + // The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + // + // The operator performs no validation of the configuration. + // + // `objectStorageConfigFile` takes precedence over this field. + // + // +optional ObjectStorageConfig *v1.SecretKeySelector `json:"objectStorageConfig,omitempty"` - // ObjectStorageConfigFile specifies the path of the object storage configuration file. - // When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence. + // Configures the path of the object storage configuration file. + // + // The configuration format is defined at https://thanos.io/tip/thanos/storage.md/#configuring-access-to-object-storage + // + // The operator performs no validation of the configuration file. + // + // This field takes precedence over `objectStorageConfig`. + // + // +optional ObjectStorageConfigFile *string `json:"objectStorageConfigFile,omitempty"` + // ListenLocal makes the Thanos ruler listen on loopback, so that it // does not bind against the Pod IP. ListenLocal bool `json:"listenLocal,omitempty"` - // QueryEndpoints defines Thanos querier endpoints from which to query metrics. - // Maps to the --query flag of thanos ruler. + + // Configures the list of Thanos Query endpoints from which to query metrics. + // + // For Thanos >= v0.11.0, it is recommended to use `queryConfig` instead. + // + // `queryConfig` takes precedence over this field. + // + // +optional QueryEndpoints []string `json:"queryEndpoints,omitempty"` - // Define configuration for connecting to thanos query instances. - // If this is defined, the QueryEndpoints field will be ignored. - // Maps to the `query.config` CLI argument. - // Only available with thanos v0.11.0 and higher. + + // Configures the list of Thanos Query endpoints from which to query metrics. + // + // The configuration format is defined at https://thanos.io/tip/components/rule.md/#query-api + // + // It requires Thanos >= v0.11.0. + // + // The operator performs no validation of the configuration. + // + // This field takes precedence over `queryEndpoints`. + // + // +optional QueryConfig *v1.SecretKeySelector `json:"queryConfig,omitempty"` - // Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, - // AlertManagersConfig should be used instead. Note: this field will be ignored - // if AlertManagersConfig is specified. - // Maps to the `alertmanagers.url` arg. + + // Configures the list of Alertmanager endpoints to send alerts to. + // + // For Thanos >= v0.10.0, it is recommended to use `alertmanagersConfig` instead. + // + // `alertmanagersConfig` takes precedence over this field. + // + // +optional AlertManagersURL []string `json:"alertmanagersUrl,omitempty"` - // Define configuration for connecting to alertmanager. Only available with thanos v0.10.0 - // and higher. Maps to the `alertmanagers.config` arg. + // Configures the list of Alertmanager endpoints to send alerts to. + // + // The configuration format is defined at https://thanos.io/tip/components/rule.md/#alertmanager. + // + // It requires Thanos >= v0.10.0. + // + // The operator performs no validation of the configuration. + // + // This field takes precedence over `alertmanagersUrl`. + // + // +optional AlertManagersConfig *v1.SecretKeySelector `json:"alertmanagersConfig,omitempty"` - // A label selector to select which PrometheusRules to mount for alerting and - // recording. + + // PrometheusRule objects to be selected for rule evaluation. An empty + // label selector matches all objects. A null label selector matches no + // objects. + // + // +optional RuleSelector *metav1.LabelSelector `json:"ruleSelector,omitempty"` // Namespaces to be selected for Rules discovery. If unspecified, only // the same namespace as the ThanosRuler object is in is used. + // + // +optional RuleNamespaceSelector *metav1.LabelSelector `json:"ruleNamespaceSelector,omitempty"` + // EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert // and metric that is user created. The label value will always be the namespace of the object that is // being created. @@ -162,29 +244,36 @@ type ThanosRulerSpec struct { // List of references to PrometheusRule objects // to be excluded from enforcing a namespace label of origin. // Applies only if enforcedNamespaceLabel set to true. + // +optional ExcludedFromEnforcement []ObjectReference `json:"excludedFromEnforcement,omitempty"` // PrometheusRulesExcludedFromEnforce - list of Prometheus rules to be excluded from enforcing // of adding namespace labels. Works only if enforcedNamespaceLabel set to true. // Make sure both ruleNamespace and ruleName are set for each pair // Deprecated: use excludedFromEnforcement instead. + // +optional PrometheusRulesExcludedFromEnforce []PrometheusRuleExcludeConfig `json:"prometheusRulesExcludedFromEnforce,omitempty"` + // Log level for ThanosRuler to be configured with. // +kubebuilder:validation:Enum="";debug;info;warn;error LogLevel string `json:"logLevel,omitempty"` // Log format for ThanosRuler to be configured with. // +kubebuilder:validation:Enum="";logfmt;json LogFormat string `json:"logFormat,omitempty"` + // Port name used for the pods and governing service. // Defaults to `web`. // +kubebuilder:default:="web" PortName string `json:"portName,omitempty"` + // Interval between consecutive evaluations. // +kubebuilder:default:="15s" EvaluationInterval Duration `json:"evaluationInterval,omitempty"` + // Time duration ThanosRuler shall retain data for. Default is '24h', // and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes hours days weeks years). // +kubebuilder:default:="24h" Retention Duration `json:"retention,omitempty"` + // Containers allows injecting additional containers or modifying operator generated // containers. This can be used to allow adding an authentication proxy to a ThanosRuler pod or // to change the behavior of an operator generated container. Containers described here modify @@ -192,6 +281,7 @@ type ThanosRulerSpec struct { // strategic merge patch. The current container names are: `thanos-ruler` and `config-reloader`. // Overriding containers is entirely outside the scope of what the maintainers will support and by doing // so, you accept that this behaviour may break at any time without notice. + // +optional Containers []v1.Container `json:"containers,omitempty"` // InitContainers allows adding initContainers to the pod definition. Those can be used to e.g. // fetch secrets for injection into the ThanosRuler configuration from external sources. Any @@ -200,64 +290,108 @@ type ThanosRulerSpec struct { // Using initContainers for any use case other then secret fetching is entirely outside the scope // of what the maintainers will support and by doing so, you accept that this behaviour may break // at any time without notice. + // +optional InitContainers []v1.Container `json:"initContainers,omitempty"` - // TracingConfig configures tracing in Thanos. + + // Configures tracing. // - // `tracingConfigFile` takes precedence over this field. + // The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. // + // The operator performs no validation of the configuration. + // + // `tracingConfigFile` takes precedence over this field. + // //+optional TracingConfig *v1.SecretKeySelector `json:"tracingConfig,omitempty"` - // TracingConfig specifies the path of the tracing configuration file. + // Configures the path of the tracing configuration file. // - // This field takes precedence over `tracingConfig`. + // The configuration format is defined at https://thanos.io/tip/thanos/tracing.md/#configuration // // This is an *experimental feature*, it may change in any upcoming release // in a breaking way. // + // The operator performs no validation of the configuration file. + // + // This field takes precedence over `tracingConfig`. + // //+optional TracingConfigFile string `json:"tracingConfigFile,omitempty"` - // Labels configure the external label pairs to ThanosRuler. A default replica label - // `thanos_ruler_replica` will be always added as a label with the value of the pod's name and it will be dropped in the alerts. + + // Configures the external label pairs of the ThanosRuler resource. + // + // A default replica label `thanos_ruler_replica` will be always added as a + // label with the value of the pod's name. + // + // +optional Labels map[string]string `json:"labels,omitempty"` - // AlertDropLabels configure the label names which should be dropped in ThanosRuler alerts. - // The replica label `thanos_ruler_replica` will always be dropped in alerts. + + // Configures the label names which should be dropped in Thanos Ruler + // alerts. + // + // The replica label `thanos_ruler_replica` will always be dropped from the alerts. + // + // +optional AlertDropLabels []string `json:"alertDropLabels,omitempty"` + // The external URL the Thanos Ruler instances will be available under. This is // necessary to generate correct URLs. This is necessary if Thanos Ruler is not // served from root of a DNS name. ExternalPrefix string `json:"externalPrefix,omitempty"` // The route prefix ThanosRuler registers HTTP handlers for. This allows thanos UI to be served on a sub-path. RoutePrefix string `json:"routePrefix,omitempty"` + // GRPCServerTLSConfig configures the gRPC server from which Thanos Querier reads // recorded rule data. // Note: Currently only the CAFile, CertFile, and KeyFile fields are supported. // Maps to the '--grpc-server-tls-*' CLI args. + // +optional GRPCServerTLSConfig *TLSConfig `json:"grpcServerTlsConfig,omitempty"` + // The external Query URL the Thanos Ruler will set in the 'Source' field // of all alerts. // Maps to the '--alert.query-url' CLI arg. AlertQueryURL string `json:"alertQueryUrl,omitempty"` + // Minimum number of seconds for which a newly created pod should be ready // without any of its container crashing for it to be considered available. // Defaults to 0 (pod will be considered available as soon as it is ready) // This is an alpha field from kubernetes 1.22 until 1.24 which requires enabling the StatefulSetMinReadySeconds feature gate. // +optional MinReadySeconds *uint32 `json:"minReadySeconds,omitempty"` - // AlertRelabelConfigs configures alert relabeling in ThanosRuler. - // Alert relabel configurations must have the form as specified in the official Prometheus documentation: + + // Configures alert relabeling in Thanos Ruler. + // + // Alert relabel configuration must have the form as specified in the + // official Prometheus documentation: // https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs - // Alternative to AlertRelabelConfigFile, and lower order priority. + // + // The operator performs no validation of the configuration. + // + // `alertRelabelConfigFile` takes precedence over this field. + // + // +optional AlertRelabelConfigs *v1.SecretKeySelector `json:"alertRelabelConfigs,omitempty"` - // AlertRelabelConfigFile specifies the path of the alert relabeling configuration file. - // When used alongside with AlertRelabelConfigs, alertRelabelConfigFile takes precedence. + // Configures the path to the alert relabeling configuration file. + // + // Alert relabel configuration must have the form as specified in the + // official Prometheus documentation: + // https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs + // + // The operator performs no validation of the configuration file. + // + // This field takes precedence over `alertRelabelConfig`. + // + // +optional AlertRelabelConfigFile *string `json:"alertRelabelConfigFile,omitempty"` + // Pods' hostAliases configuration // +listType=map // +listMapKey=ip HostAliases []HostAlias `json:"hostAliases,omitempty"` + // AdditionalArgs allows setting additional arguments for the ThanosRuler container. // It is intended for e.g. activating hidden flags which are not supported by // the dedicated configuration options yet. The arguments are passed as-is to the @@ -266,8 +400,11 @@ type ThanosRulerSpec struct { // In case of an argument conflict (e.g. an argument which is already set by the // operator itself) or when providing an invalid argument the reconciliation will // fail and an error will be logged. + // +optional AdditionalArgs []Argument `json:"additionalArgs,omitempty"` + // Defines the configuration of the ThanosRuler web server. + // +optional Web *ThanosRulerWebSpec `json:"web,omitempty"` } @@ -296,7 +433,7 @@ type ThanosRulerStatus struct { AvailableReplicas int32 `json:"availableReplicas"` // Total number of unavailable pods targeted by this ThanosRuler deployment. UnavailableReplicas int32 `json:"unavailableReplicas"` - // The current state of the Alertmanager object. + // The current state of the ThanosRuler object. // +listType=map // +listMapKey=type // +optional diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go index 21229f248..7483e8d24 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/types.go @@ -17,9 +17,11 @@ package v1 import ( "errors" "fmt" + "reflect" "strings" v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" @@ -80,7 +82,6 @@ type PrometheusRuleExcludeConfig struct { type ProxyConfig struct { // `proxyURL` defines the HTTP proxy server to use. // - // It requires Prometheus >= v2.43.0. // +kubebuilder:validation:Pattern:="^http(s)?://.+$" // +optional ProxyURL *string `json:"proxyUrl,omitempty"` @@ -88,24 +89,67 @@ type ProxyConfig struct { // that should be excluded from proxying. IP and domain names can // contain port numbers. // - // It requires Prometheus >= v2.43.0. + // It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. // +optional NoProxy *string `json:"noProxy,omitempty"` // Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). - // If unset, Prometheus uses its default value. // - // It requires Prometheus >= v2.43.0. + // It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. // +optional ProxyFromEnvironment *bool `json:"proxyFromEnvironment,omitempty"` // ProxyConnectHeader optionally specifies headers to send to // proxies during CONNECT requests. // - // It requires Prometheus >= v2.43.0. + // It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0. // +optional // +mapType:=atomic ProxyConnectHeader map[string][]v1.SecretKeySelector `json:"proxyConnectHeader,omitempty"` } +// Validate semantically validates the given ProxyConfig. +func (pc *ProxyConfig) Validate() error { + if pc == nil { + return nil + } + + if reflect.ValueOf(pc).IsZero() { + return nil + } + + proxyFromEnvironmentDefined := pc.ProxyFromEnvironment != nil && *pc.ProxyFromEnvironment + proxyURLDefined := pc.ProxyURL != nil && *pc.ProxyURL != "" + noProxyDefined := pc.NoProxy != nil && *pc.NoProxy != "" + + if len(pc.ProxyConnectHeader) > 0 && (!proxyFromEnvironmentDefined && !proxyURLDefined) { + return fmt.Errorf("if proxyConnectHeader is configured, proxyUrl or proxyFromEnvironment must also be configured") + } + + if proxyFromEnvironmentDefined && proxyURLDefined { + return fmt.Errorf("if proxyFromEnvironment is configured, proxyUrl must not be configured") + } + + if proxyFromEnvironmentDefined && noProxyDefined { + return fmt.Errorf("if proxyFromEnvironment is configured, noProxy must not be configured") + } + + if !proxyURLDefined && noProxyDefined { + return fmt.Errorf("if noProxy is configured, proxyUrl must also be configured") + } + + for k, v := range pc.ProxyConnectHeader { + if len(v) == 0 { + return fmt.Errorf("proxyConnetHeader[%s]: selector must not be empty", k) + } + for i, sel := range v { + if sel == (v1.SecretKeySelector{}) { + return fmt.Errorf("proxyConnectHeader[%s][%d]: selector must be defined", k, i) + } + } + } + + return nil +} + // ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object. type ObjectReference struct { // Group of the referent. When not specified, it defaults to `monitoring.coreos.com` @@ -189,6 +233,7 @@ type Condition struct { ObservedGeneration int64 `json:"observedGeneration,omitempty"` } +// +kubebuilder:validation:MinLength=1 type ConditionType string const ( @@ -209,6 +254,7 @@ const ( Reconciled ConditionType = "Reconciled" ) +// +kubebuilder:validation:MinLength=1 type ConditionStatus string const ( @@ -315,16 +361,16 @@ type WebHTTPHeaders struct { // WebTLSConfig defines the TLS parameters for HTTPS. // +k8s:openapi-gen=true type WebTLSConfig struct { - // Secret containing the TLS key for the server. - KeySecret v1.SecretKeySelector `json:"keySecret"` // Contains the TLS certificate for the server. - Cert SecretOrConfigMap `json:"cert"` + Cert SecretOrConfigMap `json:"cert,omitempty"` + // Contains the CA certificate for client certificate authentication to the server. + ClientCA SecretOrConfigMap `json:"client_ca,omitempty"` + // Secret containing the TLS key for the server. + KeySecret v1.SecretKeySelector `json:"keySecret,omitempty"` // Server policy for client authentication. Maps to ClientAuth Policies. // For more detail on clientAuth options: // https://golang.org/pkg/crypto/tls/#ClientAuthType ClientAuthType string `json:"clientAuthType,omitempty"` - // Contains the CA certificate for client certificate authentication to the server. - ClientCA SecretOrConfigMap `json:"client_ca,omitempty"` // Minimum TLS version that is acceptable. Defaults to TLS12. MinVersion string `json:"minVersion,omitempty"` // Maximum TLS version that is acceptable. Defaults to TLS13. @@ -342,10 +388,19 @@ type WebTLSConfig struct { // order. Available curves are documented in the go documentation: // https://golang.org/pkg/crypto/tls/#CurveID CurvePreferences []string `json:"curvePreferences,omitempty"` + // Path to the TLS key file in the Prometheus container for the server. + // Mutually exclusive with `keySecret`. + KeyFile string `json:"keyFile,omitempty"` + // Path to the TLS certificate file in the Prometheus container for the server. + // Mutually exclusive with `cert`. + CertFile string `json:"certFile,omitempty"` + // Path to the CA certificate file for client certificate authentication to the server. + // Mutually exclusive with `client_ca`. + ClientCAFile string `json:"clientCAFile,omitempty"` } // Validate returns an error if one of the WebTLSConfig fields is invalid. -// A valid WebTLSConfig should have Cert and KeySecret fields which are not +// A valid WebTLSConfig should have (Cert or CertFile) and (KeySecret or KeyFile) fields which are not // zero values. func (c *WebTLSConfig) Validate() error { if c == nil { @@ -353,21 +408,39 @@ func (c *WebTLSConfig) Validate() error { } if c.ClientCA != (SecretOrConfigMap{}) { + if c.ClientCAFile != "" { + return errors.New("cannot specify both clientCAFile and clientCA") + } + if err := c.ClientCA.Validate(); err != nil { - return fmt.Errorf("client CA: %w", err) + return fmt.Errorf("invalid web tls config: %s", err.Error()) + } + } + + if c.Cert != (SecretOrConfigMap{}) { + if c.CertFile != "" { + return errors.New("cannot specify both cert and certFile") + } + if err := c.Cert.Validate(); err != nil { + return fmt.Errorf("invalid web tls config: %s", err.Error()) } } - if c.Cert == (SecretOrConfigMap{}) { - return errors.New("TLS cert must be defined") - } else if err := c.Cert.Validate(); err != nil { - return fmt.Errorf("TLS cert: %w", err) + if c.KeyFile != "" && c.KeySecret != (v1.SecretKeySelector{}) { + return errors.New("cannot specify both keyFile and keySecret") } - if c.KeySecret == (v1.SecretKeySelector{}) { + hasCert := c.CertFile != "" || c.Cert != (SecretOrConfigMap{}) + hasKey := c.KeyFile != "" || c.KeySecret != (v1.SecretKeySelector{}) + + if !hasKey { return errors.New("TLS key must be defined") } + if !hasCert { + return errors.New("TLS certificate must be defined") + } + return nil } @@ -578,7 +651,6 @@ type OAuth2 struct { // Proxy configuration to use when connecting to the OAuth2 server. // It requires Prometheus >= v2.43.0. - // It is not supported yet for Alertmanager. // // +optional ProxyConfig `json:",inline"` @@ -710,6 +782,10 @@ type SafeTLSConfig struct { // Validate semantically validates the given SafeTLSConfig. func (c *SafeTLSConfig) Validate() error { + if c == nil { + return nil + } + if c.CA != (SecretOrConfigMap{}) { if err := c.CA.Validate(); err != nil { return fmt.Errorf("ca %s: %w", c.CA.String(), err) @@ -751,6 +827,10 @@ type TLSConfig struct { // Validate semantically validates the given TLSConfig. func (c *TLSConfig) Validate() error { + if c == nil { + return nil + } + if c.CA != (SecretOrConfigMap{}) { if c.CAFile != "" { return fmt.Errorf("cannot specify both caFile and ca") @@ -828,3 +908,35 @@ const ( RoleEndpointSlice = "endpointslice" RoleIngress = "ingress" ) + +// NativeHistogramConfig extends the native histogram configuration settings. +// +k8s:openapi-gen=true +type NativeHistogramConfig struct { + // Whether to scrape a classic histogram that is also exposed as a native histogram. + // It requires Prometheus >= v2.45.0. + // + // +optional + ScrapeClassicHistograms *bool `json:"scrapeClassicHistograms,omitempty"` + + // If there are more than this many buckets in a native histogram, + // buckets will be merged to stay within the limit. + // It requires Prometheus >= v2.45.0. + // + // +optional + NativeHistogramBucketLimit *uint64 `json:"nativeHistogramBucketLimit,omitempty"` + + // If the growth factor of one bucket to the next is smaller than this, + // buckets will be merged to increase the factor sufficiently. + // It requires Prometheus >= v2.50.0. + // + // +optional + NativeHistogramMinBucketFactor *resource.Quantity `json:"nativeHistogramMinBucketFactor,omitempty"` +} + +// +kubebuilder:validation:Enum=RelabelConfig;RoleSelector +type SelectorMechanism string + +const ( + SelectorMechanismRelabel SelectorMechanism = "RelabelConfig" + SelectorMechanismRole SelectorMechanism = "RoleSelector" +) diff --git a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go index bf72f1451..3b43680ec 100644 --- a/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1/zz_generated.deepcopy.go @@ -167,6 +167,12 @@ func (in *AlertmanagerEndpoints) DeepCopyInto(out *AlertmanagerEndpoints) { *out = new(Sigv4) (*in).DeepCopyInto(*out) } + in.ProxyConfig.DeepCopyInto(&out.ProxyConfig) + if in.APIVersion != nil { + in, out := &in.APIVersion, &out.APIVersion + *out = new(AlertmanagerAPIVersion) + **out = **in + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(Duration) @@ -324,6 +330,11 @@ func (in *AlertmanagerSpec) DeepCopyInto(out *AlertmanagerSpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.PersistentVolumeClaimRetentionPolicy != nil { + in, out := &in.PersistentVolumeClaimRetentionPolicy, &out.PersistentVolumeClaimRetentionPolicy + *out = new(appsv1.StatefulSetPersistentVolumeClaimRetentionPolicy) + **out = **in + } if in.NodeSelector != nil { in, out := &in.NodeSelector, &out.NodeSelector *out = make(map[string]string, len(*in)) @@ -356,6 +367,16 @@ func (in *AlertmanagerSpec) DeepCopyInto(out *AlertmanagerSpec) { *out = new(corev1.PodSecurityContext) (*in).DeepCopyInto(*out) } + if in.DNSPolicy != nil { + in, out := &in.DNSPolicy, &out.DNSPolicy + *out = new(DNSPolicy) + **out = **in + } + if in.DNSConfig != nil { + in, out := &in.DNSConfig, &out.DNSConfig + *out = new(PodDNSConfig) + (*in).DeepCopyInto(*out) + } if in.Containers != nil { in, out := &in.Containers, &out.Containers *out = make([]corev1.Container, len(*in)) @@ -742,6 +763,16 @@ func (in *CommonPrometheusFields) DeepCopyInto(out *CommonPrometheusFields) { (*out)[key] = val } } + if in.EnableOTLPReceiver != nil { + in, out := &in.EnableOTLPReceiver, &out.EnableOTLPReceiver + *out = new(bool) + **out = **in + } + if in.RemoteWriteReceiverMessageVersions != nil { + in, out := &in.RemoteWriteReceiverMessageVersions, &out.RemoteWriteReceiverMessageVersions + *out = make([]RemoteWriteMessageVersion, len(*in)) + copy(*out, *in) + } if in.EnableFeatures != nil { in, out := &in.EnableFeatures, &out.EnableFeatures *out = make([]EnableFeature, len(*in)) @@ -825,11 +856,26 @@ func (in *CommonPrometheusFields) DeepCopyInto(out *CommonPrometheusFields) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.OTLP != nil { + in, out := &in.OTLP, &out.OTLP + *out = new(OTLPConfig) + (*in).DeepCopyInto(*out) + } if in.SecurityContext != nil { in, out := &in.SecurityContext, &out.SecurityContext *out = new(corev1.PodSecurityContext) (*in).DeepCopyInto(*out) } + if in.DNSPolicy != nil { + in, out := &in.DNSPolicy, &out.DNSPolicy + *out = new(DNSPolicy) + **out = **in + } + if in.DNSConfig != nil { + in, out := &in.DNSConfig, &out.DNSConfig + *out = new(PodDNSConfig) + (*in).DeepCopyInto(*out) + } if in.Containers != nil { in, out := &in.Containers, &out.Containers *out = make([]corev1.Container, len(*in)) @@ -885,6 +931,11 @@ func (in *CommonPrometheusFields) DeepCopyInto(out *CommonPrometheusFields) { *out = new(uint64) **out = **in } + if in.NameValidationScheme != nil { + in, out := &in.NameValidationScheme, &out.NameValidationScheme + *out = new(NameValidationSchemeOptions) + **out = **in + } if in.MinReadySeconds != nil { in, out := &in.MinReadySeconds, &out.MinReadySeconds *out = new(uint32) @@ -979,6 +1030,16 @@ func (in *CommonPrometheusFields) DeepCopyInto(out *CommonPrometheusFields) { *out = new(ServiceDiscoveryRole) **out = **in } + if in.TSDB != nil { + in, out := &in.TSDB, &out.TSDB + *out = new(TSDBSpec) + (*in).DeepCopyInto(*out) + } + if in.Runtime != nil { + in, out := &in.Runtime, &out.Runtime + *out = new(RuntimeConfig) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommonPrometheusFields. @@ -1303,6 +1364,7 @@ func (in *HTTPConfig) DeepCopyInto(out *HTTPConfig) { *out = new(SafeTLSConfig) (*in).DeepCopyInto(*out) } + in.ProxyConfig.DeepCopyInto(&out.ProxyConfig) if in.FollowRedirects != nil { in, out := &in.FollowRedirects, &out.FollowRedirects *out = new(bool) @@ -1405,6 +1467,36 @@ func (in *NamespaceSelector) DeepCopy() *NamespaceSelector { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NativeHistogramConfig) DeepCopyInto(out *NativeHistogramConfig) { + *out = *in + if in.ScrapeClassicHistograms != nil { + in, out := &in.ScrapeClassicHistograms, &out.ScrapeClassicHistograms + *out = new(bool) + **out = **in + } + if in.NativeHistogramBucketLimit != nil { + in, out := &in.NativeHistogramBucketLimit, &out.NativeHistogramBucketLimit + *out = new(uint64) + **out = **in + } + if in.NativeHistogramMinBucketFactor != nil { + in, out := &in.NativeHistogramMinBucketFactor, &out.NativeHistogramMinBucketFactor + x := (*in).DeepCopy() + *out = &x + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NativeHistogramConfig. +func (in *NativeHistogramConfig) DeepCopy() *NativeHistogramConfig { + if in == nil { + return nil + } + out := new(NativeHistogramConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OAuth2) DeepCopyInto(out *OAuth2) { *out = *in @@ -1455,6 +1547,31 @@ func (in *OAuth2ValidationError) DeepCopy() *OAuth2ValidationError { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OTLPConfig) DeepCopyInto(out *OTLPConfig) { + *out = *in + if in.PromoteResourceAttributes != nil { + in, out := &in.PromoteResourceAttributes, &out.PromoteResourceAttributes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.TranslationStrategy != nil { + in, out := &in.TranslationStrategy, &out.TranslationStrategy + *out = new(TranslationStrategyOption) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OTLPConfig. +func (in *OTLPConfig) DeepCopy() *OTLPConfig { + if in == nil { + return nil + } + out := new(OTLPConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ObjectReference) DeepCopyInto(out *ObjectReference) { *out = *in @@ -1470,9 +1587,71 @@ func (in *ObjectReference) DeepCopy() *ObjectReference { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PodDNSConfig) DeepCopyInto(out *PodDNSConfig) { + *out = *in + if in.Nameservers != nil { + in, out := &in.Nameservers, &out.Nameservers + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Searches != nil { + in, out := &in.Searches, &out.Searches + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Options != nil { + in, out := &in.Options, &out.Options + *out = make([]PodDNSConfigOption, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfig. +func (in *PodDNSConfig) DeepCopy() *PodDNSConfig { + if in == nil { + return nil + } + out := new(PodDNSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PodDNSConfigOption) DeepCopyInto(out *PodDNSConfigOption) { + *out = *in + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDNSConfigOption. +func (in *PodDNSConfigOption) DeepCopy() *PodDNSConfigOption { + if in == nil { + return nil + } + out := new(PodDNSConfigOption) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PodMetricsEndpoint) DeepCopyInto(out *PodMetricsEndpoint) { *out = *in + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(string) + **out = **in + } + if in.PortNumber != nil { + in, out := &in.PortNumber, &out.PortNumber + *out = new(int32) + **out = **in + } if in.TargetPort != nil { in, out := &in.TargetPort, &out.TargetPort *out = new(intstr.IntOrString) @@ -1633,6 +1812,11 @@ func (in *PodMonitorSpec) DeepCopyInto(out *PodMonitorSpec) { } } in.Selector.DeepCopyInto(&out.Selector) + if in.SelectorMechanism != nil { + in, out := &in.SelectorMechanism, &out.SelectorMechanism + *out = new(SelectorMechanism) + **out = **in + } in.NamespaceSelector.DeepCopyInto(&out.NamespaceSelector) if in.SampleLimit != nil { in, out := &in.SampleLimit, &out.SampleLimit @@ -1649,6 +1833,11 @@ func (in *PodMonitorSpec) DeepCopyInto(out *PodMonitorSpec) { *out = make([]ScrapeProtocol, len(*in)) copy(*out, *in) } + if in.FallbackScrapeProtocol != nil { + in, out := &in.FallbackScrapeProtocol, &out.FallbackScrapeProtocol + *out = new(ScrapeProtocol) + **out = **in + } if in.LabelLimit != nil { in, out := &in.LabelLimit, &out.LabelLimit *out = new(uint64) @@ -1664,6 +1853,7 @@ func (in *PodMonitorSpec) DeepCopyInto(out *PodMonitorSpec) { *out = new(uint64) **out = **in } + in.NativeHistogramConfig.DeepCopyInto(&out.NativeHistogramConfig) if in.KeepDroppedTargets != nil { in, out := &in.KeepDroppedTargets, &out.KeepDroppedTargets *out = new(uint64) @@ -1790,6 +1980,11 @@ func (in *ProbeSpec) DeepCopyInto(out *ProbeSpec) { *out = make([]ScrapeProtocol, len(*in)) copy(*out, *in) } + if in.FallbackScrapeProtocol != nil { + in, out := &in.FallbackScrapeProtocol, &out.FallbackScrapeProtocol + *out = new(ScrapeProtocol) + **out = **in + } if in.LabelLimit != nil { in, out := &in.LabelLimit, &out.LabelLimit *out = new(uint64) @@ -1805,6 +2000,7 @@ func (in *ProbeSpec) DeepCopyInto(out *ProbeSpec) { *out = new(uint64) **out = **in } + in.NativeHistogramConfig.DeepCopyInto(&out.NativeHistogramConfig) if in.KeepDroppedTargets != nil { in, out := &in.KeepDroppedTargets, &out.KeepDroppedTargets *out = new(uint64) @@ -2127,7 +2323,11 @@ func (in *PrometheusSpec) DeepCopyInto(out *PrometheusSpec) { *out = new(Exemplars) (*in).DeepCopyInto(*out) } - out.TSDB = in.TSDB + if in.RuleQueryOffset != nil { + in, out := &in.RuleQueryOffset, &out.RuleQueryOffset + *out = new(Duration) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusSpec. @@ -2403,6 +2603,11 @@ func (in *RemoteReadSpec) DeepCopyInto(out *RemoteReadSpec) { (*out)[key] = val } } + if in.RemoteTimeout != nil { + in, out := &in.RemoteTimeout, &out.RemoteTimeout + *out = new(Duration) + **out = **in + } if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = make(map[string]string, len(*in)) @@ -2456,6 +2661,16 @@ func (in *RemoteReadSpec) DeepCopy() *RemoteReadSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.MessageVersion != nil { + in, out := &in.MessageVersion, &out.MessageVersion + *out = new(RemoteWriteMessageVersion) + **out = **in + } if in.SendExemplars != nil { in, out := &in.SendExemplars, &out.SendExemplars *out = new(bool) @@ -2466,6 +2681,11 @@ func (in *RemoteWriteSpec) DeepCopyInto(out *RemoteWriteSpec) { *out = new(bool) **out = **in } + if in.RemoteTimeout != nil { + in, out := &in.RemoteTimeout, &out.RemoteTimeout + *out = new(Duration) + **out = **in + } if in.Headers != nil { in, out := &in.Headers, &out.Headers *out = make(map[string]string, len(*in)) @@ -2586,11 +2806,23 @@ func (in *Rule) DeepCopy() *Rule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RuleGroup) DeepCopyInto(out *RuleGroup) { *out = *in + if in.Labels != nil { + in, out := &in.Labels, &out.Labels + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } if in.Interval != nil { in, out := &in.Interval, &out.Interval *out = new(Duration) **out = **in } + if in.QueryOffset != nil { + in, out := &in.QueryOffset, &out.QueryOffset + *out = new(Duration) + **out = **in + } if in.Rules != nil { in, out := &in.Rules, &out.Rules *out = make([]Rule, len(*in)) @@ -2646,6 +2878,26 @@ func (in *RulesAlert) DeepCopy() *RulesAlert { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RuntimeConfig) DeepCopyInto(out *RuntimeConfig) { + *out = *in + if in.GoGC != nil { + in, out := &in.GoGC, &out.GoGC + *out = new(int32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuntimeConfig. +func (in *RuntimeConfig) DeepCopy() *RuntimeConfig { + if in == nil { + return nil + } + out := new(RuntimeConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SafeAuthorization) DeepCopyInto(out *SafeAuthorization) { *out = *in @@ -2721,6 +2973,11 @@ func (in *ScrapeClass) DeepCopyInto(out *ScrapeClass) { *out = new(TLSConfig) (*in).DeepCopyInto(*out) } + if in.Authorization != nil { + in, out := &in.Authorization, &out.Authorization + *out = new(Authorization) + (*in).DeepCopyInto(*out) + } if in.Relabelings != nil { in, out := &in.Relabelings, &out.Relabelings *out = make([]RelabelConfig, len(*in)) @@ -2844,6 +3101,11 @@ func (in *ServiceMonitorSpec) DeepCopyInto(out *ServiceMonitorSpec) { } } in.Selector.DeepCopyInto(&out.Selector) + if in.SelectorMechanism != nil { + in, out := &in.SelectorMechanism, &out.SelectorMechanism + *out = new(SelectorMechanism) + **out = **in + } in.NamespaceSelector.DeepCopyInto(&out.NamespaceSelector) if in.SampleLimit != nil { in, out := &in.SampleLimit, &out.SampleLimit @@ -2855,6 +3117,11 @@ func (in *ServiceMonitorSpec) DeepCopyInto(out *ServiceMonitorSpec) { *out = make([]ScrapeProtocol, len(*in)) copy(*out, *in) } + if in.FallbackScrapeProtocol != nil { + in, out := &in.FallbackScrapeProtocol, &out.FallbackScrapeProtocol + *out = new(ScrapeProtocol) + **out = **in + } if in.TargetLimit != nil { in, out := &in.TargetLimit, &out.TargetLimit *out = new(uint64) @@ -2875,6 +3142,7 @@ func (in *ServiceMonitorSpec) DeepCopyInto(out *ServiceMonitorSpec) { *out = new(uint64) **out = **in } + in.NativeHistogramConfig.DeepCopyInto(&out.NativeHistogramConfig) if in.KeepDroppedTargets != nil { in, out := &in.KeepDroppedTargets, &out.KeepDroppedTargets *out = new(uint64) @@ -2992,6 +3260,11 @@ func (in *TLSConfig) DeepCopy() *TLSConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TSDBSpec) DeepCopyInto(out *TSDBSpec) { *out = *in + if in.OutOfOrderTimeWindow != nil { + in, out := &in.OutOfOrderTimeWindow, &out.OutOfOrderTimeWindow + *out = new(Duration) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TSDBSpec. @@ -3054,6 +3327,11 @@ func (in *ThanosRulerList) DeepCopy() *ThanosRulerList { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ThanosRulerSpec) DeepCopyInto(out *ThanosRulerSpec) { *out = *in + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in + } if in.PodMetadata != nil { in, out := &in.PodMetadata, &out.PodMetadata *out = new(EmbeddedObjectMetadata) @@ -3101,6 +3379,16 @@ func (in *ThanosRulerSpec) DeepCopyInto(out *ThanosRulerSpec) { *out = new(corev1.PodSecurityContext) (*in).DeepCopyInto(*out) } + if in.DNSPolicy != nil { + in, out := &in.DNSPolicy, &out.DNSPolicy + *out = new(DNSPolicy) + **out = **in + } + if in.DNSConfig != nil { + in, out := &in.DNSConfig, &out.DNSConfig + *out = new(PodDNSConfig) + (*in).DeepCopyInto(*out) + } if in.Storage != nil { in, out := &in.Storage, &out.Storage *out = new(StorageSpec) @@ -3450,9 +3738,9 @@ func (in *WebHTTPHeaders) DeepCopy() *WebHTTPHeaders { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebTLSConfig) DeepCopyInto(out *WebTLSConfig) { *out = *in - in.KeySecret.DeepCopyInto(&out.KeySecret) in.Cert.DeepCopyInto(&out.Cert) in.ClientCA.DeepCopyInto(&out.ClientCA) + in.KeySecret.DeepCopyInto(&out.KeySecret) if in.CipherSuites != nil { in, out := &in.CipherSuites, &out.CipherSuites *out = make([]string, len(*in)) diff --git a/vendor/k8s.io/utils/clock/testing/fake_clock.go b/vendor/k8s.io/utils/clock/testing/fake_clock.go index 79e11deb6..462c40c2c 100644 --- a/vendor/k8s.io/utils/clock/testing/fake_clock.go +++ b/vendor/k8s.io/utils/clock/testing/fake_clock.go @@ -48,7 +48,6 @@ type fakeClockWaiter struct { stepInterval time.Duration skipIfBlocked bool destChan chan time.Time - fired bool afterFunc func() } @@ -198,12 +197,10 @@ func (f *FakeClock) setTimeLocked(t time.Time) { if w.skipIfBlocked { select { case w.destChan <- t: - w.fired = true default: } } else { w.destChan <- t - w.fired = true } if w.afterFunc != nil { @@ -305,44 +302,48 @@ func (f *fakeTimer) C() <-chan time.Time { return f.waiter.destChan } -// Stop stops the timer and returns true if the timer has not yet fired, or false otherwise. +// Stop prevents the Timer from firing. It returns true if the call stops the +// timer, false if the timer has already expired or been stopped. func (f *fakeTimer) Stop() bool { f.fakeClock.lock.Lock() defer f.fakeClock.lock.Unlock() + active := false newWaiters := make([]*fakeClockWaiter, 0, len(f.fakeClock.waiters)) for i := range f.fakeClock.waiters { w := f.fakeClock.waiters[i] if w != &f.waiter { newWaiters = append(newWaiters, w) + continue } + // If timer is found, it has not been fired yet. + active = true } f.fakeClock.waiters = newWaiters - return !f.waiter.fired + return active } -// Reset resets the timer to the fake clock's "now" + d. It returns true if the timer has not yet -// fired, or false otherwise. +// Reset changes the timer to expire after duration d. It returns true if the +// timer had been active, false if the timer had expired or been stopped. func (f *fakeTimer) Reset(d time.Duration) bool { f.fakeClock.lock.Lock() defer f.fakeClock.lock.Unlock() - active := !f.waiter.fired + active := false - f.waiter.fired = false f.waiter.targetTime = f.fakeClock.time.Add(d) - var isWaiting bool for i := range f.fakeClock.waiters { w := f.fakeClock.waiters[i] if w == &f.waiter { - isWaiting = true + // If timer is found, it has not been fired yet. + active = true break } } - if !isWaiting { + if !active { f.fakeClock.waiters = append(f.fakeClock.waiters, &f.waiter) } diff --git a/vendor/k8s.io/utils/lru/lru.go b/vendor/k8s.io/utils/lru/lru.go index f0b67462f..40c22ece1 100644 --- a/vendor/k8s.io/utils/lru/lru.go +++ b/vendor/k8s.io/utils/lru/lru.go @@ -47,6 +47,8 @@ func NewWithEvictionFunc(size int, f EvictionFunc) *Cache { // SetEvictionFunc updates the eviction func func (c *Cache) SetEvictionFunc(f EvictionFunc) error { + c.lock.Lock() + defer c.lock.Unlock() if c.cache.OnEvicted != nil { return fmt.Errorf("lru cache eviction function is already set") } diff --git a/vendor/modules.txt b/vendor/modules.txt index 0ae1145ee..75844a3e2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -519,8 +519,8 @@ github.com/pkg/errors # github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 ## explicit github.com/pmezard/go-difflib/difflib -# github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.76.1 -## explicit; go 1.22.0 +# github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.79.2 +## explicit; go 1.23.0 github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1 # github.com/prometheus/client_golang v1.20.5 @@ -1573,7 +1573,7 @@ k8s.io/kube-openapi/pkg/validation/errors k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson -# k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 +# k8s.io/utils v0.0.0-20241210054802-24370beab758 ## explicit; go 1.18 k8s.io/utils/buffer k8s.io/utils/clock @@ -1652,11 +1652,11 @@ sigs.k8s.io/controller-runtime/pkg/webhook/admission sigs.k8s.io/controller-runtime/pkg/webhook/admission/metrics sigs.k8s.io/controller-runtime/pkg/webhook/conversion sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics -# sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 -## explicit; go 1.21 +# sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 +## explicit; go 1.23 sigs.k8s.io/json sigs.k8s.io/json/internal/golang/encoding/json -# sigs.k8s.io/structured-merge-diff/v4 v4.4.2 +# sigs.k8s.io/structured-merge-diff/v4 v4.5.0 ## explicit; go 1.13 sigs.k8s.io/structured-merge-diff/v4/fieldpath sigs.k8s.io/structured-merge-diff/v4/merge diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v4/merge/update.go b/vendor/sigs.k8s.io/structured-merge-diff/v4/merge/update.go index 34ab2d6fb..455818ff8 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v4/merge/update.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v4/merge/update.go @@ -33,6 +33,9 @@ type UpdaterBuilder struct { Converter Converter IgnoreFilter map[fieldpath.APIVersion]fieldpath.Filter + // IgnoredFields provides a set of fields to ignore for each + IgnoredFields map[fieldpath.APIVersion]*fieldpath.Set + // Stop comparing the new object with old object after applying. // This was initially used to avoid spurious etcd update, but // since that's vastly inefficient, we've come-up with a better @@ -46,6 +49,7 @@ func (u *UpdaterBuilder) BuildUpdater() *Updater { return &Updater{ Converter: u.Converter, IgnoreFilter: u.IgnoreFilter, + IgnoredFields: u.IgnoredFields, returnInputOnNoop: u.ReturnInputOnNoop, } } @@ -56,6 +60,9 @@ type Updater struct { // Deprecated: This will eventually become private. Converter Converter + // Deprecated: This will eventually become private. + IgnoredFields map[fieldpath.APIVersion]*fieldpath.Set + // Deprecated: This will eventually become private. IgnoreFilter map[fieldpath.APIVersion]fieldpath.Filter @@ -70,8 +77,19 @@ func (s *Updater) update(oldObject, newObject *typed.TypedValue, version fieldpa return nil, nil, fmt.Errorf("failed to compare objects: %v", err) } - versions := map[fieldpath.APIVersion]*typed.Comparison{ - version: compare.FilterFields(s.IgnoreFilter[version]), + var versions map[fieldpath.APIVersion]*typed.Comparison + + if s.IgnoredFields != nil && s.IgnoreFilter != nil { + return nil, nil, fmt.Errorf("IgnoreFilter and IgnoreFilter may not both be set") + } + if s.IgnoredFields != nil { + versions = map[fieldpath.APIVersion]*typed.Comparison{ + version: compare.ExcludeFields(s.IgnoredFields[version]), + } + } else { + versions = map[fieldpath.APIVersion]*typed.Comparison{ + version: compare.FilterFields(s.IgnoreFilter[version]), + } } for manager, managerSet := range managers { @@ -101,7 +119,12 @@ func (s *Updater) update(oldObject, newObject *typed.TypedValue, version fieldpa if err != nil { return nil, nil, fmt.Errorf("failed to compare objects: %v", err) } - versions[managerSet.APIVersion()] = compare.FilterFields(s.IgnoreFilter[managerSet.APIVersion()]) + + if s.IgnoredFields != nil { + versions[managerSet.APIVersion()] = compare.ExcludeFields(s.IgnoredFields[managerSet.APIVersion()]) + } else { + versions[managerSet.APIVersion()] = compare.FilterFields(s.IgnoreFilter[managerSet.APIVersion()]) + } } conflictSet := managerSet.Set().Intersection(compare.Modified.Union(compare.Added)) @@ -154,7 +177,16 @@ func (s *Updater) Update(liveObject, newObject *typed.TypedValue, version fieldp managers[manager] = fieldpath.NewVersionedSet(fieldpath.NewSet(), version, false) } set := managers[manager].Set().Difference(compare.Removed).Union(compare.Modified).Union(compare.Added) - ignoreFilter := s.IgnoreFilter[version] + + if s.IgnoredFields != nil && s.IgnoreFilter != nil { + return nil, nil, fmt.Errorf("IgnoreFilter and IgnoreFilter may not both be set") + } + var ignoreFilter fieldpath.Filter + if s.IgnoredFields != nil { + ignoreFilter = fieldpath.NewExcludeSetFilter(s.IgnoredFields[version]) + } else { + ignoreFilter = s.IgnoreFilter[version] + } if ignoreFilter != nil { set = ignoreFilter.Filter(set) } @@ -189,7 +221,15 @@ func (s *Updater) Apply(liveObject, configObject *typed.TypedValue, version fiel return nil, fieldpath.ManagedFields{}, fmt.Errorf("failed to get field set: %v", err) } - ignoreFilter := s.IgnoreFilter[version] + if s.IgnoredFields != nil && s.IgnoreFilter != nil { + return nil, nil, fmt.Errorf("IgnoreFilter and IgnoreFilter may not both be set") + } + var ignoreFilter fieldpath.Filter + if s.IgnoredFields != nil { + ignoreFilter = fieldpath.NewExcludeSetFilter(s.IgnoredFields[version]) + } else { + ignoreFilter = s.IgnoreFilter[version] + } if ignoreFilter != nil { set = ignoreFilter.Filter(set) } diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v4/typed/typed.go b/vendor/sigs.k8s.io/structured-merge-diff/v4/typed/typed.go index 9be902828..7edaa6d48 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v4/typed/typed.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v4/typed/typed.go @@ -32,6 +32,21 @@ const ( AllowDuplicates ValidationOptions = iota ) +// extractItemsOptions is the options available when extracting items. +type extractItemsOptions struct { + appendKeyFields bool +} + +type ExtractItemsOption func(*extractItemsOptions) + +// WithAppendKeyFields configures ExtractItems to include key fields. +// It is exported for use in configuring ExtractItems. +func WithAppendKeyFields() ExtractItemsOption { + return func(opts *extractItemsOptions) { + opts.appendKeyFields = true + } +} + // AsTyped accepts a value and a type and returns a TypedValue. 'v' must have // type 'typeName' in the schema. An error is returned if the v doesn't conform // to the schema. @@ -187,7 +202,37 @@ func (tv TypedValue) RemoveItems(items *fieldpath.Set) *TypedValue { } // ExtractItems returns a value with only the provided list or map items extracted from the value. -func (tv TypedValue) ExtractItems(items *fieldpath.Set) *TypedValue { +func (tv TypedValue) ExtractItems(items *fieldpath.Set, opts ...ExtractItemsOption) *TypedValue { + options := &extractItemsOptions{} + for _, opt := range opts { + opt(options) + } + if options.appendKeyFields { + tvPathSet, err := tv.ToFieldSet() + if err == nil { + keyFieldPathSet := fieldpath.NewSet() + items.Iterate(func(path fieldpath.Path) { + if !tvPathSet.Has(path) { + return + } + for i, pe := range path { + if pe.Key == nil { + continue + } + for _, keyField := range *pe.Key { + keyName := keyField.Name + // Create a new slice with the same elements as path[:i+1], but set its capacity to len(path[:i+1]). + // This ensures that appending to keyFieldPath creates a new underlying array, avoiding accidental + // modification of the original slice (path). + keyFieldPath := append(path[:i+1:i+1], fieldpath.PathElement{FieldName: &keyName}) + keyFieldPathSet.Insert(keyFieldPath) + } + } + }) + items = items.Union(keyFieldPathSet) + } + } + tv.value = removeItemsWithSchema(tv.value, items, tv.schema, tv.typeRef, true) return &tv } diff --git a/vendor/sigs.k8s.io/structured-merge-diff/v4/value/scalar.go b/vendor/sigs.k8s.io/structured-merge-diff/v4/value/scalar.go index c78a4c18d..5824219e5 100644 --- a/vendor/sigs.k8s.io/structured-merge-diff/v4/value/scalar.go +++ b/vendor/sigs.k8s.io/structured-merge-diff/v4/value/scalar.go @@ -43,7 +43,7 @@ func IntCompare(lhs, rhs int64) int { func BoolCompare(lhs, rhs bool) int { if lhs == rhs { return 0 - } else if lhs == false { + } else if !lhs { return -1 } return 1