Hello community, here is the log from the commit of package kube-prometheus for openSUSE:Factory checked in at 2020-03-22 14:17:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kube-prometheus (Old) and /work/SRC/openSUSE:Factory/.kube-prometheus.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kube-prometheus" Sun Mar 22 14:17:29 2020 rev:4 rq:787124 version:0.3.0+git20200320.a5e2783 Changes: -------- --- /work/SRC/openSUSE:Factory/kube-prometheus/kube-prometheus.changes 2020-03-18 12:50:10.077130830 +0100 +++ /work/SRC/openSUSE:Factory/.kube-prometheus.new.3160/kube-prometheus.changes 2020-03-22 14:17:31.806070673 +0100 @@ -1,0 +2,8 @@ +Sat Mar 21 10:15:36 UTC 2020 - ku...@suse.com + +- Update to version 0.3.0+git20200320.a5e2783: + * fix kube-state-metrics namespace override + * Add version and image source as config parameters. + * adding security context to kube-rbac-proxy (#450) + +------------------------------------------------------------------- Old: ---- kube-prometheus-0.3.0+git20200317.502f81b.tar.xz New: ---- kube-prometheus-0.3.0+git20200320.a5e2783.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kube-prometheus.spec ++++++ --- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:32.758071284 +0100 +++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:32.766071289 +0100 @@ -17,7 +17,7 @@ Name: kube-prometheus -Version: 0.3.0+git20200317.502f81b +Version: 0.3.0+git20200320.a5e2783 Release: 0 Summary: Manifests to use Prometheus to monitor Kubernetes License: Apache-2.0 ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:32.830071330 +0100 +++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:32.830071330 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">git://github.com/coreos/kube-prometheus.git</param> - <param name="changesrevision">502f81b235a84484b55493af5cf96623ae37ef80</param> + <param name="changesrevision">bb5de11c89a0ceb7cddbd3d7d9639c5003ea46c4</param> </service> </servicedata> \ No newline at end of file ++++++ kube-prometheus-0.3.0+git20200317.502f81b.tar.xz -> kube-prometheus-0.3.0+git20200320.a5e2783.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/docs/EKS-cni-support.md new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/EKS-cni-support.md --- old/kube-prometheus-0.3.0+git20200317.502f81b/docs/EKS-cni-support.md 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/EKS-cni-support.md 2020-03-20 07:10:29.000000000 +0100 @@ -7,8 +7,8 @@ You can monitor the `awscni` using kube-promethus with : [embedmd]:# (../examples/eks-cni-example.jsonnet) ```jsonnet -local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + - (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + { +local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + + (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + { _config+:: { namespace: 'monitoring', }, @@ -32,7 +32,7 @@ { ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } + { ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } + { ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } + -{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } +{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } ``` After you have the required yaml file please run diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/docs/weave-net-support.md new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/weave-net-support.md --- old/kube-prometheus-0.3.0+git20200317.502f81b/docs/weave-net-support.md 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/weave-net-support.md 2020-03-20 07:10:29.000000000 +0100 @@ -17,8 +17,8 @@ [embedmd]:# (../examples/weave-net-example.jsonnet) ```jsonnet -local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + - (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + { +local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + + (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + { _config+:: { namespace: 'monitoring', }, @@ -27,25 +27,26 @@ function(group) if group.name == 'weave-net' then group { - rules: std.map(function(rule) - if rule.alert == "WeaveNetFastDPFlowsLow" then - rule { - expr: "sum(weave_flows) < 20000" - } - else if rule.alert == "WeaveNetIPAMUnreachable" then - rule { - expr: "weave_ipam_unreachable_percentage > 25" - } - else - rule + rules: std.map( + function(rule) + if rule.alert == 'WeaveNetFastDPFlowsLow' then + rule { + expr: 'sum(weave_flows) < 20000', + } + else if rule.alert == 'WeaveNetIPAMUnreachable' then + rule { + expr: 'weave_ipam_unreachable_percentage > 25', + } + else + rule , group.rules - ) + ), } else group, - super.groups - ), + super.groups + ), }, }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/examples/eks-cni-example.jsonnet new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/eks-cni-example.jsonnet --- old/kube-prometheus-0.3.0+git20200317.502f81b/examples/eks-cni-example.jsonnet 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/eks-cni-example.jsonnet 2020-03-20 07:10:29.000000000 +0100 @@ -1,5 +1,5 @@ -local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + - (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + { +local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + + (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + { _config+:: { namespace: 'monitoring', }, @@ -23,4 +23,4 @@ { ['node-exporter-' + name]: kp.nodeExporter[name] for name in std.objectFields(kp.nodeExporter) } + { ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in std.objectFields(kp.kubeStateMetrics) } + { ['prometheus-' + name]: kp.prometheus[name] for name in std.objectFields(kp.prometheus) } + -{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } +{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in std.objectFields(kp.prometheusAdapter) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/examples/weave-net-example.jsonnet new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/weave-net-example.jsonnet --- old/kube-prometheus-0.3.0+git20200317.502f81b/examples/weave-net-example.jsonnet 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/weave-net-example.jsonnet 2020-03-20 07:10:29.000000000 +0100 @@ -1,5 +1,5 @@ -local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + - (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + { +local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') + + (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + { _config+:: { namespace: 'monitoring', }, @@ -8,25 +8,26 @@ function(group) if group.name == 'weave-net' then group { - rules: std.map(function(rule) - if rule.alert == "WeaveNetFastDPFlowsLow" then - rule { - expr: "sum(weave_flows) < 20000" - } - else if rule.alert == "WeaveNetIPAMUnreachable" then - rule { - expr: "weave_ipam_unreachable_percentage > 25" - } - else - rule + rules: std.map( + function(rule) + if rule.alert == 'WeaveNetFastDPFlowsLow' then + rule { + expr: 'sum(weave_flows) < 20000', + } + else if rule.alert == 'WeaveNetIPAMUnreachable' then + rule { + expr: 'weave_ipam_unreachable_percentage > 25', + } + else + rule , group.rules - ) + ), } else group, - super.groups - ), + super.groups + ), }, }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/go.sum new/kube-prometheus-0.3.0+git20200320.a5e2783/go.sum --- old/kube-prometheus-0.3.0+git20200317.502f81b/go.sum 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/go.sum 2020-03-20 07:10:29.000000000 +0100 @@ -7,6 +7,7 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d h1:UQZhZ2O0vMHr2cI+DC1Mbh0TJxzA3RcLoMsFw+aXw7E= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= +github.com/campoy/embedmd v1.0.0 h1:V4kI2qTJJLf4J29RzI/MAt2c3Bl4dQSYPuflzwFH2hY= github.com/campoy/embedmd v1.0.0/go.mod h1:oxyr9RCiSXg0M3VJ3ks0UGfp98BpSSGr0kpiX3MzVl8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet --- old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet 2020-03-20 07:10:29.000000000 +0100 @@ -35,6 +35,7 @@ spec+: { containers+: [ container.new(krp.config.kubeRbacProxy.name, krp.config.kubeRbacProxy.image) + + container.mixin.securityContext.withRunAsUser(65534) + container.withArgs([ '--logtostderr', '--secure-listen-address=' + krp.config.kubeRbacProxy.secureListenAddress, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet --- old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet 2020-03-20 07:10:29.000000000 +0100 @@ -1,5 +1,11 @@ { _config+:: { + versions+:: { + kubeStateMetrics: '1.9.5', + }, + imageRepos+:: { + kubeStateMetrics: 'quay.io/coreos/kube-state-metrics', + }, kubeStateMetrics+:: { scrapeInterval: '30s', scrapeTimeout: '30s', @@ -9,9 +15,9 @@ { local ksm = self, name:: 'kube-state-metrics', - namespace:: 'monitoring', - version:: '1.9.5', //$._config.versions.kubeStateMetrics, - image:: 'quay.io/coreos/kube-state-metrics:v' + ksm.version, + namespace:: $._config.namespace, + version:: $._config.versions.kubeStateMetrics, + image:: $._config.imageRepos.kubeStateMetrics + ':v' + $._config.versions.kubeStateMetrics, service+: { spec+: { ports: [ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/manifests/kube-state-metrics-deployment.yaml new/kube-prometheus-0.3.0+git20200320.a5e2783/manifests/kube-state-metrics-deployment.yaml --- old/kube-prometheus-0.3.0+git20200317.502f81b/manifests/kube-state-metrics-deployment.yaml 2020-03-17 14:20:31.000000000 +0100 +++ new/kube-prometheus-0.3.0+git20200320.a5e2783/manifests/kube-state-metrics-deployment.yaml 2020-03-20 07:10:29.000000000 +0100 @@ -37,6 +37,8 @@ ports: - containerPort: 8443 name: https-main + securityContext: + runAsUser: 65534 - args: - --logtostderr - --secure-listen-address=:9443 @@ -47,6 +49,8 @@ ports: - containerPort: 9443 name: https-self + securityContext: + runAsUser: 65534 nodeSelector: kubernetes.io/os: linux serviceAccountName: kube-state-metrics ++++++ update-vendor.sh ++++++ --- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:33.058071477 +0100 +++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:33.062071479 +0100 @@ -11,3 +11,4 @@ cd .. tar --owner root --group root -cJf ../vendor.tar.xz jsonnetfile.lock.json vendor cd .. +rm -rf kube-prometheus