[ATMOSPHERE-401] Add CommonName for monitoring stack (#1764)
This is an automated cherry-pick of #1760
/assign mnaser
diff --git a/roles/kube_prometheus_stack/defaults/main.yml b/roles/kube_prometheus_stack/defaults/main.yml
index fda7a49..0579115 100644
--- a/roles/kube_prometheus_stack/defaults/main.yml
+++ b/roles/kube_prometheus_stack/defaults/main.yml
@@ -21,14 +21,23 @@
kube_prometheus_stack_ingress_class_name: "{{ atmosphere_ingress_class_name }}"
kube_prometheus_stack_ingress_cluster_issuer: "{{ atmosphere_ingress_cluster_issuer }}"
-kube_prometheus_stack_ingress_annotations:
- cert-manager.io/cluster-issuer: "{{ kube_prometheus_stack_ingress_cluster_issuer }}"
kube_prometheus_stack_grafana_admin_password: "{{ undef('You must specify a Grafana password using kube_prometheus_stack_grafana_admin_password') }}"
kube_prometheus_stack_grafana_host: "{{ undef('You must specify a Grafana host using kube_prometheus_stack_grafana_host') }}"
+kube_prometheus_stack_grafana_ingress_annotations:
+ cert-manager.io/cluster-issuer: "{{ kube_prometheus_stack_ingress_cluster_issuer }}"
+ cert-manager.io/common-name: "{{ kube_prometheus_stack_grafana_host }}"
+
kube_prometheus_stack_alertmanager_host: "{{ undef('You must specify a Alertmanager host using kube_prometheus_stack_alertmanager_host') }}"
+kube_prometheus_stack_alertmanager_ingress_annotations:
+ cert-manager.io/cluster-issuer: "{{ kube_prometheus_stack_ingress_cluster_issuer }}"
+ cert-manager.io/common-name: "{{ kube_prometheus_stack_alertmanager_host }}"
+
kube_prometheus_stack_prometheus_host: "{{ undef('You must specify a Prometheus host using kube_prometheus_stack_prometheus_host') }}"
+kube_prometheus_stack_prometheus_ingress_annotations:
+ cert-manager.io/cluster-issuer: "{{ kube_prometheus_stack_ingress_cluster_issuer }}"
+ cert-manager.io/common-name: "{{ kube_prometheus_stack_prometheus_host }}"
kube_prometheus_stack_keycloak_server_url: "https://{{ keycloak_host }}"
kube_prometheus_stack_keycloak_admin_realm_name: master
diff --git a/roles/kube_prometheus_stack/vars/main.yml b/roles/kube_prometheus_stack/vars/main.yml
index 1a0be77..c7506c1 100644
--- a/roles/kube_prometheus_stack/vars/main.yml
+++ b/roles/kube_prometheus_stack/vars/main.yml
@@ -75,7 +75,7 @@
enabled: true
servicePort: 8081
ingressClassName: "{{ kube_prometheus_stack_ingress_class_name }}"
- annotations: "{{ kube_prometheus_stack_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
+ annotations: "{{ kube_prometheus_stack_alertmanager_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
hosts:
- "{{ kube_prometheus_stack_alertmanager_host }}"
tls:
@@ -181,7 +181,7 @@
ingress:
enabled: true
ingressClassName: "{{ kube_prometheus_stack_ingress_class_name }}"
- annotations: "{{ kube_prometheus_stack_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
+ annotations: "{{ kube_prometheus_stack_grafana_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
hosts:
- "{{ kube_prometheus_stack_grafana_host }}"
tls:
@@ -299,7 +299,7 @@
enabled: true
servicePort: 8081
ingressClassName: "{{ kube_prometheus_stack_ingress_class_name }}"
- annotations: "{{ kube_prometheus_stack_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
+ annotations: "{{ kube_prometheus_stack_prometheus_ingress_annotations | combine(atmosphere_ingress_annotations, recursive=True) }}"
hosts:
- "{{ kube_prometheus_stack_prometheus_host }}"
tls: