bitnami · bitnami-bot · Feb 1, 2021 · Jan 28, 2021 · Jan 28, 2021 · Jan 29, 2021
diff --git a/bitnami/kube-prometheus/Chart.yaml b/bitnami/kube-prometheus/Chart.yaml
@@ -34,4 +34,4 @@ sources:
   - https://github.com/bitnami/bitnami-docker-prometheus
   - https://github.com/bitnami/bitnami-docker-alertmanager
   - https://github.com/prometheus-operator/kube-prometheus
-version: 3.6.1
+version: 3.7.0
diff --git a/bitnami/kube-prometheus/README.md b/bitnami/kube-prometheus/README.md
@@ -262,6 +262,13 @@ The following table lists the configurable parameters of the kube-prometheus cha
 | `prometheus.thanos.service.extraPorts`                     | Additional ports to expose from the Thanos sidecar container                                            | `[]`                                                                                                                                    |
 | `prometheus.thanos.resources.limits`                       | The resources limits for the Thanos sidecar container                                                   | `{}`                                                                                                                                    |
 | `prometheus.thanos.resources.requests`                     | The resources requests for the Thanos sidecar container                                                 | `{}`                                                                                                                                    |
+| `prometheus.thanos.ingress.enabled`                               | Enable ingress controller resource                                                                      | `false`                                                                                                                                 |
+| `prometheus.thanos.ingress.certManager`                           | Add annotations for cert-manager                                                                        | `false`                                                                                                                                 |
+| `prometheus.thanos.ingress.annotations`                           | Ingress annotations                                                                                     | `[]`                                                                                                                                    |
+| `prometheus.thanos.ingress.hosts[0].name`                         | Hostname to your Prometheus installation                                                                | `thanos.prometheus.local`                                                                                                                      |
+| `prometheus.thanos.ingress.hosts[0].path`                         | Path within the url structure                                                                           | `/`                                                                                                                                     |
+| `prometheus.thanos.ingress.tls[0].hosts[0]`                       | TLS hosts                                                                                               | `thanos.prometheus.local`                                                                                                                      |
+| `prometheus.thanos.ingress.tls[0].secretName`                     | TLS Secret (certificates)                                                                               | `prometheus.local-tls`                                                                                                                  |
 | `prometheus.serviceMonitor.enabled`                        | Creates a ServiceMonitor to monitor Prometheus itself                                                   | `true`                                                                                                                                  |
 
 ### Alertmanager Parameters

diff --git a/bitnami/kube-prometheus/templates/NOTES.txt b/bitnami/kube-prometheus/templates/NOTES.txt
@@ -46,6 +46,23 @@ To access Prometheus from outside the cluster execute the following commands:
     echo "Prometheus URL: http://$NODE_IP:$NODE_PORT/"
 
 {{- end }}
+
+{{- if and .Values.prometheus.thanos.create }}
+
+Thanos Sidecar can be accessed via port "{{ .Values.prometheus.thanos.service.port }}" on the following DNS name from within your cluster:
+
+    {{ template "kube-prometheus.thanos.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
+
+{{- if .Values.prometheus.thanos.ingress.enabled }}
+
+  You should be able to access your new Thanos Sidecar installation through
+
+  {{- range .Values.prometheus.thanos.ingress.hosts }}
+  {{ if .tls }}https{{ else }}http{{ end }}://{{ .name }}
+  {{- end }}
+
+{{- end }}
+{{- end }}
 {{- end }}
 
 {{- if .Values.alertmanager.enabled }}

diff --git a/bitnami/kube-prometheus/templates/_helpers.tpl b/bitnami/kube-prometheus/templates/_helpers.tpl
@@ -40,6 +40,11 @@ If release name contains chart name it will be used as a full name.
 {{- printf "%s-alertmanager" (include "kube-prometheus.name" .) -}}
 {{- end }}
 
+{{/* Name suffixed with thanos */}}
+{{- define "kube-prometheus.thanos.name" -}}
+{{- printf "%s-thanos" (include "kube-prometheus.name" .) -}}
+{{- end }}
+
 {{/* Fullname suffixed with operator */}}
 {{- define "kube-prometheus.operator.fullname" -}}
 {{- printf "%s-operator" (include "kube-prometheus.fullname" .) -}}
@@ -55,6 +60,11 @@ If release name contains chart name it will be used as a full name.
 {{- printf "%s-alertmanager" (include "kube-prometheus.fullname" .) -}}
 {{- end }}
 
+{{/* Fullname suffixed with thanos */}}
+{{- define "kube-prometheus.thanos.fullname" -}}
+{{- printf "%s-thanos" (include "kube-prometheus.prometheus.fullname" .) -}}
+{{- end }}
+
 {{- define "kube-prometheus.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}

diff --git a/bitnami/kube-prometheus/templates/prometheus/thanos-ingress.yaml b/bitnami/kube-prometheus/templates/prometheus/thanos-ingress.yaml
@@ -0,0 +1,32 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanos.create .Values.prometheus.thanos.ingress.enabled }}
+apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ template "kube-prometheus.thanos.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
+    app.kubernetes.io/subcomponent: thanos
+  annotations:
+    {{- if .Values.prometheus.thanos.ingress.certManager }}
+    kubernetes.io/tls-acme: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.prometheus.thanos.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+    {{- range .Values.prometheus.thanos.ingress.hosts }}
+    - host: {{ .name }}
+      http:
+        paths:
+        - path: {{ default "/" .path }}
+          {{- if eq "true" (include "common.ingress.supportsPathType" $) }}
+          pathType: {{ default "ImplementationSpecific" .pathType }}
+          {{- end }}
+          backend: {{- include "common.ingress.backend" (dict "serviceName" (include "kube-prometheus.thanos.fullname" $) "servicePort" "grpc" "context" $) | nindent 14 }}
+    {{- end }}
+  {{- if .Values.prometheus.thanos.ingress.tls }}
+  tls:
+{{ toYaml .Values.prometheus.thanos.ingress.tls | indent 4 }}
+  {{- end }}
+{{- end -}}
diff --git a/bitnami/kube-prometheus/values.yaml b/bitnami/kube-prometheus/values.yaml
@@ -850,6 +850,46 @@ prometheus:
       #     protocol: TCP
       extraPorts: []
 
+    ## Configure the ingress resource that allows you to access the
+    ## Thanos Sidecar installation. Set up the URL
+    ## ref: http://kubernetes.io/docs/user-guide/ingress/
+    ##
+    ingress:
+      ## Set to true to enable ingress record generation
+      ##
+      enabled: false
+
+      ## Set this to true in order to add the corresponding annotations for cert-manager
+      ##
+      certManager: false
+
+      ## Ingress annotations done as key:value pairs
+      ## For a full list of possible ingress annotations, please see
+      ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
+      ##
+      ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+      ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
+      ##
+      annotations: {}
+      #  kubernetes.io/ingress.class: nginx
+      #  nginx.ingress.kubernetes.io/backend-protocol: "GRPCS"
+
+      ## The list of hostnames to be covered with this ingress record.
+      ## Most likely this will be just one host, but in the event more hosts are needed, this is an array
+      ##
+      hosts:
+        - name: thanos.prometheus.local
+          path: /
+
+      ## The tls configuration for the ingress
+      ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+      ## tls:
+      ## - hosts:
+      ##     - thanos.prometheus.local
+      ##   secretName: thanos.prometheus.local-tls
+      ##
+      tls: {}
+
 ## Configuration for alertmanager
 ## ref: https://prometheus.io/docs/alerting/alertmanager/
 ##