Skip to content

feat(kps): add contactpoints encrypted values #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
imgios merged 3 commits into from
Dec 5, 2025
Merged

feat(kps): add contactpoints encrypted values #7

imgios merged 3 commits into from
Dec 5, 2025

Conversation

@imgios
Copy link
Owner

@imgios imgios commented Dec 4, 2025

This PR adds the Grafana alerting contact points values, which are encrypted using sops. To do that, values has been split from the HelmRelease manifest, and they are grouped in two files:

  • general.yaml: contains general values which are uncrypted
  • contactpoints.yaml: contains alerting contact points encrypted values

@imgios imgios self-assigned this Dec 4, 2025
@imgios imgios added enhancement New feature or request area/kubernetes Changes made in the kubernetes directory labels Dec 4, 2025
@sysadmin-cosplayer
Copy link
Contributor

sysadmin-cosplayer bot commented Dec 4, 2025
edited
Loading 

--- kubernetes/apps Kustomization: flux-system/apps HelmRelease: monitoring/kube-prometheus-stack

+++ kubernetes/apps Kustomization: flux-system/apps HelmRelease: monitoring/kube-prometheus-stack

@@ -25,53 +25,14 @@

   interval: 30m
   releaseName: monitoring
   targetNamespace: monitoring
   upgrade:
     remediation:
       retries: 10
-  values:
-    grafana:
-      admin:
-        existingSecret: grafana-admin-creds
-      alerting:
-        templates.yaml:
-          apiVersion: 1
-          templates:
-          - name: Homelab Custom Templates
-            orgId: 1
-            template: "{{ `\n{{ define \"__alerts_list\" -}}\n{{ range . }}\n{{if\
-              \ ne (index .Labels \"alertname\") \"\" -}}\n{{ if eq .Status \"firing\"\
-              \ }}\U0001F534{{ else }}\U0001F7E2{{ end }}\n    {{- if ne (index .Labels\
-              \ \"severity\") \"\" -}}\n        <u><b>{{ index .Labels \"severity\"\
-              \ }}</b></u> {{ end -}}\n<b>{{ index .Labels \"alertname\" }}</b> \U0001F559\
-              \ {{ .StartsAt.Format \"15:04:05    \U0001F5D3\uFE0F 2006-01-02\" }}{{\
-              \ end -}}\n{{ if len .Annotations }}\n<i>Annotations:</i>\n    {{ range\
-              \ .Annotations.SortedPairs -}}\n    - {{ .Name }}: {{ .Value }}\n  \
-              \  {{ end -}}\n{{ end }}\n{{ if len .Labels -}}\n<i>Labels:</i>\n  \
-              \  {{ range .Labels.SortedPairs -}}\n    - {{ .Name }}: {{ .Value }}\n\
-              \    {{ end -}}\n{{ end }}\n<i>Value:</i> <pre>{{ .ValueString }}</pre>\n\
-              \    {{- if gt (len .GeneratorURL) 0 }}<a href=\"{{ .GeneratorURL }}\"\
-              >source</a>  |  {{ end }}\n    {{- if gt (len .SilenceURL) 0 }}<a href=\"\
-              {{ .SilenceURL }}\">\U0001F515 silence</a>  |  {{ end }}\n    {{- if\
-              \ gt (len .DashboardURL) 0 }}\U0001F4C1 <a href=\"{{ .DashboardURL }}\"\
-              >dashboard</a>  |  {{ end }}\n    {{- if gt (len .PanelURL) 0 }}<a href=\"\
-              {{ .PanelURL }}\">panel</a> {{- end -}}\n    <pre>--------</pre>\n{{-\
-              \ end -}} {{- /* range */ -}}\n{{- end -}} {{- /* define __alerts_list\
-              \ */ -}}\n\n{{ define \"__telegram.title\" -}}\n{{ if ne (index .CommonLabels\
-              \ \"severity\") \"\" }} <u><b>{{ index .CommonLabels \"severity\" }}</b></u>\
-              \ {{ end -}}\n{{ if ne (index .CommonLabels \"alertname\") \"\" -}}\n\
-              \    [{{ index .CommonLabels \"alertname\" }}]\n{{- end -}}\n{{- end\
-              \ -}}{{- /* define __telegram */ -}}\n\n{{ define \"telegram.homelab.message\"\
-              \ }}\n    {{ if gt (len .Alerts.Firing) 0 }}\n    \U0001F6A8 <b>ALARM</b>\
-              \ (#{{ .Alerts.Firing | len }})\n    {{- template \"__alerts_list\"\
-              \ .Alerts.Firing }}{{ end -}}\n    {{ if gt (len .Alerts.Resolved) 0\
-              \ }}\n    \u2705 <b>RESOLVED</b>{{ template \"__telegram.title\" . }}\
-              \ (#{{ .Alerts.Resolved | len }})\n    {{- template \"__alerts_list\"\
-              \ .Alerts.Resolved }}{{ end }}\n\n<a href=\"{{ .ExternalURL }}\">\U0001F4F2\
-              \ Grafana</a>\n{{- end -}}\n` }}\n"
-      defaultDashboardsTimezone: Europe/Rome
-      ingress:
-        enabled: true
-        hosts:
-        - grafana.homelab.giosuesulipano.it
-        ingressClassName: traefik
+  valuesFrom:
+  - kind: ConfigMap
+    name: general-values
+    valuesKey: general.yaml
+  - kind: Secret
+    name: contactpoints-values
+    valuesKey: contactpoints.yaml
 
--- kubernetes/apps Kustomization: flux-system/apps ConfigMap: monitoring/general-values

+++ kubernetes/apps Kustomization: flux-system/apps ConfigMap: monitoring/general-values

@@ -0,0 +1,51 @@

+---
+apiVersion: v1
+data:
+  general.yaml: "grafana:\r\n  defaultDashboardsTimezone: \"Europe/Rome\"\r\n  admin:\r\
+    \n    existingSecret: grafana-admin-creds\r\n  ingress:\r\n    enabled: true\r\
+    \n    ingressClassName: traefik\r\n    hosts:\r\n      - grafana.homelab.giosuesulipano.it\r\
+    \n  alerting:\r\n    templates.yaml:\r\n      apiVersion: 1\r\n      templates:\r\
+    \n        - name: \"Homelab Custom Templates\"\r\n          orgId: 1\r\n     \
+    \     template: |\r\n            {{ `\r\n            {{ define \"__alerts_list\"\
+    \ -}}\r\n            {{ range . }}\r\n            {{if ne (index .Labels \"alertname\"\
+    ) \"\" -}}\r\n            {{ if eq .Status \"firing\" }}\U0001F534{{ else }}\U0001F7E2\
+    {{ end }}\r\n                {{- if ne (index .Labels \"severity\") \"\" -}}\r\
+    \n                    <u><b>{{ index .Labels \"severity\" }}</b></u> {{ end -}}\r\
+    \n            <b>{{ index .Labels \"alertname\" }}</b> \U0001F559 {{ .StartsAt.Format\
+    \ \"15:04:05    \U0001F5D3\uFE0F 2006-01-02\" }}{{ end -}}\r\n            {{ if\
+    \ len .Annotations }}\r\n            <i>Annotations:</i>\r\n                {{\
+    \ range .Annotations.SortedPairs -}}\r\n                - {{ .Name }}: {{ .Value\
+    \ }}\r\n                {{ end -}}\r\n            {{ end }}\r\n            {{\
+    \ if len .Labels -}}\r\n            <i>Labels:</i>\r\n                {{ range\
+    \ .Labels.SortedPairs -}}\r\n                - {{ .Name }}: {{ .Value }}\r\n \
+    \               {{ end -}}\r\n            {{ end }}\r\n            <i>Value:</i>\
+    \ <pre>{{ .ValueString }}</pre>\r\n                {{- if gt (len .GeneratorURL)\
+    \ 0 }}<a href=\"{{ .GeneratorURL }}\">source</a>  |  {{ end }}\r\n           \
+    \     {{- if gt (len .SilenceURL) 0 }}<a href=\"{{ .SilenceURL }}\">\U0001F515\
+    \ silence</a>  |  {{ end }}\r\n                {{- if gt (len .DashboardURL) 0\
+    \ }}\U0001F4C1 <a href=\"{{ .DashboardURL }}\">dashboard</a>  |  {{ end }}\r\n\
+    \                {{- if gt (len .PanelURL) 0 }}<a href=\"{{ .PanelURL }}\">panel</a>\
+    \ {{- end -}}\r\n                <pre>--------</pre>\r\n            {{- end -}}\
+    \ {{- /* range */ -}}\r\n            {{- end -}} {{- /* define __alerts_list */\
+    \ -}}\r\n            \r\n            {{ define \"__telegram.title\" -}}\r\n  \
+    \          {{ if ne (index .CommonLabels \"severity\") \"\" }} <u><b>{{ index\
+    \ .CommonLabels \"severity\" }}</b></u> {{ end -}}\r\n            {{ if ne (index\
+    \ .CommonLabels \"alertname\") \"\" -}}\r\n                [{{ index .CommonLabels\
+    \ \"alertname\" }}]\r\n            {{- end -}}\r\n            {{- end -}}{{- /*\
+    \ define __telegram */ -}}\r\n            \r\n            {{ define \"telegram.homelab.message\"\
+    \ }}\r\n                {{ if gt (len .Alerts.Firing) 0 }}\r\n               \
+    \ \U0001F6A8 <b>ALARM</b> (#{{ .Alerts.Firing | len }})\r\n                {{-\
+    \ template \"__alerts_list\" .Alerts.Firing }}{{ end -}}\r\n                {{\
+    \ if gt (len .Alerts.Resolved) 0 }}\r\n                \u2705 <b>RESOLVED</b>{{\
+    \ template \"__telegram.title\" . }} (#{{ .Alerts.Resolved | len }})\r\n     \
+    \           {{- template \"__alerts_list\" .Alerts.Resolved }}{{ end }}\r\n  \
+    \          \r\n            <a href=\"{{ .ExternalURL }}\">\U0001F4F2 Grafana</a>\r\
+    \n            {{- end -}}\r\n            ` }}"
+kind: ConfigMap
+metadata:
+  labels:
+    kustomize.toolkit.fluxcd.io/name: apps
+    kustomize.toolkit.fluxcd.io/namespace: flux-system
+  name: general-values
+  namespace: monitoring
+

@sysadmin-cosplayer
Copy link
Contributor

sysadmin-cosplayer bot commented Dec 4, 2025
edited
Loading 

--- HelmRelease: monitoring/kube-prometheus-stack ConfigMap: monitoring/kube-prometheus-stack-grafana

+++ HelmRelease: monitoring/kube-prometheus-stack ConfigMap: monitoring/kube-prometheus-stack-grafana

@@ -49,8 +49,8 @@

     \"\n    }}\\n    {{ if gt (len .Alerts.Firing) 0 }}\\n    \\U0001F6A8 <b>ALARM</b>\
     \ (#{{ .Alerts.Firing\n    | len }})\\n    {{- template \\\"__alerts_list\\\"\
     \ .Alerts.Firing }}{{ end -}}\\n    {{\n    if gt (len .Alerts.Resolved) 0 }}\\\
     n    \u2705 <b>RESOLVED</b>{{ template \\\"__telegram.title\\\"\n    . }} (#{{\
     \ .Alerts.Resolved | len }})\\n    {{- template \\\"__alerts_list\\\" .Alerts.Resolved\n\
     \    }}{{ end }}\\n\\n<a href=\\\"{{ .ExternalURL }}\\\">\\U0001F4F2 Grafana</a>\\\
-    n{{- end\n    -}}\\n\\n\"\n"
+    n{{- end\n    -}}\\n\"\n"

@imgios imgios merged commit fc209a1 into main Dec 5, 2025
5 checks passed
@imgios imgios deleted the feat/grafana-contactpoint branch December 5, 2025 11:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@imgios imgios

Labels

area/kubernetes Changes made in the kubernetes directory enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@imgios