Skip to content

Commit db24916

Browse files
elastisys-staffanviktor-f
elastisys-staffan
and
viktor-f
authored
Staging 0.49.1 (#2873)
Co-authored-by: Viktor Forsberg <[email protected]>
1 parent fa4b511 commit db24916

File tree

5 files changed

+97
-0
lines changed

5 files changed

+97
-0
lines changed

changelog/0.49.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -101,3 +101,13 @@ Released 2025-09-18
101101
- [#2746](https://github.com/elastisys/compliantkubernetes-apps/pull/2746) - fix: Split network policies tests between Calico & Cilium [@rarescosma](https://github.com/rarescosma)
102102
- [#2763](https://github.com/elastisys/compliantkubernetes-apps/pull/2763) - bug: apps: remove doubled "spec" field [@rarescosma](https://github.com/rarescosma)
103103
- [#2764](https://github.com/elastisys/compliantkubernetes-apps/pull/2764) - fix: Cilium test fixes [@rarescosma](https://github.com/rarescosma)
104+
105+
## v0.49.1
106+
107+
Released 2025-11-20
108+
109+
## Changes by kind
110+
111+
### Other(s)
112+
113+
- [#2858](https://github.com/elastisys/compliantkubernetes-apps/pull/2858) - bug: apps wc: move user alertmanager secret to created with install hook [@viktor-f](https://github.com/viktor-f)

helmfile.d/hooks/alertmanager/dev-secret.yaml

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
apiVersion: v1
2+
kind: Secret
3+
metadata:
4+
name: alertmanager-kube-prometheus-stack-alertmanager
5+
namespace: alertmanager
6+
labels:
7+
app: kube-prometheus-stack-alertmanager
8+
stringData:
9+
alertmanager.yaml: |-
10+
global:
11+
resolve_timeout: 5m
12+
inhibit_rules: []
13+
receivers:
14+
- name: "null"
15+
route:
16+
group_by:
17+
- alertname
18+
group_interval: 5m
19+
group_wait: 30s
20+
receiver: "null"
21+
repeat_interval: 12h
22+
routes:
23+
- matchers:
24+
- alertname = "Watchdog"
25+
receiver: "null"
26+
templates:
27+
- /etc/alertmanager/config/*.tmpl

helmfile.d/stacks/monitoring-prometheus.yaml.gotmpl

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,13 @@ templates:
2727
- values/kube-prometheus-stack-sc.yaml.gotmpl
2828
{{- else if .Values | get "ck8sWorkloadCluster.enabled" false }}
2929
- values/kube-prometheus-stack-wc.yaml.gotmpl
30+
hooks:
31+
- events: [ presync ]
32+
showlogs: true
33+
command: hooks/create-from-manifest.sh
34+
args:
35+
- "{{ .Environment.Name }}"
36+
- alertmanager/dev-secret.yaml
3037
{{- end }}
3138
wait: true
3239
timeout: 600

helmfile.d/values/kube-prometheus-stack-wc.yaml.gotmpl

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,10 @@ alertmanager:
4141
route:
4242
group_by: {{ toYaml .Values.prometheus.alertmanagerSpec.groupBy | nindent 8 }}
4343
alertmanagerSpec:
44+
automountServiceAccountToken: false
45+
useExistingSecret: true
46+
secrets:
47+
- alertmanager-kube-prometheus-stack-alertmanager
4448
replicas: {{ .Values.prometheus.alertmanagerSpec.replicas }}
4549
retention: {{ .Values.prometheus.retention.alertmanager }}
4650
resources: {{- toYaml .Values.prometheus.alertmanagerSpec.resources | nindent 6 }}

migration/v0.49/apply/30-kube-prometheus-stack.sh

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
#!/usr/bin/env bash
2+
3+
set -euo pipefail
4+
5+
ROOT="$(readlink -f "$(dirname "${0}")/../../../")"
6+
7+
source "${ROOT}/scripts/migration/lib.sh"
8+
9+
run() {
10+
case "${1:-}" in
11+
execute)
12+
chart_version=$(yq '.version' "${ROOT}/helmfile.d/upstream/prometheus-community/kube-prometheus-stack/Chart.yaml")
13+
clusters=("${CK8S_CLUSTER}")
14+
if [[ "${CK8S_CLUSTER}" == "both" ]]; then
15+
clusters=("wc" "sc")
16+
fi
17+
18+
for cluster in "${clusters[@]}"; do
19+
20+
if [[ "${cluster}" == "wc" ]]; then
21+
kubectl_do "${cluster}" annotate secret -n alertmanager alertmanager-kube-prometheus-stack-alertmanager helm.sh/resource-policy=keep
22+
fi
23+
24+
current_version=$(helm_do "${cluster}" get metadata -n monitoring kube-prometheus-stack -ojson | jq -r '.version')
25+
26+
log_info "Upgrading kube-prometheus-stack on ${cluster}: ${current_version} -> ${chart_version}"
27+
28+
log_info " - Checking if kube-prometheus-stack CRDs need to be upgraded on ${cluster}"
29+
if [[ "${current_version}" != "${chart_version}" ]]; then
30+
log_info " - Replace kube-prometheus-stack CRDs on ${cluster}"
31+
kubectl_do "${cluster}" apply --server-side --force-conflicts -f "${ROOT}/helmfile.d/upstream/prometheus-community/kube-prometheus-stack/charts/crds/crds"
32+
else
33+
log_info " - CRDs up-to-date on ${cluster}, skipping"
34+
fi
35+
36+
log_info " - Upgrade kube-prometheus-stack on ${cluster}"
37+
helmfile_upgrade "${cluster}" app=prometheus
38+
done
39+
;;
40+
rollback)
41+
log_warn "rollback not implemented"
42+
;;
43+
*)
44+
log_fatal "usage: \"${0}\" <execute|rollback>"
45+
;;
46+
esac
47+
}
48+
49+
run "${@}"

0 commit comments

Comments
 (0)