{{- define "_kube-prometheus-stack" }}

{{- if .global.aws.region }}
alertmanager:
  alertmanagerSpec:
    podMetadata:
      annotations:
        kubezero.com/sns_forwarder_ARN_PREFIX: "arn:aws:sns:{{ .global.aws.region }}:{{ .global.aws.accountId }}:"
        kubezero.com/sns_forwarder_AWS_ROLE_ARN: "arn:aws:iam::{{ .global.aws.accountId }}:role/{{ .global.aws.region }}.{{ .global.clusterName }}.alertmanager"
  config:
    receivers:
      - name: 'null'
      - name: alerthub-notifications
        webhook_configs:
          - send_resolved: true
            url: http://localhost:9087/alert/AlertHub
    route:
      receiver: alerthub-notifications
prometheus:
  prometheusSpec:
    externalLabels:
      awsAccount: '{{ .global.aws.accountId }}'
      awsRegion: {{ .global.aws.region }}
      clusterName: {{ .global.clusterName }}
    containers:
      - name: prometheus
        env:
          - name: AWS_ROLE_ARN
            value: "arn:aws:iam::{{ .global.aws.accountId }}:role/{{ .global.aws.region }}.{{ .global.clusterName }}.prometheus"
          - name: AWS_WEB_IDENTITY_TOKEN_FILE
            value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
          - name: AWS_STS_REGIONAL_ENDPOINTS
            value: regional
    volumes:
      - name: aws-token
        projected:
          sources:
          - serviceAccountToken:
              path: token
              expirationSeconds: 86400
              audience: "sts.amazonaws.com"
    volumeMounts:
      - name: aws-token
        mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
        readOnly: true
    additionalScrapeConfigs:
      - job_name: 'crio'
        ec2_sd_configs:
          - port: 9090
            region: {{ .global.aws.region }}
            filters:
              - name: 'tag-key'
                values: ['zdt:prometheus:crio']
              {{- with .metrics.kubezero.prometheus.prometheusSpec.additionalScrapeConfigsEC2Filters }}
              {{- toYaml . | nindent 14 }}
              {{- end }}
        relabel_configs:
          - source_labels:
            - '__meta_ec2_instance_id'
            target_label: 'instance_id'
          - source_labels:
            - '__meta_ec2_availability_zone'
            target_label: 'availability_zone'
          - source_labels:
            - '__meta_ec2_private_dns_name'
            target_label: 'instance'
          - source_labels:
            - '__meta_ec2_tag_Name'
            target_label: 'instance'
      - job_name: 'nodes'
        ec2_sd_configs:
          - port: 9100
            region: {{ .global.aws.region }}
            filters:
              - name: 'tag-key'
                values: ['zdt:prometheus.node-exporter']
              {{- with .metrics.kubezero.prometheus.prometheusSpec.additionalScrapeConfigsEC2Filters }}
              {{- toYaml . | nindent 14 }}
              {{- end }}
        relabel_configs:
          - source_labels:
            - '__meta_ec2_instance_id'
            target_label: 'instance_id'
          - source_labels:
            - '__meta_ec2_availability_zone'
            target_label: 'availability_zone'
          - source_labels:
            - '__meta_ec2_private_dns_name'
            target_label: 'instance'
          - source_labels:
            - '__meta_ec2_tag_Name'
            target_label: 'instance'
      - job_name: 'docker-registry'
        ec2_sd_configs:
          - port: 9101
            region: {{ .global.aws.region }}
            filters:
              - name: 'tag-key'
                values: ['zdt:prometheus.docker-registry']
              {{- with .metrics.kubezero.prometheus.prometheusSpec.additionalScrapeConfigsEC2Filters }}
              {{- toYaml . | nindent 14 }}
              {{- end }}
        relabel_configs:
          - source_labels:
            - '__meta_ec2_instance_id'
            target_label: 'instance_id'
          - source_labels:
            - '__meta_ec2_availability_zone'
            target_label: 'availability_zone'
          - source_labels:
            - '__meta_ec2_private_dns_name'
            target_label: 'instance'
          - source_labels:
            - '__meta_ec2_tag_Name'
            target_label: 'instance'
      {{- with .metrics.kubezero.prometheus.prometheusSpec.additionalScrapeConfigs }}
      {{- toYaml . | nindent 6 }}
      {{- end }}
{{- end }}

{{- end }}


{{- define "metrics-values" }}

{{- with .Values.metrics.istio }}
istio:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with index .Values "metrics" "kube-prometheus-stack" }}
kube-prometheus-stack:
  {{- toYaml ( merge ( include "_kube-prometheus-stack" $.Values | fromYaml ) . ) | nindent 2 }}
{{- end }}
{{- with index .Values "metrics" "prometheus-adapter" }}
prometheus-adapter:
  {{- toYaml . | nindent 2 }}
{{- end }}
{{- with index .Values "metrics" "prometheus-pushgateway" }}
prometheus-pushgateway:
  {{- toYaml . | nindent 2 }}
{{- end }}

{{- end }}


{{- define "metrics-argo" }}

  ignoreDifferences:
  - group: admissionregistration.k8s.io
    kind: ValidatingWebhookConfiguration
    jsonPointers:
    - /webhooks/0/failurePolicy
  - group: admissionregistration.k8s.io
    kind: MutatingWebhookConfiguration
    jsonPointers:
    - /webhooks/0/failurePolicy

{{- end }}


{{ include "kubezero-app.app" . }}