apiVersion: {{ template "operator_api_version" . }}
kind: Prometheus
metadata:
  labels:
    app: {{ template "app.name" . }}
    chart: {{ template "app.version" . }}
    heritage: {{ .Release.Service }}
    release: {{ .Release.Name }}
  name: {{ .Release.Name }}
spec:
{{- if .Values.securityContext }}
  securityContext:
{{ toYaml .Values.securityContext | indent 4 }}
{{- end }}
  containers:
  - name: prometheus-proxy
    command:
    - /bin/sh
    - -c 
    - cp /nginx/run-sh.tmpl /var/cache/nginx/nginx-start.sh; chmod +x /var/cache/nginx/nginx-start.sh; /var/cache/nginx/nginx-start.sh
    env:
    - name: POD_IP
      valueFrom:
        fieldRef:
          fieldPath: status.podIP
    image: {{ template "system_default_registry" . }}{{ .Values.image.proxy.repository }}:{{ .Values.image.proxy.tag }}
    ports:
    - containerPort: 8080
      name: nginx-http
      protocol: TCP
    {{- if and .Values.resources .Values.resources.proxy }}
    resources:
{{ toYaml .Values.resources.proxy | indent 6 }}
    {{- end }}
    securityContext:
      runAsUser: 101
      runAsGroup: 101
    volumeMounts:
    - mountPath: /nginx
      name: configmap-{{ template "app.nginx.fullname" . }}
    - mountPath: /var/cache/nginx
      name: nginx-home
{{- if eq .Values.level "cluster" }}
  - name: prometheus-agent
    command:
    - prometheus-auth
    {{- if and .Values.auth .Values.auth.args }}
    args:
{{ toYaml .Values.auth.args | indent 6 }}
    {{- end }}
    {{- if and .Values.auth .Values.auth.env }}
    env:
{{ toYaml .Values.auth.env | indent 6 }}
    {{- end }}
    image: {{ template "system_default_registry" . }}{{ .Values.image.auth.repository }}:{{ .Values.image.auth.tag }}
    ports:
    - containerPort: 9090
      name: web
      protocol: TCP
    livenessProbe:
      failureThreshold: 6
      httpGet:
        path: /-/healthy
        port: web
        scheme: HTTP
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 10
    readinessProbe:
      failureThreshold: 10
      httpGet:
        path: /-/ready
        port: web
        scheme: HTTP
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 10
    {{- if and .Values.resources .Values.resources.auth }}
    resources:
{{ toYaml .Values.resources.auth | indent 6 }}
    {{- end }}
  listenLocal: true
{{- end }}
  podMetadata:
    creationTimestamp: {{ now | date "2006-01-02T15:04:05Z" | quote }}
    labels:
      app: {{ template "app.name" . }}
      chart: {{ template "app.version" . }}
      release: {{ .Release.Name }}
{{- if .Values.alertingEndpoints }}
  alerting:
    alertmanagers:
{{ toYaml .Values.alertingEndpoints | indent 6 }}
{{- else if not (include "additional-alertmanager-configs.yaml" .) }}
  alerting:
    alertmanagers:
      - namespace: {{ .Values.cluster.alertManagerNamespace }}
        name: alertmanager-operated
        port: http
{{- end }}
  baseImage: {{ template "system_default_registry" . }}{{ .Values.image.repository }}
{{- if or (.Values.externalLabels) (eq .Values.level "project") }}
  externalLabels:
{{- if and (eq .Values.level "project") }}
    prometheus_from: {{ .Values.global.clusterName }}
{{- end }}
{{- range $key, $value := .Values.externalLabels}}
    {{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
{{- if .Values.thanos.enabled }}
  thanos: 
    baseImage: {{ template "system_default_registry" . }}{{ .Values.image.thanos.repository }}
    version: {{ .Values.image.thanos.tag }}
    objectStorageConfig:
      key: thanos.yaml
      name: {{ template "app.thanos.fullname" . }}
{{- end }}
  nodeSelector:
{{- include "linux-node-selector" . | nindent 4 }}
    {{- range .Values.nodeSelectors }}
    {{- $pair := regexSplit "=" . 2 }}
    {{- if eq 2 (len $pair) }}
    {{ (index $pair 0) }}: {{ (index $pair 1) }}
    {{- else }}
    {{ (index $pair 0) }}: ""
    {{- end }}
    {{- end }}
  paused: {{ .Values.paused }}
  replicas: {{ .Values.replicaCount }}
  logLevel:  {{ .Values.logLevel }}
  logFormat: {{ .Values.logFormat }}
  scrapeInterval: {{ .Values.scrapeInterval }}
  evaluationInterval: {{ .Values.evaluationInterval }}
{{- if and .Values.resources .Values.resources.core }}
  resources:
{{ toYaml .Values.resources.core | indent 4 }}
{{- end }}
  retention: "{{ .Values.retention }}"
  configMaps:
  - {{ template "app.nginx.fullname" . }}
{{- if .Values.secrets }}
  secrets:
{{ toYaml .Values.secrets | indent 2 }}
{{- end }}
{{- if .Values.enabledRBAC }}
  serviceAccountName: {{ default (default (include "app.fullname" .) .Values.serviceAccountName) .Values.serviceAccountNameOverride }}
{{- end }}
{{ include "serviceMonitor.namespace.selector" . | indent 2 }}
{{- if or (.Values.serviceMonitorSelector) (eq .Values.level "project") }}
  serviceMonitorSelector:
{{ toYaml .Values.serviceMonitorSelector | indent 4 }}
{{- end }}
{{- if and (eq .Values.level "project") (eq .Values.sync.mode "remote") }}
  remoteRead:
  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
    url: {{ printf "%s%s" .Values.sync.target .Values.sync.path }}
{{- end }}
{{ include "rule.namespace.selector" . | indent 2}}
{{ include "rule.selector" . | indent 2 }}
{{- if or .Values.storageSpec .Values.persistence.enabled }}
  storage:
    volumeClaimTemplate:
      metadata:
        creationTimestamp: {{ now | date "2006-01-02T15:04:05Z" | quote }}
      {{- if .Values.persistence.name }}
        name: {{ .Values.persistence.name }}
      {{- end }}
      spec:
{{- if .Values.storageSpec }}
{{ toYaml .Values.storageSpec | indent 8 }}
{{- else }}
        {{ if and .Values.persistence.storageClass (ne "default" .Values.persistence.storageClass) }}
        storageClassName: {{ .Values.persistence.storageClass }}
        {{ end }}
        dataSource:
          kind: ""
          name: ""
          apiGroup: ""
        accessModes: 
          - {{ default "ReadWriteOnce" .Values.persistence.accessMode }}
        resources:
          requests:
            storage: {{ .Values.persistence.size | quote }}
{{- end }}
{{- end }}
  volumes:
  - name: nginx-home
    emptyDir: {}
  version: "{{ .Values.image.tag }}"
  affinity:
    podAntiAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 100
        podAffinityTerm:
          topologyKey: kubernetes.io/hostname
          labelSelector:
            matchLabels:
              app: {{ template "app.name" . }}
              prometheus: {{ .Release.Name }}
  tolerations:
{{- include "linux-node-tolerations" . | nindent 4}}
{{- if .Values.tolerations }}
{{ toYaml .Values.tolerations | indent 4 }}
{{- end }}
{{- if (include "additional-scrape-configs.yaml" .) }}
  additionalScrapeConfigs:
    name: {{ template "app.fullname" . }}-additional-scrape-configs
    key: additional-scrape-configs.yaml
{{- end }}
{{- if (include "additional-alertmanager-configs.yaml" .) }}
  additionalAlertManagerConfigs:
    name: {{ template "app.fullname" . }}-additional-alertmanager-configs
    key: additional-alertmanager-configs.yaml
{{- end }}