91 lines
3.0 KiB
YAML
91 lines
3.0 KiB
YAML
{{ if .Values.tempo.enabled }}
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: tempo
|
|
namespace: argocd
|
|
annotations:
|
|
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
destination:
|
|
namespace: tempo
|
|
server: 'https://kubernetes.default.svc'
|
|
project: sys
|
|
syncPolicy:
|
|
managedNamespaceMetadata:
|
|
labels:
|
|
component: sys
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
- ApplyOutOfSyncOnly=true
|
|
{{ if .Values.tempo.autosync }}
|
|
automated:
|
|
prune: true
|
|
# selfHeal: false
|
|
{{ end }}
|
|
sources:
|
|
- repoURL: {{ .Values.cluster_config.manifests }}
|
|
path: {{ .Values.cluster_config.policies }}/tempo
|
|
targetRevision: HEAD
|
|
- repoURL: 'https://grafana.github.io/helm-charts'
|
|
targetRevision: {{ .Values.tempo.version }}
|
|
chart: tempo
|
|
helm:
|
|
values: |
|
|
tempo:
|
|
reportingEnabled: false
|
|
storage:
|
|
trace:
|
|
backend: s3
|
|
s3:
|
|
bucket: {{ .Values.tempo.bucketName | default "tempo-traces" }}
|
|
endpoint: {{ .Values.tempo.s3.endpoint | default "https://s3.production.itpartner.no" }}
|
|
prefix: traces
|
|
access_key: ${S3KEY}
|
|
secret_key: ${S3SECRET}
|
|
forcepathstyle: true
|
|
region: us-east-1
|
|
{{- if .Values.tempo.s3.insecure_skip_verify }}
|
|
tls_insecure_skip_verify: true
|
|
{{- end }}
|
|
local:
|
|
path: /var/tempo/traces
|
|
wal:
|
|
path: /var/tempo/wal
|
|
metricsGenerator:
|
|
enabled: true
|
|
remoteWriteUrl: "http://prom-prometheus.prometheus:9090/api/v1/write"
|
|
extraArgs: { config.expand-env=true }
|
|
extraEnv:
|
|
- name: S3KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .Values.tempo.secret.name | default "s3-credentials"}}
|
|
key: {{ .Values.tempo.secret.access_key | default "access_key" }}
|
|
- name: S3SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .Values.tempo.secret.name | default "s3-credentials"}}
|
|
key: {{ .Values.tempo.secret.access_key | default "access_secret" }}
|
|
tempoQuery:
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }}
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
{{- with .Values.cluster_config.ingress_whitelist_ips }}
|
|
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
|
|
{{- end }}
|
|
path: /
|
|
pathType: Prefix
|
|
hosts:
|
|
- query.tempo.{{ .Values.cluster_config.domain }}
|
|
tls:
|
|
- secretName: tempo-query-tls
|
|
hosts:
|
|
- query.tempo.{{ .Values.cluster_config.domain }}
|
|
{{ end }}
|