Last active
June 10, 2025 23:35
-
-
Save TheRealNoob/4f428e98ccad4ce5386873ed4337decf to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "create" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-create", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-create", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "mutatingwebhookconfigurations", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "admissionregistration.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "mutatingwebhookconfigurations", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "admissionregistration.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "validatingwebhookconfigurations", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "admissionregistration.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "validatingwebhookconfigurations", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "admissionregistration.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-patch", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-patch", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-create", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "jobs", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-patch", | |
| "apiGroup": "batch", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "services", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "deployments", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "apps", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "servicemonitors", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook", | |
| "apiGroup": "monitoring.coreos.com", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } | |
| "create" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "serviceaccounts", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterroles", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "clusterrolebindings", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "roles", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "delete" | |
| { | |
| "resource": "rolebindings", | |
| "namespace": "monitoring", | |
| "name": "kpu-prometheus-operator-admission-webhook-aux", | |
| "apiGroup": "rbac.authorization.k8s.io", | |
| "apiVersion": "v1" | |
| } | |
| "update" | |
| { | |
| "resource": "secrets", | |
| "namespace": "monitoring", | |
| "name": "sh.helm.release.v1.kpu-prometheus-operator-admission-webhook.v1", | |
| "apiVersion": "v1" | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| minikube start --driver=docker --extra-config=apiserver.audit-policy-file=/etc/ssl/certs/audit-policy.yaml --extra-config=apiserver.audit-log-path=- | |
| helm upgrade operator-crds prometheus-community/prometheus-operator-crds --install -n monitoring --create-namespace | |
| helm upgrade kpu-prometheus-operator-admission-webhook ./ --install -n monitoring -f values --wait | |
| # in a separate window | |
| clear;k logs -n kube-system pod/kube-apiserver-minikube | jq --raw-input 'fromjson? | select(.userAgent == "Helm/3.12.0" and .stage == "ResponseComplete" and .verb != "get" and .verb != "list" and .verb != "watch")' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus-operator-admission-webhook/values.yaml | |
| replicas: 1 | |
| jobs: | |
| createSecret: | |
| # This create a TLS key-pair for use by the Webhooks (required by Kubernetes) | |
| annotations: | |
| "helm.sh/hook-weight": "0" | |
| patchWebhook: | |
| # This patches the Webhooks injecting the TLS key-pair | |
| annotations: | |
| "helm.sh/hook": pre-install,pre-upgrade | |
| "helm.sh/hook-weight": "2" | |
| webhooks: | |
| # do not install validating webhook for Alertmanager CR | |
| enabled: | |
| alertmanagerconfigsValidate: false | |
| # install the webhooks after job/createSecret and before job/patchWebhook | |
| # Due to helm, this has the side-effect of deleting and re-creating the webhooks on every release | |
| # Fortunately it's an immediate (back to back) recreate, so the gap is minimal | |
| annotations: | |
| "helm.sh/hook": pre-install,pre-upgrade | |
| "helm.sh/hook-weight": "1" | |
| serviceMonitor: | |
| enabled: true | |
| tlsConfig: | |
| serverName: kpu-prometheus-operator-admission-webhook.monitoring.svc | |
| ca: | |
| secret: | |
| name: kpu-prometheus-operator-admission-webhook | |
| key: ca | |
| prometheusRule: | |
| enabled: false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment