diff --git a/files/templates/scrapeconfigs/_apiserver.yaml b/files/templates/scrapeconfigs/_apiserver.yaml index 5190aa419..fadc8a5c4 100644 --- a/files/templates/scrapeconfigs/_apiserver.yaml +++ b/files/templates/scrapeconfigs/_apiserver.yaml @@ -1,12 +1,15 @@ [[- define "_apiserver" -]] [[- if ne .ClusterType "management_cluster" ]] api_server: https://[[ .APIServerURL ]] - authorization: - credentials_file: /etc/prometheus/secrets/[[ .SecretName ]]/token +[[- if eq .AuthenticationType "token" ]] + bearer_token_file: /etc/prometheus/secrets/[[ .SecretName ]]/token +[[- end ]] tls_config: ca_file: /etc/prometheus/secrets/[[ .SecretName ]]/ca +[[- if eq .AuthenticationType "certificates" ]] cert_file: /etc/prometheus/secrets/[[ .SecretName ]]/crt key_file: /etc/prometheus/secrets/[[ .SecretName ]]/key +[[- end ]] insecure_skip_verify: false [[- end -]] [[- end -]] diff --git a/files/templates/scrapeconfigs/_tlsconfig.yaml b/files/templates/scrapeconfigs/_tlsconfig.yaml index b02ce770c..d814bc4bc 100644 --- a/files/templates/scrapeconfigs/_tlsconfig.yaml +++ b/files/templates/scrapeconfigs/_tlsconfig.yaml @@ -1,9 +1,14 @@ [[- define "_tlsconfig" -]] [[- if ne .ClusterType "management_cluster" -]] +[[- if eq .AuthenticationType "token" ]] +bearer_token_file: /etc/prometheus/secrets/[[ .SecretName ]]/token +[[- end ]] tls_config: ca_file: /etc/prometheus/secrets/[[ .SecretName ]]/ca +[[- if eq .AuthenticationType "certificates" ]] cert_file: /etc/prometheus/secrets/[[ .SecretName ]]/crt key_file: /etc/prometheus/secrets/[[ .SecretName ]]/key +[[- end ]] insecure_skip_verify: false [[- else -]] bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token diff --git a/files/templates/scrapeconfigs/_tlsconfig_skip.yaml b/files/templates/scrapeconfigs/_tlsconfig_skip.yaml index 0f8165e68..fe865989b 100644 --- a/files/templates/scrapeconfigs/_tlsconfig_skip.yaml +++ b/files/templates/scrapeconfigs/_tlsconfig_skip.yaml @@ -1,9 +1,14 @@ [[- define "_tlsconfig_skip" -]] [[- if ne .ClusterType "management_cluster" -]] +[[- if eq .AuthenticationType "token" ]] +bearer_token_file: /etc/prometheus/secrets/[[ .SecretName ]]/token +[[- end ]] tls_config: ca_file: /etc/prometheus/secrets/[[ .SecretName ]]/ca +[[- if eq .AuthenticationType "certificates" ]] cert_file: /etc/prometheus/secrets/[[ .SecretName ]]/crt key_file: /etc/prometheus/secrets/[[ .SecretName ]]/key +[[- end ]] insecure_skip_verify: true [[- else -]] bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token diff --git a/files/templates/scrapeconfigs/additional-scrape-configs.template.yaml b/files/templates/scrapeconfigs/additional-scrape-configs.template.yaml index 5b07eae5e..5e86efac7 100644 --- a/files/templates/scrapeconfigs/additional-scrape-configs.template.yaml +++ b/files/templates/scrapeconfigs/additional-scrape-configs.template.yaml @@ -177,16 +177,10 @@ [[ else ]] - role: node [[ end ]] -[[ if ne .ClusterType "management_cluster" ]] - api_server: https://[[ .APIServerURL ]] - tls_config: - ca_file: /etc/prometheus/secrets/[[ .SecretName ]]/ca - cert_file: /etc/prometheus/secrets/[[ .SecretName ]]/crt - key_file: /etc/prometheus/secrets/[[ .SecretName ]]/key - insecure_skip_verify: false -[[ else ]] +[[ include "_apiserver" . ]] +[[- if eq .ClusterType "management_cluster" ]] bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token -[[ end ]] +[[- end ]] tls_config: ca_file: /etc/prometheus/secrets/[[ .EtcdSecretName ]]/ca cert_file: /etc/prometheus/secrets/[[ .EtcdSecretName ]]/crt diff --git a/helm/prometheus-meta-operator/templates/alertmanager/alertmanager-psp.yaml b/helm/prometheus-meta-operator/templates/alertmanager/alertmanager-psp.yaml index 292656403..0ab446594 100644 --- a/helm/prometheus-meta-operator/templates/alertmanager/alertmanager-psp.yaml +++ b/helm/prometheus-meta-operator/templates/alertmanager/alertmanager-psp.yaml @@ -5,6 +5,8 @@ metadata: labels: {{- include "labels.common" . | nindent 4 }} name: alertmanager-psp + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: runtime/default spec: allowPrivilegeEscalation: false hostNetwork: false diff --git a/service/controller/managementcluster/resource.go b/service/controller/managementcluster/resource.go index fbfa96e97..2bcc7e857 100644 --- a/service/controller/managementcluster/resource.go +++ b/service/controller/managementcluster/resource.go @@ -174,6 +174,7 @@ func newResources(config resourcesConfig) ([]resource.Interface, error) { c := prometheus.Config{ Address: config.PrometheusAddress, PrometheusClient: config.PrometheusClient, + K8sClient: config.K8sClient, Logger: config.Logger, Customer: config.Customer, Installation: config.Installation, diff --git a/service/controller/resource/certificates/resource.go b/service/controller/resource/certificates/resource.go index 52126d24b..29cca9700 100644 --- a/service/controller/resource/certificates/resource.go +++ b/service/controller/resource/certificates/resource.go @@ -115,13 +115,14 @@ func (r *Resource) getDesiredObject(ctx context.Context, v interface{}) (*v1.Sec return nil, microerror.Mask(err) } kubeconfigAdminUser := fmt.Sprintf("%s-admin", cluster.GetName()) - kubeconfigFluxCustomerUser := fmt.Sprintf("flux-customer@%s", cluster.GetName()) + kubeconfigFluxCustomerUser := fmt.Sprintf("%s-capi-admin", cluster.GetName()) + secretData["ca"] = capiKubeconfig.Clusters[cluster.GetName()].CertificateAuthorityData if _, ok := capiKubeconfig.AuthInfos[kubeconfigAdminUser]; ok { secretData["crt"] = capiKubeconfig.AuthInfos[kubeconfigAdminUser].ClientCertificateData secretData["key"] = capiKubeconfig.AuthInfos[kubeconfigAdminUser].ClientKeyData } else if _, ok := capiKubeconfig.AuthInfos[kubeconfigFluxCustomerUser]; ok { - secretData["token"] = []byte(capiKubeconfig.AuthInfos[kubeconfigAdminUser].Token) + secretData["token"] = []byte(capiKubeconfig.AuthInfos[kubeconfigFluxCustomerUser].Token) } else { return nil, errors.New("no supported user found in the CAPI secret") } diff --git a/service/controller/resource/monitoring/prometheus/resource.go b/service/controller/resource/monitoring/prometheus/resource.go index 0cb80fd31..625b21ece 100644 --- a/service/controller/resource/monitoring/prometheus/resource.go +++ b/service/controller/resource/monitoring/prometheus/resource.go @@ -4,6 +4,7 @@ import ( "fmt" "net/url" + "github.com/giantswarm/k8sclient/v7/pkg/k8sclient" "github.com/giantswarm/microerror" "github.com/giantswarm/micrologger" "github.com/google/go-cmp/cmp" @@ -27,6 +28,7 @@ const ( type Config struct { PrometheusClient promclient.Interface + K8sClient k8sclient.Interface Logger micrologger.Logger Address string @@ -261,16 +263,22 @@ func toPrometheus(ctx context.Context, v interface{}, config Config) (metav1.Obj // Workload cluster prometheus.Spec.APIServerConfig = &promv1.APIServerConfig{ Host: fmt.Sprintf("https://%s", key.APIUrl(cluster)), - Authorization: &promv1.Authorization{ - CredentialsFile: fmt.Sprintf("/etc/prometheus/secrets/%s/token", key.Secret()), - }, TLSConfig: &promv1.TLSConfig{ - CAFile: fmt.Sprintf("/etc/prometheus/secrets/%s/ca", key.APIServerCertificatesSecretName), - CertFile: fmt.Sprintf("/etc/prometheus/secrets/%s/crt", key.APIServerCertificatesSecretName), - KeyFile: fmt.Sprintf("/etc/prometheus/secrets/%s/key", key.APIServerCertificatesSecretName), + CAFile: fmt.Sprintf("/etc/prometheus/secrets/%s/ca", key.APIServerCertificatesSecretName), }, } + authenticationType, err := key.ApiServerAuthenticationType(ctx, config.K8sClient, key.Namespace(cluster)) + if err != nil { + return nil, microerror.Mask(err) + } + if authenticationType == "token" { + prometheus.Spec.APIServerConfig.BearerTokenFile = fmt.Sprintf("/etc/prometheus/secrets/%s/token", key.APIServerCertificatesSecretName) + } else if authenticationType == "certificates" { + prometheus.Spec.APIServerConfig.TLSConfig.CertFile = fmt.Sprintf("/etc/prometheus/secrets/%s/crt", key.APIServerCertificatesSecretName) + prometheus.Spec.APIServerConfig.TLSConfig.KeyFile = fmt.Sprintf("/etc/prometheus/secrets/%s/key", key.APIServerCertificatesSecretName) + } + prometheus.Spec.Secrets = []string{ key.APIServerCertificatesSecretName, } diff --git a/service/controller/resource/monitoring/prometheus/resource_test.go b/service/controller/resource/monitoring/prometheus/resource_test.go index 35ab78921..0e1a01108 100644 --- a/service/controller/resource/monitoring/prometheus/resource_test.go +++ b/service/controller/resource/monitoring/prometheus/resource_test.go @@ -6,7 +6,15 @@ import ( "path/filepath" "testing" + "github.com/giantswarm/k8sclient/v7/pkg/k8sclient" + "github.com/giantswarm/k8sclient/v7/pkg/k8sclient/fake" + "github.com/giantswarm/micrologger" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "github.com/giantswarm/prometheus-meta-operator/v2/pkg/unittest" + "github.com/giantswarm/prometheus-meta-operator/v2/service/key" ) var update = flag.Bool("update", false, "update the ouput file") @@ -17,26 +25,66 @@ func TestPrometheus(t *testing.T) { t.Fatal(err) } - config := Config{ - Address: "http://prometheus/cluster", - Customer: "Giant Swarm", - EvaluationInterval: "60s", - Installation: "test-installation", - Pipeline: "testing", - Provider: "provider", - Region: "onprem", - ImageRepository: "giantswarm/prometheus", - LogLevel: "debug", - Registry: "quay.io", - RetentionDuration: "2w", - ScrapeInterval: "60s", - Version: "v2.28.1", + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } } c := unittest.Config{ OutputDir: outputDir, T: t, TestFunc: func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "token": []byte("my-token"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(v1.SchemeBuilder), + } + k8sClient, err = fake.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + Address: "http://prometheus/cluster", + Customer: "Giant Swarm", + EvaluationInterval: "60s", + Installation: "test-installation", + Pipeline: "testing", + K8sClient: k8sClient, + Provider: "provider", + Region: "onprem", + ImageRepository: "giantswarm/prometheus", + LogLevel: "debug", + Registry: "quay.io", + RetentionDuration: "2w", + ScrapeInterval: "60s", + Version: "v2.28.1", + } + return toPrometheus(context.Background(), v, config) }, Update: *update, diff --git a/service/controller/resource/monitoring/prometheus/test/case-1-awsconfig.golden b/service/controller/resource/monitoring/prometheus/test/case-1-awsconfig.golden index ac2d1423f..0bcd35d8e 100644 --- a/service/controller/resource/monitoring/prometheus/test/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/prometheus/test/case-1-awsconfig.golden @@ -22,15 +22,12 @@ spec: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist apiserverConfig: - authorization: - credentialsFile: /etc/prometheus/secrets/cluster-certificates/token + bearerTokenFile: /etc/prometheus/secrets/cluster-certificates/token host: https://master.alice:443 tlsConfig: ca: {} caFile: /etc/prometheus/secrets/cluster-certificates/ca cert: {} - certFile: /etc/prometheus/secrets/cluster-certificates/crt - keyFile: /etc/prometheus/secrets/cluster-certificates/key arbitraryFSAccessThroughSMs: {} enableFeatures: - remote-write-receiver diff --git a/service/controller/resource/monitoring/prometheus/test/case-2-azureconfig.golden b/service/controller/resource/monitoring/prometheus/test/case-2-azureconfig.golden index 741b7c436..1ef3f9844 100644 --- a/service/controller/resource/monitoring/prometheus/test/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/prometheus/test/case-2-azureconfig.golden @@ -22,15 +22,12 @@ spec: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist apiserverConfig: - authorization: - credentialsFile: /etc/prometheus/secrets/cluster-certificates/token + bearerTokenFile: /etc/prometheus/secrets/cluster-certificates/token host: https://master.foo:443 tlsConfig: ca: {} caFile: /etc/prometheus/secrets/cluster-certificates/ca cert: {} - certFile: /etc/prometheus/secrets/cluster-certificates/crt - keyFile: /etc/prometheus/secrets/cluster-certificates/key arbitraryFSAccessThroughSMs: {} enableFeatures: - remote-write-receiver diff --git a/service/controller/resource/monitoring/prometheus/test/case-3-kvmconfig.golden b/service/controller/resource/monitoring/prometheus/test/case-3-kvmconfig.golden index ca72ecf15..de442d78e 100644 --- a/service/controller/resource/monitoring/prometheus/test/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/prometheus/test/case-3-kvmconfig.golden @@ -22,15 +22,12 @@ spec: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist apiserverConfig: - authorization: - credentialsFile: /etc/prometheus/secrets/cluster-certificates/token + bearerTokenFile: /etc/prometheus/secrets/cluster-certificates/token host: https://master.bar:443 tlsConfig: ca: {} caFile: /etc/prometheus/secrets/cluster-certificates/ca cert: {} - certFile: /etc/prometheus/secrets/cluster-certificates/crt - keyFile: /etc/prometheus/secrets/cluster-certificates/key arbitraryFSAccessThroughSMs: {} enableFeatures: - remote-write-receiver diff --git a/service/controller/resource/monitoring/prometheus/test/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/prometheus/test/case-5-cluster-api-v1alpha3.golden index 0c2fe8a81..ce9072fb0 100644 --- a/service/controller/resource/monitoring/prometheus/test/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/prometheus/test/case-5-cluster-api-v1alpha3.golden @@ -22,15 +22,12 @@ spec: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist apiserverConfig: - authorization: - credentialsFile: /etc/prometheus/secrets/cluster-certificates/token + bearerTokenFile: /etc/prometheus/secrets/cluster-certificates/token host: https://master.baz:443 tlsConfig: ca: {} caFile: /etc/prometheus/secrets/cluster-certificates/ca cert: {} - certFile: /etc/prometheus/secrets/cluster-certificates/crt - keyFile: /etc/prometheus/secrets/cluster-certificates/key arbitraryFSAccessThroughSMs: {} enableFeatures: - remote-write-receiver diff --git a/service/controller/resource/monitoring/scrapeconfigs/resource.go b/service/controller/resource/monitoring/scrapeconfigs/resource.go index ea8127ec6..998518056 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/resource.go +++ b/service/controller/resource/monitoring/scrapeconfigs/resource.go @@ -48,6 +48,7 @@ type Config struct { type TemplateData struct { AdditionalScrapeConfigs string APIServerURL string + AuthenticationType string Bastions []string Provider string ClusterID string @@ -176,9 +177,18 @@ func getTemplateData(ctx context.Context, ctrlClient client.Client, cluster meta return nil, microerror.Mask(err) } + var authenticationType = "" + if !key.IsManagementCluster(config.Installation, cluster) { + authenticationType, err = key.ApiServerAuthenticationType(ctx, config.K8sClient, key.Namespace(cluster)) + if err != nil { + return nil, microerror.Mask(err) + } + } + d := &TemplateData{ AdditionalScrapeConfigs: config.AdditionalScrapeConfigs, APIServerURL: key.APIUrl(cluster), + AuthenticationType: authenticationType, Bastions: config.Bastions, ClusterID: key.ClusterID(cluster), ClusterType: key.ClusterType(config.Installation, cluster), diff --git a/service/controller/resource/monitoring/scrapeconfigs/resource_test.go b/service/controller/resource/monitoring/scrapeconfigs/resource_test.go index 41f29eacb..53538a1d8 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/resource_test.go +++ b/service/controller/resource/monitoring/scrapeconfigs/resource_test.go @@ -9,7 +9,11 @@ import ( appsv1alpha1 "github.com/giantswarm/apiextensions-application/api/v1alpha1" "github.com/giantswarm/k8sclient/v7/pkg/k8sclient" + fakek8sclient "github.com/giantswarm/k8sclient/v7/pkg/k8sclient/fake" + "github.com/giantswarm/micrologger" + corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/kubernetes/scheme" @@ -17,6 +21,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client/fake" "github.com/giantswarm/prometheus-meta-operator/v2/pkg/unittest" + "github.com/giantswarm/prometheus-meta-operator/v2/service/key" ) var update = flag.Bool("update", false, "update the ouput file") @@ -37,6 +42,17 @@ const additionalScrapeConfigs = `- job_name: test1 target_label: __param_target` func TestAWSScrapeconfigs(t *testing.T) { + var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } + var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) @@ -59,14 +75,44 @@ func TestAWSScrapeconfigs(t *testing.T) { Build() } - config := Config{ - TemplatePath: path, - Provider: "aws", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "token": []byte("token"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + TemplatePath: path, + Provider: "aws", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } @@ -95,6 +141,17 @@ func TestAWSScrapeconfigs(t *testing.T) { } func TestAzureScrapeconfigs(t *testing.T) { + var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } + var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) @@ -117,14 +174,45 @@ func TestAzureScrapeconfigs(t *testing.T) { Build() } - config := Config{ - TemplatePath: path, - Provider: "azure", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "crt": []byte("crt"), + "key": []byte("key"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + TemplatePath: path, + Provider: "azure", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } @@ -153,6 +241,17 @@ func TestAzureScrapeconfigs(t *testing.T) { } func TestKVMScrapeconfigs(t *testing.T) { + var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } + var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) @@ -175,15 +274,46 @@ func TestKVMScrapeconfigs(t *testing.T) { Build() } - config := Config{ - AdditionalScrapeConfigs: additionalScrapeConfigs, - TemplatePath: path, - Provider: "kvm", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "crt": []byte("crt"), + "key": []byte("key"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + AdditionalScrapeConfigs: additionalScrapeConfigs, + TemplatePath: path, + Provider: "kvm", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } @@ -213,6 +343,15 @@ func TestKVMScrapeconfigs(t *testing.T) { func TestOpenStackScrapeconfigs(t *testing.T) { var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } var apps = []runtime.Object{ &appsv1alpha1.App{ @@ -256,16 +395,46 @@ func TestOpenStackScrapeconfigs(t *testing.T) { var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) - - config := Config{ - AdditionalScrapeConfigs: additionalScrapeConfigs, - TemplatePath: path, - Provider: "openstack", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "crt": []byte("crt"), + "key": []byte("key"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + AdditionalScrapeConfigs: additionalScrapeConfigs, + TemplatePath: path, + Provider: "openstack", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } @@ -295,6 +464,15 @@ func TestOpenStackScrapeconfigs(t *testing.T) { func TestGCPScrapeconfigs(t *testing.T) { var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } var apps = []runtime.Object{ &appsv1alpha1.App{ @@ -338,16 +516,46 @@ func TestGCPScrapeconfigs(t *testing.T) { var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) - - config := Config{ - AdditionalScrapeConfigs: additionalScrapeConfigs, - TemplatePath: path, - Provider: "gcp", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "crt": []byte("crt"), + "key": []byte("key"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + AdditionalScrapeConfigs: additionalScrapeConfigs, + TemplatePath: path, + Provider: "gcp", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } @@ -377,6 +585,15 @@ func TestGCPScrapeconfigs(t *testing.T) { func TestCAPAScrapeconfigs(t *testing.T) { var err error + var logger micrologger.Logger + { + c := micrologger.Config{} + + logger, err = micrologger.New(c) + if err != nil { + t.Fatal(err) + } + } var apps = []runtime.Object{ &appsv1alpha1.App{ @@ -420,16 +637,46 @@ func TestCAPAScrapeconfigs(t *testing.T) { var testFunc unittest.TestFunc { path := path.Join(unittest.ProjectRoot(), templatePath) - - config := Config{ - AdditionalScrapeConfigs: additionalScrapeConfigs, - TemplatePath: path, - Provider: "capa", - Customer: "pmo", - Vault: "vault1.some-installation.test", - Installation: "test-installation", - } testFunc = func(v interface{}) (interface{}, error) { + cluster, err := key.ToCluster(v) + if err != nil { + t.Fatal(err) + } + var secret runtime.Object + { + secret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "cluster-certificates", + Namespace: key.Namespace(cluster), + }, + Data: map[string][]byte{ + "crt": []byte("crt"), + "key": []byte("key"), + }, + } + } + + var k8sClient k8sclient.Interface + { + c := k8sclient.ClientsConfig{ + Logger: logger, + SchemeBuilder: k8sclient.SchemeBuilder(corev1.SchemeBuilder), + } + k8sClient, err = fakek8sclient.NewClients(c, secret) + if err != nil { + t.Fatal(err) + } + } + + config := Config{ + AdditionalScrapeConfigs: additionalScrapeConfigs, + TemplatePath: path, + Provider: "capa", + Customer: "pmo", + K8sClient: k8sClient, + Vault: "vault1.some-installation.test", + Installation: "test-installation", + } return toData(context.Background(), client, v, config) } } diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-1-awsconfig.golden index 05223fdf1..3d83319c8 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-1-awsconfig.golden @@ -6,17 +6,14 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_label_component] @@ -59,15 +56,14 @@ - role: node api_server: https://master.alice:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - target_label: __address__ @@ -116,17 +112,14 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: app @@ -180,17 +173,14 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -248,17 +238,14 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -321,12 +308,10 @@ api_server: https://master.alice:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,17 +370,14 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -473,17 +455,14 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -561,17 +540,14 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -640,17 +616,14 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -723,17 +696,14 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -796,17 +766,14 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: __address__ @@ -858,17 +825,14 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_annotationpresent_giantswarm_io_monitoring, __meta_kubernetes_service_labelpresent_giantswarm_io_monitoring] diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-2-azureconfig.golden index 218ca7156..5c868c3d4 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-2-azureconfig.golden @@ -6,17 +6,14 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_label_component] @@ -59,15 +56,14 @@ - role: node api_server: https://master.foo:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - target_label: __address__ @@ -116,17 +112,14 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: app @@ -180,17 +173,14 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -248,17 +238,14 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -321,12 +308,10 @@ api_server: https://master.foo:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,17 +370,14 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -464,17 +446,14 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -547,17 +526,14 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -620,17 +596,14 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: __address__ @@ -682,17 +655,14 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_annotationpresent_giantswarm_io_monitoring, __meta_kubernetes_service_labelpresent_giantswarm_io_monitoring] diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-3-kvmconfig.golden index c882deb0a..0597d76c7 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-3-kvmconfig.golden @@ -6,17 +6,14 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_label_component] @@ -59,15 +56,14 @@ - role: node api_server: https://master.bar:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - target_label: __address__ @@ -116,17 +112,14 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: app @@ -180,17 +173,14 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -248,17 +238,14 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -321,12 +308,10 @@ api_server: https://master.bar:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,17 +370,14 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -473,17 +455,14 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -561,17 +540,14 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -640,17 +616,14 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -723,17 +696,14 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -796,17 +766,14 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: __address__ @@ -858,17 +825,14 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_annotationpresent_giantswarm_io_monitoring, __meta_kubernetes_service_labelpresent_giantswarm_io_monitoring] diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-4-control-plane.golden b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-4-control-plane.golden index aff470342..50bc1cd53 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-4-control-plane.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-4-control-plane.golden @@ -334,7 +334,6 @@ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - tls_config: ca_file: /etc/prometheus/secrets/etcd-certificates/ca cert_file: /etc/prometheus/secrets/etcd-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-5-cluster-api-v1alpha3.golden index e79dca3d1..46de4757d 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/aws/case-5-cluster-api-v1alpha3.golden @@ -6,17 +6,14 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_label_component] @@ -59,15 +56,14 @@ - role: node api_server: https://master.baz:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - target_label: __address__ @@ -116,17 +112,14 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: app @@ -180,17 +173,14 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -248,17 +238,14 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false relabel_configs: - source_labels: [__address__] @@ -321,12 +308,10 @@ api_server: https://master.baz:443 + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,17 +370,14 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -464,17 +446,14 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -547,17 +526,14 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__address__] @@ -620,17 +596,14 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - target_label: __address__ @@ -682,17 +655,14 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + + bearer_token_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca - cert_file: /etc/prometheus/secrets/cluster-certificates/crt - key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: true relabel_configs: - source_labels: [__meta_kubernetes_service_annotationpresent_giantswarm_io_monitoring, __meta_kubernetes_service_labelpresent_giantswarm_io_monitoring] diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-1-awsconfig.golden index ed9f72620..fa8e77ab9 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-1-awsconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -473,13 +468,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -561,13 +555,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -640,13 +633,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -723,13 +715,12 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -796,13 +787,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -858,13 +848,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-2-azureconfig.golden index 02290504f..9bb9c69da 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-2-azureconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -464,13 +459,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -547,13 +541,12 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -620,13 +613,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -682,13 +674,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-3-kvmconfig.golden index a118c328f..1f8c1fa3b 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-3-kvmconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -473,13 +468,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -561,13 +555,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -640,13 +633,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -723,13 +715,12 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -796,13 +787,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -858,13 +848,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-4-control-plane.golden b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-4-control-plane.golden index 5b758db75..12fb1e94d 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-4-control-plane.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-4-control-plane.golden @@ -334,7 +334,6 @@ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - tls_config: ca_file: /etc/prometheus/secrets/etcd-certificates/ca cert_file: /etc/prometheus/secrets/etcd-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-5-cluster-api-v1alpha3.golden index 422f9ec15..54786a444 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/azure/case-5-cluster-api-v1alpha3.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -464,13 +459,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -547,13 +541,12 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -620,13 +613,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -682,13 +674,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-1-awsconfig.golden index 0db53b40d..2fc211f85 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-1-awsconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-2-azureconfig.golden index 2837760c9..43c07b75c 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-2-azureconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-3-kvmconfig.golden index 17af2361b..da1b6f213 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-3-kvmconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-5-cluster-api-v1alpha3.golden index cd731efe9..71d8d1510 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/capa/case-5-cluster-api-v1alpha3.golden @@ -7,13 +7,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -71,13 +70,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -139,13 +137,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -220,7 +217,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -280,13 +276,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -359,13 +354,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -442,13 +436,12 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -514,13 +507,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-1-awsconfig.golden index cd45476cb..db4b0da06 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-1-awsconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-2-azureconfig.golden index 962b0289d..f58b6b649 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-2-azureconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-3-kvmconfig.golden index fb92e5829..b22cd2e60 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-3-kvmconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-5-cluster-api-v1alpha3.golden index b5e4a814b..efff33ba1 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/gcp/case-5-cluster-api-v1alpha3.golden @@ -7,13 +7,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -71,13 +70,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -139,13 +137,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -220,7 +217,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -280,13 +276,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -359,13 +354,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -442,13 +436,12 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -514,13 +507,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-1-awsconfig.golden index 6e1e047fd..47a2fcbc5 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-1-awsconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -473,13 +468,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -561,13 +555,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -640,13 +633,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -723,13 +715,12 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -796,13 +787,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -858,13 +848,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-2-azureconfig.golden index 836232431..608a70488 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-2-azureconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -464,13 +459,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -547,13 +541,12 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -620,13 +613,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -682,13 +674,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-3-kvmconfig.golden index fc20c707a..a9e02eec1 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-3-kvmconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -473,13 +468,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -561,13 +555,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -640,13 +633,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -723,13 +715,12 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -796,13 +787,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -858,13 +848,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-4-control-plane.golden b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-4-control-plane.golden index ac807e127..5b7386ccd 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-4-control-plane.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-4-control-plane.golden @@ -334,7 +334,6 @@ bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token - tls_config: ca_file: /etc/prometheus/secrets/etcd-certificates/ca cert_file: /etc/prometheus/secrets/etcd-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-5-cluster-api-v1alpha3.golden index a2a6ad12d..fb194eef7 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/kvm/case-5-cluster-api-v1alpha3.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -64,6 +63,7 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -116,13 +116,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -180,13 +179,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -248,13 +246,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -326,7 +323,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -385,13 +381,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -464,13 +459,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -547,13 +541,12 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -620,13 +613,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -682,13 +674,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-1-awsconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-1-awsconfig.golden index cdf01f254..b05afd17b 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-1-awsconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-1-awsconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.alice:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-2-azureconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-2-azureconfig.golden index 116101bfa..04c27412f 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-2-azureconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-2-azureconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.foo:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-3-kvmconfig.golden b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-3-kvmconfig.golden index 1164b997e..c8fe9b4d9 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-3-kvmconfig.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-3-kvmconfig.golden @@ -6,13 +6,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -59,13 +58,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -123,13 +121,12 @@ - role: node api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -191,13 +188,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -272,7 +268,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -332,13 +327,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -420,13 +414,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -508,13 +501,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -587,13 +579,12 @@ - kube-system api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -670,13 +661,12 @@ api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -743,13 +733,12 @@ - role: pod api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -805,13 +794,12 @@ - role: endpoints api_server: https://master.bar:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-5-cluster-api-v1alpha3.golden b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-5-cluster-api-v1alpha3.golden index 42968175e..9f4e7f349 100644 --- a/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-5-cluster-api-v1alpha3.golden +++ b/service/controller/resource/monitoring/scrapeconfigs/test/openstack/case-5-cluster-api-v1alpha3.golden @@ -7,13 +7,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -71,13 +70,12 @@ - role: node api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -139,13 +137,12 @@ - role: pod api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -220,7 +217,6 @@ cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false - tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -280,13 +276,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -359,13 +354,12 @@ - kube-system api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -442,13 +436,12 @@ api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt @@ -514,13 +507,12 @@ - role: endpoints api_server: https://master.baz:443 - authorization: - credentials_file: /etc/prometheus/secrets/cluster-certificates/token tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt key_file: /etc/prometheus/secrets/cluster-certificates/key insecure_skip_verify: false + tls_config: ca_file: /etc/prometheus/secrets/cluster-certificates/ca cert_file: /etc/prometheus/secrets/cluster-certificates/crt diff --git a/service/controller/resource/resource.go b/service/controller/resource/resource.go index 9b56aaccb..52b7bbe82 100644 --- a/service/controller/resource/resource.go +++ b/service/controller/resource/resource.go @@ -237,6 +237,7 @@ func New(config Config) ([]resource.Interface, error) { { c := prometheus.Config{ Address: config.PrometheusAddress, + K8sClient: config.K8sClient, PrometheusClient: config.PrometheusClient, Logger: config.Logger, Customer: config.Customer, diff --git a/service/key/key.go b/service/key/key.go index d633f5b61..3ab3e0adc 100644 --- a/service/key/key.go +++ b/service/key/key.go @@ -1,9 +1,11 @@ package key import ( + "context" "fmt" "math" + "github.com/giantswarm/k8sclient/v7/pkg/k8sclient" "github.com/giantswarm/microerror" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" @@ -307,3 +309,17 @@ func ClusterType(installation string, obj interface{}) string { return "workload_cluster" } + +func ApiServerAuthenticationType(ctx context.Context, k8sClient k8sclient.Interface, clusterNamespace string) (string, error) { + secret, err := k8sClient.K8sClient().CoreV1().Secrets(clusterNamespace).Get(ctx, APIServerCertificatesSecretName, metav1.GetOptions{}) + if err != nil { + return "", err + } + + if secret.Data["token"] != nil && len(secret.Data["token"]) > 0 { + return "token", nil + } else if (secret.Data["crt"] != nil && len(secret.Data["crt"]) > 0) && (secret.Data["key"] != nil && len(secret.Data["key"]) > 0) { + return "certificates", nil + } + return "vintage", nil +}