Merge branch 'feat/monitor-event' into 'master'

pggb25 · pggb25 · commit 42b5210a8278 · 2025-07-02T13:06:34.000Z
feat(QOV-964): update helm chart + add monitoring part

See merge request qovery/backend/k8s-event-logger!5
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
@@ -1,17 +1,26 @@
 apiVersion: v1
-appVersion: "2.3"
-version: "1.2.2"
-description: A tool to log k8s events to stdout in JSON
+appVersion: "2.1"
+description: 'This chart runs a pod that simply watches Kubernetes Events and logs
+  them to stdout in JSON to be collected and stored by your logging solution, e.g.
+  [fluentd](https://github.com/helm/charts/tree/master/stable/fluentd) or [fluent-bit](https://github.com/helm/charts/tree/master/stable/fluent-bit).  https://github.com/max-rocket-internet/k8s-event-logger  Events
+  in Kubernetes log very important information. If are trying to understand what happened
+  in the past then these events show clearly what your Kubernetes cluster was thinking
+  and doing. Some examples:  - Pod events like failed probes, crashes, scheduling
+  related information like `TriggeredScaleUp` or `FailedScheduling` - HorizontalPodAutoscaler
+  events like scaling up and down - Deployment events like scaling in and out of ReplicaSets
+  - Ingress events like create and update  The problem is that these events are simply
+  API objects in Kubernetes and are only stored for about 1 hour. Without some way
+  of storing these events, debugging a problem in the past very tricky. '
 home: https://github.com/max-rocket-internet/k8s-event-logger
-name: k8s-event-logger
-maintainers:
-- name: max-rocket-internet
-  email: max.williams@deliveryhero.com
-engine: gotpl
 icon: https://github.com/kubernetes/kubernetes/raw/master/logo/logo.png
 keywords:
 - events
 - logging
-- auditing
+- Auditing
+maintainers:
+- email: max.williams@deliveryhero.com
+  name: max-rocket-internet
+name: k8s-event-logger
 sources:
 - https://github.com/max-rocket-internet/k8s-event-logger
+version: 1.1.8
diff --git a/chart/README.md b/chart/README.md
@@ -1,50 +1,91 @@
 # k8s-event-logger
 
-This chart installs [github.com/max-rocket-internet/k8s-event-logger](https://github.com/max-rocket-internet/k8s-event-logger).
+![Version: 1.1.8](https://img.shields.io/badge/Version-1.1.8-informational?style=flat-square) ![AppVersion: 2.1](https://img.shields.io/badge/AppVersion-2.1-informational?style=flat-square)
 
-## Prerequisites
+This chart runs a pod that simply watches Kubernetes Events and logs them to stdout in JSON to be collected and stored by your logging solution, e.g. [fluentd](https://github.com/helm/charts/tree/master/stable/fluentd) or [fluent-bit](https://github.com/helm/charts/tree/master/stable/fluent-bit).
 
-- Kubernetes 1.23+
+https://github.com/max-rocket-internet/k8s-event-logger
 
-## Installing the Chart
+Events in Kubernetes log very important information. If are trying to understand what happened in the past then these events show clearly what your Kubernetes cluster was thinking and doing. Some examples:
 
-To install the chart with the release name `my-release` and default configuration:
+- Pod events like failed probes, crashes, scheduling related information like `TriggeredScaleUp` or `FailedScheduling`
+- HorizontalPodAutoscaler events like scaling up and down
+- Deployment events like scaling in and out of ReplicaSets
+- Ingress events like create and update
 
-```sh
-helm install my-release ./chart
+The problem is that these events are simply API objects in Kubernetes and are only stored for about 1 hour. Without some way of storing these events, debugging a problem in the past very tricky.
+
+**Homepage:** <https://github.com/max-rocket-internet/k8s-event-logger>
+
+## How to install this chart
+
+Add Delivery Hero public chart repo:
+
+```console
+helm repo add deliveryhero https://charts.deliveryhero.io/
 ```
 
-## Uninstalling the Chart
+A simple install with default values:
+
+```console
+helm install deliveryhero/k8s-event-logger
+```
+
+To install the chart with the release name `my-release`:
+
+```console
+helm install my-release deliveryhero/k8s-event-logger
+```
 
-To delete the chart:
+To install with some set values:
 
-```sh
-helm delete my-release
+```console
+helm install my-release deliveryhero/k8s-event-logger --set values_key1=value1 --set values_key2=value2
 ```
 
-## Configuration
-
-The following table lists the configurable parameters for this chart and their default values.
-
-| Parameter                | Description                          | Default                                                |
-| -------------------------|--------------------------------------|--------------------------------------------------------|
-| `resources`              | Resources for the overprovision pods | `{}`                                                   |
-| `image.repository`       | Image repository                     | `maxrocketinternet/k8s-event-logger`                   |
-| `image.tag`              | Image tag                            | `2.3`                                                  |
-| `image.pullPolicy`       | Container pull policy                | `IfNotPresent`                                         |
-| `affinity`               | Map of node/pod affinities           | `{}`                                                   |
-| `nodeSelector`           | Node labels for pod assignment       | `{}`                                                   |
-| `annotations`            | Optional deployment annotations      | `{}`                                                   |
-| `fullnameOverride`       | Override the fullname of the chart   | `nil`                                                  |
-| `nameOverride`           | Override the name of the chart       | `nil`                                                  |
-| `tolerations`            | Optional deployment tolerations      | `[]`                                                   |
-| `podLabels`              | Additional labels to use for pods    | `{}`                                                   |
-| `env.KUBERNETES_API_URL` | URL of the k8s API in your cluster   | `https://172.20.0.1:443`                               |
-| `env.CA_FILE`            | Path to the service account CA file  | `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt` |
-| `podLabels`              | Additional labels to use for pods    | `{}`                                                   |
-
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` or provide a YAML file containing the values for the above parameters:
-
-```sh
-helm install --name my-release stable/k8s-event-logger --values values.yaml
+To install with custom values file:
+
+```console
+helm install my-release deliveryhero/k8s-event-logger -f values.yaml
 ```
+
+## Source Code
+
+* <https://github.com/max-rocket-internet/k8s-event-logger>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| annotations | object | `{}` |  |
+| args | list | `[]` |  |
+| containerName | string | `"k8s-event-logger"` |  |
+| env | object | `{}` | A map of environment variables |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"maxrocketinternet/k8s-event-logger"` |  |
+| imagePullSecrets | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podAnnotations | object | `{}` |  |
+| podLabels | object | `{}` |  |
+| podSecurityContext.allowPrivilegeEscalation | bool | `false` |  |
+| podSecurityContext.capabilities.drop[0] | string | `"ALL"` |  |
+| podSecurityContext.readOnlyRootFilesystem | bool | `true` |  |
+| podSecurityContext.runAsGroup | int | `10001` |  |
+| podSecurityContext.runAsNonRoot | bool | `true` |  |
+| podSecurityContext.runAsUser | int | `10001` |  |
+| podSecurityContext.seccompProfile.type | string | `"RuntimeDefault"` |  |
+| resources.limits.cpu | string | `"100m"` |  |
+| resources.limits.memory | string | `"128Mi"` |  |
+| resources.requests.cpu | string | `"10m"` |  |
+| resources.requests.memory | string | `"128Mi"` |  |
+| securityContext | object | `{}` |  |
+| tolerations | list | `[]` |  |
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| max-rocket-internet | <max.williams@deliveryhero.com> |  |
diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl
@@ -38,8 +38,19 @@ Common labels
 {{- define "k8s-event-logger.labels" -}}
 helm.sh/chart: {{ include "k8s-event-logger.chart" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/name: {{ .Release.Name }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
+
+
+
+{{/*
+Selector labels
+*/}}
+{{- define "k8s-event-logger.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/chart/templates/clusterrole.yaml b/chart/templates/clusterrole.yaml
@@ -6,6 +6,4 @@ metadata:
     app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
     {{- include "k8s-event-logger.labels" . | nindent 4 }}
 rules:
-- apiGroups: [""]
-  resources: ["events"]
-  verbs: ["get", "list", "watch"]
+{{- toYaml .Values.rbac.rules | nindent 2 }}
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
@@ -2,16 +2,17 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "k8s-event-logger.fullname" . }}
-  namespace: {{ .Release.Namespace }}
   labels:
-    app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
-    {{- include "k8s-event-logger.labels" . | nindent 4 }}
+{{ include "k8s-event-logger.labels" . | indent 4 }}
+{{- with .Values.annotations }}
+  annotations:
+{{- toYaml . | nindent 4 }}
+{{- end }}
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
+      {{- include "k8s-event-logger.selectorLabels" . | nindent 6 }}
   template:
     metadata:
 {{- with .Values.podAnnotations }}
@@ -20,7 +21,7 @@ spec:
 {{- end }}
       labels:
         app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
+        {{- include "k8s-event-logger.labels" . | nindent 8 }}
 {{- if .Values.podLabels }}
 {{ toYaml .Values.podLabels | indent 8 }}
 {{- end }}
@@ -29,13 +30,25 @@ spec:
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
     {{- end }}
+{{- if .Values.podSecurityContext }}
+      securityContext:
+{{- toYaml .Values.securityContext | nindent 8 }}
+{{- end }}
       serviceAccountName: {{ include "k8s-event-logger.fullname" . }}
       containers:
-        - name: {{ .Values.image.containerName }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        - name: {{ .Values.containerName}}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+{{- if .Values.service.enabled }}
+          ports:
+            - name: metrics
+              containerPort: {{ .Values.metrics.port }}
+              protocol: TCP
+{{- end }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
+{{- if .Values.podSecurityContext }}
           securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
+{{- toYaml .Values.podSecurityContext | nindent 12 }}
+{{- end }}
           env:
 {{- range $key, $value := .Values.env }}
           - name: {{ $key }}
diff --git a/chart/templates/service.yaml b/chart/templates/service.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "k8s-event-logger.fullname" . }}
+  labels:
+    {{- include "k8s-event-logger.labels" . | nindent 4 }}
+  annotations:
+    prometheus.io/scrape: "true"
+    prometheus.io/port: "{{ .Values.service.port }}"
+    prometheus.io/path: "/metrics"
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: metrics
+      protocol: TCP
+      name: metrics
+  selector:
+    {{- include "k8s-event-logger.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/chart/templates/serviceaccount.yaml b/chart/templates/serviceaccount.yaml
@@ -2,7 +2,6 @@ kind: ServiceAccount
 apiVersion: v1
 metadata:
   name: {{ include "k8s-event-logger.fullname" . }}
-  namespace: {{ .Release.Namespace }}
   labels:
     app.kubernetes.io/name: {{ include "k8s-event-logger.name" . }}
     helm.sh/chart: {{ include "k8s-event-logger.chart" . }}
diff --git a/chart/templates/servicemonitor.yaml b/chart/templates/servicemonitor.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "k8s-event-logger.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "k8s-event-logger.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "k8s-event-logger.selectorLabels" . | nindent 6 }}
+  endpoints:
+    - port: metrics
+      path: {{ .Values.service.metricsPath | default "/metrics" }}
+      interval: {{ .Values.serviceMonitor.interval }}
+      scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }}
+    {{- with .Values.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.serviceMonitor.relabelings }}
+      relabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+{{- end }}
diff --git a/chart/values.yaml b/chart/values.yaml
@@ -1,28 +1,25 @@
+containerName: k8s-event-logger
 image:
-  containerName: app
   repository: maxrocketinternet/k8s-event-logger
-  tag: "2.3"
+  # image.tag -- Overrides the image tag whose default is the chart appVersion.
+  # tag: "2.0"
   pullPolicy: IfNotPresent
 
 resources:
   requests:
     cpu: 10m
-    memory: 32Mi
+    memory: 128Mi
   limits:
     cpu: 100m
     memory: 128Mi
 
+# env -- A map of environment variables
 env: {}
 args: []
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-nodeSelector: {}
-tolerations: []
-affinity: {}
-podLabels: {}
-podAnnotations: {}
-securityContext:
+
+securityContext: {}
+
+podSecurityContext:
   readOnlyRootFilesystem: true
   runAsNonRoot: true
   runAsUser: 10001
@@ -33,3 +30,36 @@ securityContext:
       - ALL
   seccompProfile:
     type: RuntimeDefault
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+nodeSelector: {}
+tolerations: []
+affinity: {}
+podLabels: {}
+annotations: {}
+podAnnotations: {}
+
+service:
+  enabled: false
+  type: ClusterIP
+  port: 8080
+  targetPort: 8080
+
+metrics:
+  enabled: false
+  port: 8080
+
+serviceMonitor:
+  enabled: false
+  interval: 30s
+  scrapeTimeout: 10s
+  labels: {}
+  metricRelabelings: []
+
+clusterRole:
+  rules:
+    - apiGroups: [ "" ]
+      resources: [ "events" ]
+      verbs: [ "get", "list", "watch" ]
