feat(external-secrets): update helm-release ( 0.12.1 → 0.13.0 ) #4364
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![tyriis-automation[bot]](https://avatars.githubusercontent.com/in/334186?s=60&v=4){kind=small}
tyriis-automation
bot
added
renovate/flux
|
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-controller
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-controller
@@ -48,12 +48,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- stssessiontokens
- uuids
- vaultdynamicsecrets
- webhooks
verbs:
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-view
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-view
@@ -28,12 +28,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- vaultdynamicsecrets
- webhooks
verbs:
- get
- watch
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-edit
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-edit
@@ -29,12 +29,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- vaultdynamicsecrets
- webhooks
verbs:
- create
- delete
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- certcontroller
- --crd-requeue-interval=5m
- --service-name=external-secrets-webhook
- --service-namespace=secops
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- --concurrent=1
- --metrics-addr=:8080
- --loglevel=info
- --zap-time-encoding=epoch
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- webhook
- --port=10250
- --dns-name=external-secrets-webhook.secops.svc
- --cert-dir=/tmp/certs |
--- kubernetes/kube-nas/apps/secops/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: secops/external-secrets
+++ kubernetes/kube-nas/apps/secops/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: secops/external-secrets
@@ -12,13 +12,13 @@
spec:
chart: external-secrets
sourceRef:
kind: HelmRepository
name: external-secrets-charts
namespace: flux-system
- version: 0.12.1
+ version: 0.13.0
driftDetection:
mode: enabled
install:
remediation:
retries: 3
interval: 15m |
--- kubernetes/talos-flux/apps/secops/external-secrets/app Kustomization: flux-system/apps-external-secrets HelmRelease: secops/external-secrets
+++ kubernetes/talos-flux/apps/secops/external-secrets/app Kustomization: flux-system/apps-external-secrets HelmRelease: secops/external-secrets
@@ -13,13 +13,13 @@
chart: external-secrets
interval: 30m
sourceRef:
kind: HelmRepository
name: external-secrets-charts
namespace: flux-system
- version: 0.12.1
+ version: 0.13.0
interval: 30m
values:
grafana:
enabled: false
installCRDs: true
replicaCount: 1
--- kubernetes/talos-flux/apps/observability/kube-prometheus-stack/app Kustomization: flux-system/apps-kube-prometheus-stack HelmRelease: observability/kube-prometheus-stack
+++ kubernetes/talos-flux/apps/observability/kube-prometheus-stack/app Kustomization: flux-system/apps-kube-prometheus-stack HelmRelease: observability/kube-prometheus-stack
@@ -12,13 +12,13 @@
spec:
chart: kube-prometheus-stack
sourceRef:
kind: HelmRepository
name: prometheus-community-charts
namespace: flux-system
- version: 68.3.0
+ version: 68.2.2
install:
crds: CreateReplace
createNamespace: true
remediation:
retries: 3
interval: 15m |
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-controller
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-controller
@@ -48,12 +48,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- stssessiontokens
- uuids
- vaultdynamicsecrets
- webhooks
verbs:
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-view
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-view
@@ -28,12 +28,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- vaultdynamicsecrets
- webhooks
verbs:
- get
- watch
--- HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-edit
+++ HelmRelease: secops/external-secrets ClusterRole: secops/external-secrets-edit
@@ -29,12 +29,13 @@
- acraccesstokens
- clustergenerators
- ecrauthorizationtokens
- fakes
- gcraccesstokens
- githubaccesstokens
+ - quayaccesstokens
- passwords
- vaultdynamicsecrets
- webhooks
verbs:
- create
- delete
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-cert-controller
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- certcontroller
- --crd-requeue-interval=5m
- --service-name=external-secrets-webhook
- --service-namespace=secops
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- --concurrent=1
- --metrics-addr=:8080
- --loglevel=info
- --zap-time-encoding=epoch
--- HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook
+++ HelmRelease: secops/external-secrets Deployment: secops/external-secrets-webhook
@@ -34,13 +34,13 @@
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
- image: oci.external-secrets.io/external-secrets/external-secrets:v0.12.1
+ image: oci.external-secrets.io/external-secrets/external-secrets:v0.13.0
imagePullPolicy: IfNotPresent
args:
- webhook
- --port=10250
- --dns-name=external-secrets-webhook.secops.svc
- --cert-dir=/tmp/certs
--- HelmRelease: observability/kube-prometheus-stack ConfigMap: observability/prometheus-prometheus
+++ HelmRelease: observability/kube-prometheus-stack ConfigMap: observability/prometheus-prometheus
@@ -12,46 +12,74 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: kube-prometheus-stack
app.kubernetes.io/part-of: kube-prometheus-stack
release: kube-prometheus-stack
heritage: Helm
data:
- prometheus.json: '{"panels":[{"collapsed":false,"gridPos":{"h":1,"w":24,"x":0,"y":0},"id":1,"panels":[],"title":"Prometheus
- Stats","type":"row"},{"datasource":{"type":"prometheus","uid":"$datasource"},"fieldConfig":{"defaults":{"decimals":2,"displayName":"","unit":"short"},"overrides":[{"matcher":{"id":"byName","options":"Time"},"properties":[{"id":"displayName","value":"Time"},{"id":"custom.align","value":null},{"id":"custom.hidden","value":"true"}]},{"matcher":{"id":"byName","options":"cluster"},"properties":[{"id":"custom.align","value":null},{"id":"unit","value":"short"},{"id":"decimals","value":2},{"id":"displayName","value":"Cluster"}]},{"matcher":{"id":"byName","options":"job"},"properties":[{"id":"custom.align","value":null},{"id":"unit","value":"short"},{"id":"decimals","value":2},{"id":"displayName","value":"Job"}]},{"matcher":{"id":"byName","options":"instance"},"properties":[{"id":"displayName","value":"Instance"},{"id":"custom.align","value":null},{"id":"unit","value":"short"},{"id":"decimals","value":2}]},{"matcher":{"id":"byName","options":"version"},"properties":[{"id":"displayName","value":"Version"},{"id":"custom.align","value":null},{"id":"unit","value":"short"},{"id":"decimals","value":2}]},{"matcher":{"id":"byName","options":"Value
- #A"},"properties":[{"id":"displayName","value":"Count"},{"id":"custom.align","value":null},{"id":"unit","value":"short"},{"id":"decimals","value":2},{"id":"custom.hidden","value":"true"}]},{"matcher":{"id":"byName","options":"Value
- #B"},"properties":[{"id":"displayName","value":"Uptime"},{"id":"custom.align","value":null},{"id":"unit","value":"s"}]}]},"gridPos":{"h":7,"w":24,"x":0,"y":1},"id":2,"pluginVersion":"v11.4.0","targets":[{"datasource":{"type":"prometheus","uid":"$datasource"},"expr":"count
+ prometheus.json: '{"annotations":{"list":[]},"editable":true,"gnetId":null,"graphTooltip":0,"hideControls":false,"links":[],"refresh":"60s","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":1,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null
+ as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD
+ HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Count","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"hidden","unit":"short"},{"alias":"Uptime","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"s"},{"alias":"Cluster","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"cluster","thresholds":[],"type":"number","unit":"short"},{"alias":"Instance","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"instance","thresholds":[],"type":"number","unit":"short"},{"alias":"Job","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"job","thresholds":[],"type":"number","unit":"short"},{"alias":"Version","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill
+ down","linkUrl":"","pattern":"version","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD
+ HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"count
by (cluster, job, instance, version) (prometheus_build_info{cluster=~\"$cluster\",
- job=~\"$job\", instance=~\"$instance\"})","format":"table","instant":true,"legendFormat":""},{"datasource":{"type":"prometheus","uid":"$datasource"},"expr":"max
+ job=~\"$job\", instance=~\"$instance\"})","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"max
by (cluster, job, instance) (time() - process_start_time_seconds{cluster=~\"$cluster\",
- job=~\"$job\", instance=~\"$instance\"})","format":"table","instant":true,"legendFormat":""}],"title":"Prometheus
- Stats","type":"table"},{"collapsed":false,"gridPos":{"h":1,"w":24,"x":0,"y":8},"id":3,"panels":[],"title":"Discovery","type":"row"},{"datasource":{"type":"prometheus","uid":"$datasource"},"fieldConfig":{"defaults":{"custom":{"fillOpacity":10,"showPoints":"never"},"min":0,"unit":"ms"}},"gridPos":{"h":7,"w":12,"x":0,"y":9},"id":4,"options":{"tooltip":{"mode":"multi","sort":"desc"}},"pluginVersion":"v11.4.0","targets":[{"datasource":{"type":"prometheus","uid":"$datasource"},"expr":"sum(rate(prometheus_target_sync_length_seconds_sum{cluster=~\"$cluster\",job=~\"$job\",instance=~\"$instance\"}[5m]))
- by (cluster, job, scrape_job, instance) * 1e3","format":"time_series","legendFormat":"{{cluster}}:{{job}}:{{instance}}:{{scrape_job}}"}],"title":"Target
- Sync","type":"timeseries"},{"datasource":{"type":"prometheus","uid":"$datasource"},"fieldConfig":{"defaults":{"custom":{"fillOpacity":100,"lineWidth":0,"showPoints":"never","stacking":{"mode":"normal"}},"min":0,"unit":"short"}},"gridPos":{"h":7,"w":12,"x":12,"y":9},"id":5,"options":{"tooltip":{"mode":"multi","sort":"desc"}},"pluginVersion":"v11.4.0","targets":[{"datasource":{"type":"prometheus","uid":"$datasource"},"expr":"sum
+ job=~\"$job\", instance=~\"$instance\"})","format":"table","instant":true,"legendFormat":"","refId":"B"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Prometheus
+ Stats","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Prometheus
+ Stats","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null
+ as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(rate(prometheus_target_sync_length_seconds_sum{cluster=~\"$cluster\",job=~\"$job\",instance=~\"$instance\"}[5m]))
+ by (cluster, job, scrape_job, instance) * 1e3","format":"time_series","legendFormat":"{{cluster}}:{{job}}:{{instance}}:{{scrape_job}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Target
+ Sync","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"ms","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null
+ as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"sum
by (cluster, job, instance) (prometheus_sd_discovered_targets{cluster=~\"$cluster\",
- job=~\"$job\",instance=~\"$instance\"})","format":"time_series","legendFormat":"{{cluster}}:{{job}}:{{instance}}"}],"title":"Targets","type":"timeseries"},{"collapsed":false,"gridPos":{"h":1,"w":24,"x":0,"y":16},"id":6,"panels":[],"title":"Retrieval","type":"row"},{"datasource":{"type":"prometheus","uid":"$datasource"},"fieldConfig":{"defaults":{"custom":{"fillOpacity":10,"showPoints":"never"},"min":0,"unit":"ms"}},"gridPos":{"h":7,"w":8,"x":0,"y":17},"id":7,"options":{"tooltip":{"mode":"multi","sort":"desc"}},"pluginVersion":"v11.4.0","targets":[{"datasource":{"type":"prometheus","uid":"$datasource"},"expr":"rate(prometheus_target_interval_length_seconds_sum{cluster=~\"$cluster\",
[Diff truncated by flux-local]
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kube-apiserver-slos
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kube-apiserver-slos
@@ -14,14 +14,13 @@
spec:
groups:
- name: kube-apiserver-slos
rules:
- alert: KubeAPIErrorBudgetBurn
annotations:
- description: The API server is burning too much error budget on cluster {{
- $labels.cluster }}.
+ description: The API server is burning too much error budget.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeapierrorbudgetburn
summary: The API server is burning too much error budget.
expr: |-
sum by (cluster) (apiserver_request:burnrate1h) > (14.40 * 0.01000)
and on (cluster)
sum by (cluster) (apiserver_request:burnrate5m) > (14.40 * 0.01000)
@@ -29,14 +28,13 @@
labels:
long: 1h
severity: critical
short: 5m
- alert: KubeAPIErrorBudgetBurn
annotations:
- description: The API server is burning too much error budget on cluster {{
- $labels.cluster }}.
+ description: The API server is burning too much error budget.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeapierrorbudgetburn
summary: The API server is burning too much error budget.
expr: |-
sum by (cluster) (apiserver_request:burnrate6h) > (6.00 * 0.01000)
and on (cluster)
sum by (cluster) (apiserver_request:burnrate30m) > (6.00 * 0.01000)
@@ -44,14 +42,13 @@
labels:
long: 6h
severity: critical
short: 30m
- alert: KubeAPIErrorBudgetBurn
annotations:
- description: The API server is burning too much error budget on cluster {{
- $labels.cluster }}.
+ description: The API server is burning too much error budget.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeapierrorbudgetburn
summary: The API server is burning too much error budget.
expr: |-
sum by (cluster) (apiserver_request:burnrate1d) > (3.00 * 0.01000)
and on (cluster)
sum by (cluster) (apiserver_request:burnrate2h) > (3.00 * 0.01000)
@@ -59,14 +56,13 @@
labels:
long: 1d
severity: warning
short: 2h
- alert: KubeAPIErrorBudgetBurn
annotations:
- description: The API server is burning too much error budget on cluster {{
- $labels.cluster }}.
+ description: The API server is burning too much error budget.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeapierrorbudgetburn
summary: The API server is burning too much error budget.
expr: |-
sum by (cluster) (apiserver_request:burnrate3d) > (1.00 * 0.01000)
and on (cluster)
sum by (cluster) (apiserver_request:burnrate6h) > (1.00 * 0.01000)
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-apps
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-apps
@@ -15,25 +15,24 @@
groups:
- name: kubernetes-apps
rules:
- alert: KubePodCrashLooping
annotations:
description: 'Pod {{ $labels.namespace }}/{{ $labels.pod }} ({{ $labels.container
- }}) is in waiting state (reason: "CrashLoopBackOff") on cluster {{ $labels.cluster
- }}.'
+ }}) is in waiting state (reason: "CrashLoopBackOff").'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubepodcrashlooping
summary: Pod is crash looping.
expr: max_over_time(kube_pod_container_status_waiting_reason{reason="CrashLoopBackOff",
job="kube-state-metrics", namespace=~".*"}[5m]) >= 1
for: 15m
labels:
severity: warning
- alert: KubePodNotReady
annotations:
description: Pod {{ $labels.namespace }}/{{ $labels.pod }} has been in a non-ready
- state for longer than 15 minutes on cluster {{ $labels.cluster }}.
+ state for longer than 15 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubepodnotready
summary: Pod has been in a non-ready state for more than 15 minutes.
expr: |-
sum by (namespace, pod, cluster) (
max by (namespace, pod, cluster) (
kube_pod_status_phase{job="kube-state-metrics", namespace=~".*", phase=~"Pending|Unknown|Failed"}
@@ -45,27 +44,26 @@
labels:
severity: warning
- alert: KubeDeploymentGenerationMismatch
annotations:
description: Deployment generation for {{ $labels.namespace }}/{{ $labels.deployment
}} does not match, this indicates that the Deployment has failed but has
- not been rolled back on cluster {{ $labels.cluster }}.
+ not been rolled back.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedeploymentgenerationmismatch
summary: Deployment generation mismatch due to possible roll-back
expr: |-
kube_deployment_status_observed_generation{job="kube-state-metrics", namespace=~".*"}
!=
kube_deployment_metadata_generation{job="kube-state-metrics", namespace=~".*"}
for: 15m
labels:
severity: warning
- alert: KubeDeploymentReplicasMismatch
annotations:
description: Deployment {{ $labels.namespace }}/{{ $labels.deployment }} has
- not matched the expected number of replicas for longer than 15 minutes on
- cluster {{ $labels.cluster }}.
+ not matched the expected number of replicas for longer than 15 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedeploymentreplicasmismatch
summary: Deployment has not matched the expected number of replicas.
expr: |-
(
kube_deployment_spec_replicas{job="kube-state-metrics", namespace=~".*"}
>
@@ -78,27 +76,25 @@
for: 15m
labels:
severity: warning
- alert: KubeDeploymentRolloutStuck
annotations:
description: Rollout of deployment {{ $labels.namespace }}/{{ $labels.deployment
- }} is not progressing for longer than 15 minutes on cluster {{ $labels.cluster
- }}.
+ }} is not progressing for longer than 15 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedeploymentrolloutstuck
summary: Deployment rollout is not progressing.
expr: |-
kube_deployment_status_condition{condition="Progressing", status="false",job="kube-state-metrics", namespace=~".*"}
!= 0
for: 15m
labels:
severity: warning
- alert: KubeStatefulSetReplicasMismatch
annotations:
description: StatefulSet {{ $labels.namespace }}/{{ $labels.statefulset }}
- has not matched the expected number of replicas for longer than 15 minutes
- on cluster {{ $labels.cluster }}.
+ has not matched the expected number of replicas for longer than 15 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetreplicasmismatch
summary: StatefulSet has not matched the expected number of replicas.
expr: |-
(
kube_statefulset_status_replicas_ready{job="kube-state-metrics", namespace=~".*"}
!=
@@ -112,26 +108,26 @@
labels:
severity: warning
- alert: KubeStatefulSetGenerationMismatch
annotations:
description: StatefulSet generation for {{ $labels.namespace }}/{{ $labels.statefulset
}} does not match, this indicates that the StatefulSet has failed but has
- not been rolled back on cluster {{ $labels.cluster }}.
+ not been rolled back.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetgenerationmismatch
summary: StatefulSet generation mismatch due to possible roll-back
expr: |-
kube_statefulset_status_observed_generation{job="kube-state-metrics", namespace=~".*"}
!=
kube_statefulset_metadata_generation{job="kube-state-metrics", namespace=~".*"}
for: 15m
labels:
severity: warning
- alert: KubeStatefulSetUpdateNotRolledOut
annotations:
description: StatefulSet {{ $labels.namespace }}/{{ $labels.statefulset }}
- update has not been rolled out on cluster {{ $labels.cluster }}.
+ update has not been rolled out.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubestatefulsetupdatenotrolledout
summary: StatefulSet update has not been rolled out.
expr: |-
(
max by (namespace, statefulset, job, cluster) (
kube_statefulset_status_current_revision{job="kube-state-metrics", namespace=~".*"}
@@ -152,14 +148,13 @@
for: 15m
labels:
severity: warning
- alert: KubeDaemonSetRolloutStuck
annotations:
description: DaemonSet {{ $labels.namespace }}/{{ $labels.daemonset }} has
- not finished or progressed for at least 15m on cluster {{ $labels.cluster
- }}.
+ not finished or progressed for at least 15m.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedaemonsetrolloutstuck
summary: DaemonSet rollout is stuck.
expr: |-
(
(
kube_daemonset_status_current_number_scheduled{job="kube-state-metrics", namespace=~".*"}
@@ -187,74 +182,70 @@
labels:
severity: warning
- alert: KubeContainerWaiting
annotations:
description: 'pod/{{ $labels.pod }} in namespace {{ $labels.namespace }} on
container {{ $labels.container}} has been in waiting state for longer than
- 1 hour. (reason: "{{ $labels.reason }}") on cluster {{ $labels.cluster }}.'
+ 1 hour. (reason: "{{ $labels.reason }}").'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubecontainerwaiting
summary: Pod container waiting longer than 1 hour
expr: kube_pod_container_status_waiting_reason{reason!="CrashLoopBackOff", job="kube-state-metrics",
namespace=~".*"} > 0
for: 1h
labels:
severity: warning
- alert: KubeDaemonSetNotScheduled
annotations:
description: '{{ $value }} Pods of DaemonSet {{ $labels.namespace }}/{{ $labels.daemonset
- }} are not scheduled on cluster {{ $labels.cluster }}.'
+ }} are not scheduled.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedaemonsetnotscheduled
summary: DaemonSet pods are not scheduled.
expr: |-
kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~".*"}
-
kube_daemonset_status_current_number_scheduled{job="kube-state-metrics", namespace=~".*"} > 0
for: 10m
labels:
severity: warning
- alert: KubeDaemonSetMisScheduled
annotations:
description: '{{ $value }} Pods of DaemonSet {{ $labels.namespace }}/{{ $labels.daemonset
- }} are running where they are not supposed to run on cluster {{ $labels.cluster
- }}.'
+ }} are running where they are not supposed to run.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubedaemonsetmisscheduled
summary: DaemonSet pods are misscheduled.
expr: kube_daemonset_status_number_misscheduled{job="kube-state-metrics", namespace=~".*"}
> 0
for: 15m
labels:
severity: warning
- alert: KubeJobNotCompleted
annotations:
description: Job {{ $labels.namespace }}/{{ $labels.job_name }} is taking
- more than {{ "43200" | humanizeDuration }} to complete on cluster {{ $labels.cluster
- }}.
+ more than {{ "43200" | humanizeDuration }} to complete.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubejobnotcompleted
summary: Job did not complete in time
expr: |-
time() - max by (namespace, job_name, cluster) (kube_job_status_start_time{job="kube-state-metrics", namespace=~".*"}
and
kube_job_status_active{job="kube-state-metrics", namespace=~".*"} > 0) > 43200
labels:
severity: warning
- alert: KubeJobFailed
annotations:
description: Job {{ $labels.namespace }}/{{ $labels.job_name }} failed to
- complete. Removing failed job after investigation should clear this alert
- on cluster {{ $labels.cluster }}.
+ complete. Removing failed job after investigation should clear this alert.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubejobfailed
[Diff truncated by flux-local]
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-resources
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-resources
@@ -70,13 +70,13 @@
for: 5m
labels:
severity: warning
- alert: KubeQuotaAlmostFull
annotations:
description: Namespace {{ $labels.namespace }} is using {{ $value | humanizePercentage
- }} of its {{ $labels.resource }} quota on cluster {{ $labels.cluster }}.
+ }} of its {{ $labels.resource }} quota.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubequotaalmostfull
summary: Namespace quota is going to be full.
expr: |-
kube_resourcequota{job="kube-state-metrics", type="used"}
/ ignoring(instance, job, type)
(kube_resourcequota{job="kube-state-metrics", type="hard"} > 0)
@@ -84,13 +84,13 @@
for: 15m
labels:
severity: info
- alert: KubeQuotaFullyUsed
annotations:
description: Namespace {{ $labels.namespace }} is using {{ $value | humanizePercentage
- }} of its {{ $labels.resource }} quota on cluster {{ $labels.cluster }}.
+ }} of its {{ $labels.resource }} quota.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubequotafullyused
summary: Namespace quota is fully used.
expr: |-
kube_resourcequota{job="kube-state-metrics", type="used"}
/ ignoring(instance, job, type)
(kube_resourcequota{job="kube-state-metrics", type="hard"} > 0)
@@ -98,13 +98,13 @@
for: 15m
labels:
severity: info
- alert: KubeQuotaExceeded
annotations:
description: Namespace {{ $labels.namespace }} is using {{ $value | humanizePercentage
- }} of its {{ $labels.resource }} quota on cluster {{ $labels.cluster }}.
+ }} of its {{ $labels.resource }} quota.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubequotaexceeded
summary: Namespace quota has exceeded the limits.
expr: |-
kube_resourcequota{job="kube-state-metrics", type="used"}
/ ignoring(instance, job, type)
(kube_resourcequota{job="kube-state-metrics", type="hard"} > 0)
@@ -113,13 +113,13 @@
labels:
severity: warning
- alert: CPUThrottlingHigh
annotations:
description: '{{ $value | humanizePercentage }} throttling of CPU in namespace
{{ $labels.namespace }} for container {{ $labels.container }} in pod {{
- $labels.pod }} on cluster {{ $labels.cluster }}.'
+ $labels.pod }}.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/cputhrottlinghigh
summary: Processes experience elevated CPU throttling.
expr: |-
sum(increase(container_cpu_cfs_throttled_periods_total{container!="", job="kubelet", metrics_path="/metrics/cadvisor", }[5m])) without (id, metrics_path, name, image, endpoint, job, node)
/
sum(increase(container_cpu_cfs_periods_total{job="kubelet", metrics_path="/metrics/cadvisor", }[5m])) without (id, metrics_path, name, image, endpoint, job, node)
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system-apiserver
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system-apiserver
@@ -53,14 +53,13 @@
for: 10m
labels:
severity: warning
- alert: KubeAggregatedAPIDown
annotations:
description: Kubernetes aggregated API {{ $labels.name }}/{{ $labels.namespace
- }} has been only {{ $value | humanize }}% available over the last 10m on
- cluster {{ $labels.cluster }}.
+ }} has been only {{ $value | humanize }}% available over the last 10m.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeaggregatedapidown
summary: Kubernetes aggregated API is down.
expr: (1 - max by (name, namespace, cluster)(avg_over_time(aggregator_unavailable_apiservice{job="apiserver"}[10m])))
* 100 < 85
for: 5m
labels:
@@ -74,13 +73,13 @@
for: 15m
labels:
severity: critical
- alert: KubeAPITerminatedRequests
annotations:
description: The kubernetes apiserver has terminated {{ $value | humanizePercentage
- }} of its incoming requests on cluster {{ $labels.cluster }}.
+ }} of its incoming requests.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeapiterminatedrequests
summary: The kubernetes apiserver has terminated {{ $value | humanizePercentage
}} of its incoming requests.
expr: sum by (cluster) (rate(apiserver_request_terminations_total{job="apiserver"}[10m]))
/ ( sum by (cluster) (rate(apiserver_request_total{job="apiserver"}[10m]))
+ sum by (cluster) (rate(apiserver_request_terminations_total{job="apiserver"}[10m]))
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system-kubelet
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system-kubelet
@@ -14,143 +14,135 @@
spec:
groups:
- name: kubernetes-system-kubelet
rules:
- alert: KubeNodeNotReady
annotations:
- description: '{{ $labels.node }} has been unready for more than 15 minutes
- on cluster {{ $labels.cluster }}.'
+ description: '{{ $labels.node }} has been unready for more than 15 minutes.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubenodenotready
summary: Node is not ready.
expr: kube_node_status_condition{job="kube-state-metrics",condition="Ready",status="true"}
== 0
for: 15m
labels:
severity: warning
- alert: KubeNodeUnreachable
annotations:
description: '{{ $labels.node }} is unreachable and some workloads may be
- rescheduled on cluster {{ $labels.cluster }}.'
+ rescheduled.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubenodeunreachable
summary: Node is unreachable.
expr: (kube_node_spec_taint{job="kube-state-metrics",key="node.kubernetes.io/unreachable",effect="NoSchedule"}
unless ignoring(key,value) kube_node_spec_taint{job="kube-state-metrics",key=~"ToBeDeletedByClusterAutoscaler|cloud.google.com/impending-node-termination|aws-node-termination-handler/spot-itn"})
== 1
for: 15m
labels:
severity: warning
- alert: KubeletTooManyPods
annotations:
description: Kubelet '{{ $labels.node }}' is running at {{ $value | humanizePercentage
- }} of its Pod capacity on cluster {{ $labels.cluster }}.
+ }} of its Pod capacity.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubelettoomanypods
summary: Kubelet is running at capacity.
expr: |-
count by (cluster, node) (
- (kube_pod_status_phase{job="kube-state-metrics", phase="Running"} == 1)
- * on (cluster, namespace, pod) group_left (node)
- group by (cluster, namespace, pod, node) (
- kube_pod_info{job="kube-state-metrics"}
- )
+ (kube_pod_status_phase{job="kube-state-metrics",phase="Running"} == 1) * on (instance,pod,namespace,cluster) group_left(node) topk by (instance,pod,namespace,cluster) (1, kube_pod_info{job="kube-state-metrics"})
)
/
max by (cluster, node) (
- kube_node_status_capacity{job="kube-state-metrics", resource="pods"} != 1
+ kube_node_status_capacity{job="kube-state-metrics",resource="pods"} != 1
) > 0.95
for: 15m
labels:
severity: info
- alert: KubeNodeReadinessFlapping
annotations:
description: The readiness status of node {{ $labels.node }} has changed {{
- $value }} times in the last 15 minutes on cluster {{ $labels.cluster }}.
+ $value }} times in the last 15 minutes.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubenodereadinessflapping
summary: Node readiness status is flapping.
expr: sum(changes(kube_node_status_condition{job="kube-state-metrics",status="true",condition="Ready"}[15m]))
by (cluster, node) > 2
for: 15m
labels:
severity: warning
- alert: KubeletPlegDurationHigh
annotations:
description: The Kubelet Pod Lifecycle Event Generator has a 99th percentile
- duration of {{ $value }} seconds on node {{ $labels.node }} on cluster {{
- $labels.cluster }}.
+ duration of {{ $value }} seconds on node {{ $labels.node }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletplegdurationhigh
summary: Kubelet Pod Lifecycle Event Generator is taking too long to relist.
expr: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile{quantile="0.99"}
>= 10
for: 5m
labels:
severity: warning
- alert: KubeletPodStartUpLatencyHigh
annotations:
description: Kubelet Pod startup 99th percentile latency is {{ $value }} seconds
- on node {{ $labels.node }} on cluster {{ $labels.cluster }}.
+ on node {{ $labels.node }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletpodstartuplatencyhigh
summary: Kubelet Pod startup latency is too high.
expr: histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{job="kubelet",
metrics_path="/metrics"}[5m])) by (cluster, instance, le)) * on (cluster,
instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"}
> 60
for: 15m
labels:
severity: warning
- alert: KubeletClientCertificateExpiration
annotations:
description: Client certificate for Kubelet on node {{ $labels.node }} expires
- in {{ $value | humanizeDuration }} on cluster {{ $labels.cluster }}.
+ in {{ $value | humanizeDuration }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletclientcertificateexpiration
summary: Kubelet client certificate is about to expire.
expr: kubelet_certificate_manager_client_ttl_seconds < 604800
labels:
severity: warning
- alert: KubeletClientCertificateExpiration
annotations:
description: Client certificate for Kubelet on node {{ $labels.node }} expires
- in {{ $value | humanizeDuration }} on cluster {{ $labels.cluster }}.
+ in {{ $value | humanizeDuration }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletclientcertificateexpiration
summary: Kubelet client certificate is about to expire.
expr: kubelet_certificate_manager_client_ttl_seconds < 86400
labels:
severity: critical
- alert: KubeletServerCertificateExpiration
annotations:
description: Server certificate for Kubelet on node {{ $labels.node }} expires
- in {{ $value | humanizeDuration }} on cluster {{ $labels.cluster }}.
+ in {{ $value | humanizeDuration }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletservercertificateexpiration
summary: Kubelet server certificate is about to expire.
expr: kubelet_certificate_manager_server_ttl_seconds < 604800
labels:
severity: warning
- alert: KubeletServerCertificateExpiration
annotations:
description: Server certificate for Kubelet on node {{ $labels.node }} expires
- in {{ $value | humanizeDuration }} on cluster {{ $labels.cluster }}.
+ in {{ $value | humanizeDuration }}.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletservercertificateexpiration
summary: Kubelet server certificate is about to expire.
expr: kubelet_certificate_manager_server_ttl_seconds < 86400
labels:
severity: critical
- alert: KubeletClientCertificateRenewalErrors
annotations:
description: Kubelet on node {{ $labels.node }} has failed to renew its client
- certificate ({{ $value | humanize }} errors in the last 5 minutes) on cluster
- {{ $labels.cluster }}.
+ certificate ({{ $value | humanize }} errors in the last 5 minutes).
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletclientcertificaterenewalerrors
summary: Kubelet has failed to renew its client certificate.
expr: increase(kubelet_certificate_manager_client_expiration_renew_errors[5m])
> 0
for: 15m
labels:
severity: warning
- alert: KubeletServerCertificateRenewalErrors
annotations:
description: Kubelet on node {{ $labels.node }} has failed to renew its server
- certificate ({{ $value | humanize }} errors in the last 5 minutes) on cluster
- {{ $labels.cluster }}.
+ certificate ({{ $value | humanize }} errors in the last 5 minutes).
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeletservercertificaterenewalerrors
summary: Kubelet has failed to renew its server certificate.
expr: increase(kubelet_server_expiration_renew_errors[5m]) > 0
for: 15m
labels:
severity: warning
--- HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system
+++ HelmRelease: observability/kube-prometheus-stack PrometheusRule: observability/prometheus-kubernetes-system
@@ -15,25 +15,24 @@
groups:
- name: kubernetes-system
rules:
- alert: KubeVersionMismatch
annotations:
description: There are {{ $value }} different semantic versions of Kubernetes
- components running on cluster {{ $labels.cluster }}.
+ components running.
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeversionmismatch
summary: Different semantic versions of Kubernetes components running.
expr: count by (cluster) (count by (git_version, cluster) (label_replace(kubernetes_build_info{job!~"kube-dns|coredns"},"git_version","$1","git_version","(v[0-9]*.[0-9]*).*")))
> 1
for: 15m
labels:
severity: warning
- alert: KubeClientErrors
annotations:
description: Kubernetes API server client '{{ $labels.job }}/{{ $labels.instance
- }}' is experiencing {{ $value | humanizePercentage }} errors on cluster
- {{ $labels.cluster }}.
+ }}' is experiencing {{ $value | humanizePercentage }} errors.'
runbook_url: https://runbooks.prometheus-operator.dev/runbooks/kubernetes/kubeclienterrors
summary: Kubernetes API server client is experiencing errors.
expr: |-
(sum(rate(rest_client_requests_total{job="apiserver",code=~"5.."}[5m])) by (cluster, instance, job, namespace)
/
sum(rate(rest_client_requests_total{job="apiserver"}[5m])) by (cluster, instance, job, namespace)) |
🦙 MegaLinter status: ✅ SUCCESS
See detailed report in MegaLinter reports MegaLinter is graciously provided by OX Security |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.12.1->0.13.0Release Notes
external-secrets/external-secrets (external-secrets)
v0.13.0Compare Source
Image:
ghcr.io/external-secrets/external-secrets:v0.13.0Image:
ghcr.io/external-secrets/external-secrets:v0.13.0-ubiImage:
ghcr.io/external-secrets/external-secrets:v0.13.0-ubi-boringsslBREAKING CHANGES
https://github.com/external-secrets/external-secrets/pull/4262 introduces a breaking change in the METADATA structure for the AWS PARAMETER STORE.
What's Changed
6c5c959to6c5c959by @dependabot in https://github.com/external-secrets/external-secrets/pull/4255ef30001to2e83858in /e2e by @dependabot in https://github.com/external-secrets/external-secrets/pull/425921dc606to56fa17dby @dependabot in https://github.com/external-secrets/external-secrets/pull/42815c7e2b4to3f2b64eby @dependabot in https://github.com/external-secrets/external-secrets/pull/42826c5c959toc233391by @dependabot in https://github.com/external-secrets/external-secrets/pull/428321dc606to56fa17din /hack/api-docs by @dependabot in https://github.com/external-secrets/external-secrets/pull/428637cdac4to2e863fbby @dependabot in https://github.com/external-secrets/external-secrets/pull/4312New Contributors
Full Changelog: external-secrets/external-secrets@v0.12.1...v0.13.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.