Hello community,
here is the log from the commit of package kube-prometheus for openSUSE:Factory
checked in at 2020-03-22 14:17:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kube-prometheus (Old)
and /work/SRC/openSUSE:Factory/.kube-prometheus.new.3160 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kube-prometheus"
Sun Mar 22 14:17:29 2020 rev:4 rq:787124 version:0.3.0+git20200320.a5e2783
Changes:
--------
--- /work/SRC/openSUSE:Factory/kube-prometheus/kube-prometheus.changes
2020-03-18 12:50:10.077130830 +0100
+++
/work/SRC/openSUSE:Factory/.kube-prometheus.new.3160/kube-prometheus.changes
2020-03-22 14:17:31.806070673 +0100
@@ -1,0 +2,8 @@
+Sat Mar 21 10:15:36 UTC 2020 - ku...@suse.com
+
+- Update to version 0.3.0+git20200320.a5e2783:
+ * fix kube-state-metrics namespace override
+ * Add version and image source as config parameters.
+ * adding security context to kube-rbac-proxy (#450)
+
+-------------------------------------------------------------------
Old:
----
kube-prometheus-0.3.0+git20200317.502f81b.tar.xz
New:
----
kube-prometheus-0.3.0+git20200320.a5e2783.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kube-prometheus.spec ++++++
--- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:32.758071284 +0100
+++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:32.766071289 +0100
@@ -17,7 +17,7 @@
Name: kube-prometheus
-Version: 0.3.0+git20200317.502f81b
+Version: 0.3.0+git20200320.a5e2783
Release: 0
Summary: Manifests to use Prometheus to monitor Kubernetes
License: Apache-2.0
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:32.830071330 +0100
+++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:32.830071330 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">git://github.com/coreos/kube-prometheus.git</param>
- <param
name="changesrevision">502f81b235a84484b55493af5cf96623ae37ef80</param>
+ <param
name="changesrevision">bb5de11c89a0ceb7cddbd3d7d9639c5003ea46c4</param>
</service>
</servicedata>
\ No newline at end of file
++++++ kube-prometheus-0.3.0+git20200317.502f81b.tar.xz ->
kube-prometheus-0.3.0+git20200320.a5e2783.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/docs/EKS-cni-support.md
new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/EKS-cni-support.md
--- old/kube-prometheus-0.3.0+git20200317.502f81b/docs/EKS-cni-support.md
2020-03-17 14:20:31.000000000 +0100
+++ new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/EKS-cni-support.md
2020-03-20 07:10:29.000000000 +0100
@@ -7,8 +7,8 @@
You can monitor the `awscni` using kube-promethus with :
[embedmd]:# (../examples/eks-cni-example.jsonnet)
```jsonnet
-local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
- (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + {
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + {
_config+:: {
namespace: 'monitoring',
},
@@ -32,7 +32,7 @@
{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in
std.objectFields(kp.nodeExporter) } +
{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in
std.objectFields(kp.kubeStateMetrics) } +
{ ['prometheus-' + name]: kp.prometheus[name] for name in
std.objectFields(kp.prometheus) } +
-{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in
std.objectFields(kp.prometheusAdapter) }
+{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in
std.objectFields(kp.prometheusAdapter) }
```
After you have the required yaml file please run
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/docs/weave-net-support.md
new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/weave-net-support.md
--- old/kube-prometheus-0.3.0+git20200317.502f81b/docs/weave-net-support.md
2020-03-17 14:20:31.000000000 +0100
+++ new/kube-prometheus-0.3.0+git20200320.a5e2783/docs/weave-net-support.md
2020-03-20 07:10:29.000000000 +0100
@@ -17,8 +17,8 @@
[embedmd]:# (../examples/weave-net-example.jsonnet)
```jsonnet
-local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
- (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + {
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + {
_config+:: {
namespace: 'monitoring',
},
@@ -27,25 +27,26 @@
function(group)
if group.name == 'weave-net' then
group {
- rules: std.map(function(rule)
- if rule.alert == "WeaveNetFastDPFlowsLow" then
- rule {
- expr: "sum(weave_flows) < 20000"
- }
- else if rule.alert == "WeaveNetIPAMUnreachable" then
- rule {
- expr: "weave_ipam_unreachable_percentage > 25"
- }
- else
- rule
+ rules: std.map(
+ function(rule)
+ if rule.alert == 'WeaveNetFastDPFlowsLow' then
+ rule {
+ expr: 'sum(weave_flows) < 20000',
+ }
+ else if rule.alert == 'WeaveNetIPAMUnreachable' then
+ rule {
+ expr: 'weave_ipam_unreachable_percentage > 25',
+ }
+ else
+ rule
,
group.rules
- )
+ ),
}
else
group,
- super.groups
- ),
+ super.groups
+ ),
},
};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/examples/eks-cni-example.jsonnet
new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/eks-cni-example.jsonnet
---
old/kube-prometheus-0.3.0+git20200317.502f81b/examples/eks-cni-example.jsonnet
2020-03-17 14:20:31.000000000 +0100
+++
new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/eks-cni-example.jsonnet
2020-03-20 07:10:29.000000000 +0100
@@ -1,5 +1,5 @@
-local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
- (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + {
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-eks.libsonnet') + {
_config+:: {
namespace: 'monitoring',
},
@@ -23,4 +23,4 @@
{ ['node-exporter-' + name]: kp.nodeExporter[name] for name in
std.objectFields(kp.nodeExporter) } +
{ ['kube-state-metrics-' + name]: kp.kubeStateMetrics[name] for name in
std.objectFields(kp.kubeStateMetrics) } +
{ ['prometheus-' + name]: kp.prometheus[name] for name in
std.objectFields(kp.prometheus) } +
-{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in
std.objectFields(kp.prometheusAdapter) }
+{ ['prometheus-adapter-' + name]: kp.prometheusAdapter[name] for name in
std.objectFields(kp.prometheusAdapter) }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/examples/weave-net-example.jsonnet
new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/weave-net-example.jsonnet
---
old/kube-prometheus-0.3.0+git20200317.502f81b/examples/weave-net-example.jsonnet
2020-03-17 14:20:31.000000000 +0100
+++
new/kube-prometheus-0.3.0+git20200320.a5e2783/examples/weave-net-example.jsonnet
2020-03-20 07:10:29.000000000 +0100
@@ -1,5 +1,5 @@
-local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
- (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + {
+local kp = (import 'kube-prometheus/kube-prometheus.libsonnet') +
+ (import 'kube-prometheus/kube-prometheus-weave-net.libsonnet') + {
_config+:: {
namespace: 'monitoring',
},
@@ -8,25 +8,26 @@
function(group)
if group.name == 'weave-net' then
group {
- rules: std.map(function(rule)
- if rule.alert == "WeaveNetFastDPFlowsLow" then
- rule {
- expr: "sum(weave_flows) < 20000"
- }
- else if rule.alert == "WeaveNetIPAMUnreachable" then
- rule {
- expr: "weave_ipam_unreachable_percentage > 25"
- }
- else
- rule
+ rules: std.map(
+ function(rule)
+ if rule.alert == 'WeaveNetFastDPFlowsLow' then
+ rule {
+ expr: 'sum(weave_flows) < 20000',
+ }
+ else if rule.alert == 'WeaveNetIPAMUnreachable' then
+ rule {
+ expr: 'weave_ipam_unreachable_percentage > 25',
+ }
+ else
+ rule
,
group.rules
- )
+ ),
}
else
group,
- super.groups
- ),
+ super.groups
+ ),
},
};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-prometheus-0.3.0+git20200317.502f81b/go.sum
new/kube-prometheus-0.3.0+git20200320.a5e2783/go.sum
--- old/kube-prometheus-0.3.0+git20200317.502f81b/go.sum 2020-03-17
14:20:31.000000000 +0100
+++ new/kube-prometheus-0.3.0+git20200320.a5e2783/go.sum 2020-03-20
07:10:29.000000000 +0100
@@ -7,6 +7,7 @@
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod
h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d
h1:UQZhZ2O0vMHr2cI+DC1Mbh0TJxzA3RcLoMsFw+aXw7E=
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod
h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
+github.com/campoy/embedmd v1.0.0
h1:V4kI2qTJJLf4J29RzI/MAt2c3Bl4dQSYPuflzwFH2hY=
github.com/campoy/embedmd v1.0.0/go.mod
h1:oxyr9RCiSXg0M3VJ3ks0UGfp98BpSSGr0kpiX3MzVl8=
github.com/davecgh/go-spew v1.1.0/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1
h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet
new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet
---
old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet
2020-03-17 14:20:31.000000000 +0100
+++
new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet
2020-03-20 07:10:29.000000000 +0100
@@ -35,6 +35,7 @@
spec+: {
containers+: [
container.new(krp.config.kubeRbacProxy.name,
krp.config.kubeRbacProxy.image) +
+ container.mixin.securityContext.withRunAsUser(65534) +
container.withArgs([
'--logtostderr',
'--secure-listen-address=' +
krp.config.kubeRbacProxy.secureListenAddress,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
---
old/kube-prometheus-0.3.0+git20200317.502f81b/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
2020-03-17 14:20:31.000000000 +0100
+++
new/kube-prometheus-0.3.0+git20200320.a5e2783/jsonnet/kube-prometheus/kube-state-metrics/kube-state-metrics.libsonnet
2020-03-20 07:10:29.000000000 +0100
@@ -1,5 +1,11 @@
{
_config+:: {
+ versions+:: {
+ kubeStateMetrics: '1.9.5',
+ },
+ imageRepos+:: {
+ kubeStateMetrics: 'quay.io/coreos/kube-state-metrics',
+ },
kubeStateMetrics+:: {
scrapeInterval: '30s',
scrapeTimeout: '30s',
@@ -9,9 +15,9 @@
{
local ksm = self,
name:: 'kube-state-metrics',
- namespace:: 'monitoring',
- version:: '1.9.5',
//$._config.versions.kubeStateMetrics,
- image:: 'quay.io/coreos/kube-state-metrics:v' +
ksm.version,
+ namespace:: $._config.namespace,
+ version:: $._config.versions.kubeStateMetrics,
+ image:: $._config.imageRepos.kubeStateMetrics + ':v' +
$._config.versions.kubeStateMetrics,
service+: {
spec+: {
ports: [
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-prometheus-0.3.0+git20200317.502f81b/manifests/kube-state-metrics-deployment.yaml
new/kube-prometheus-0.3.0+git20200320.a5e2783/manifests/kube-state-metrics-deployment.yaml
---
old/kube-prometheus-0.3.0+git20200317.502f81b/manifests/kube-state-metrics-deployment.yaml
2020-03-17 14:20:31.000000000 +0100
+++
new/kube-prometheus-0.3.0+git20200320.a5e2783/manifests/kube-state-metrics-deployment.yaml
2020-03-20 07:10:29.000000000 +0100
@@ -37,6 +37,8 @@
ports:
- containerPort: 8443
name: https-main
+ securityContext:
+ runAsUser: 65534
- args:
- --logtostderr
- --secure-listen-address=:9443
@@ -47,6 +49,8 @@
ports:
- containerPort: 9443
name: https-self
+ securityContext:
+ runAsUser: 65534
nodeSelector:
kubernetes.io/os: linux
serviceAccountName: kube-state-metrics
++++++ update-vendor.sh ++++++
--- /var/tmp/diff_new_pack.68qKRm/_old 2020-03-22 14:17:33.058071477 +0100
+++ /var/tmp/diff_new_pack.68qKRm/_new 2020-03-22 14:17:33.062071479 +0100
@@ -11,3 +11,4 @@
cd ..
tar --owner root --group root -cJf ../vendor.tar.xz jsonnetfile.lock.json
vendor
cd ..
+rm -rf kube-prometheus
