This repository has been archived by the owner on Oct 19, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 140
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* update argocd version * update argocd version
- Loading branch information
1 parent
43c72aa
commit 6161e73
Showing
5 changed files
with
745 additions
and
185 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,164 @@ | ||
# Alertmanager | ||
|
||
## Parameters | ||
|
||
The notification service is used to push events to [Alertmanager](https://github.com/prometheus/alertmanager), and the following settings need to be specified: | ||
|
||
* `targets` - the alertmanager service address, array type | ||
* `scheme` - optional, default is "http", e.g. http or https | ||
* `apiPath` - optional, default is "/api/v2/alerts" | ||
* `insecureSkipVerify` - optional, default is "false", when scheme is https whether to skip the verification of ca | ||
* `basicAuth` - optional, server auth | ||
* `bearerToken` - optional, server auth | ||
* `timeout` - optional, the timeout in seconds used when sending alerts, default is "3 seconds" | ||
|
||
`basicAuth` or `bearerToken` is used for authentication, you can choose one. If the two are set at the same time, `basicAuth` takes precedence over `bearerToken`. | ||
|
||
## Example | ||
|
||
### Prometheus Alertmanager config | ||
|
||
```yaml | ||
global: | ||
resolve_timeout: 5m | ||
|
||
route: | ||
group_by: ['alertname'] | ||
group_wait: 10s | ||
group_interval: 10s | ||
repeat_interval: 1h | ||
receiver: 'default' | ||
receivers: | ||
- name: 'default' | ||
webhook_configs: | ||
- send_resolved: false | ||
url: 'http://10.5.39.39:10080/api/alerts/webhook' | ||
``` | ||
You should turn off "send_resolved" or you will receive unnecessary recovery notifications after "resolve_timeout". | ||
### Send one alertmanager without auth | ||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.alertmanager: | | ||
targets: | ||
- 10.5.39.39:9093 | ||
``` | ||
### Send alertmanager cluster with custom api path | ||
If your alertmanager has changed the default api, you can customize "apiPath". | ||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.alertmanager: | | ||
targets: | ||
- 10.5.39.39:443 | ||
scheme: https | ||
apiPath: /api/events | ||
insecureSkipVerify: true | ||
``` | ||
### Send high availability alertmanager with auth | ||
Store auth token in `argocd-notifications-secret` Secret and use configure in `argocd-notifications-cm` ConfigMap. | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: <secret-name> | ||
stringData: | ||
alertmanager-username: <username> | ||
alertmanager-password: <password> | ||
alertmanager-bearer-token: <token> | ||
``` | ||
|
||
- with basicAuth | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.alertmanager: | | ||
targets: | ||
- 10.5.39.39:19093 | ||
- 10.5.39.39:29093 | ||
- 10.5.39.39:39093 | ||
scheme: https | ||
apiPath: /api/v2/alerts | ||
insecureSkipVerify: true | ||
basicAuth: | ||
username: $alertmanager-username | ||
password: $alertmanager-password | ||
``` | ||
|
||
- with bearerToken | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.alertmanager: | | ||
targets: | ||
- 10.5.39.39:19093 | ||
- 10.5.39.39:29093 | ||
- 10.5.39.39:39093 | ||
scheme: https | ||
apiPath: /api/v2/alerts | ||
insecureSkipVerify: true | ||
bearerToken: $alertmanager-bearer-token | ||
``` | ||
|
||
## Templates | ||
|
||
* `labels` - at least one label pair required, implement different notification strategies according to alertmanager routing | ||
* `annotations` - optional, specifies a set of information labels, which can be used to store longer additional information, but only for display | ||
* `generatorURL` - optional, default is '{{.app.spec.source.repoURL}}', backlink used to identify the entity that caused this alert in the client | ||
|
||
the `label` or `annotations` or `generatorURL` values can be templated. | ||
|
||
```yaml | ||
context: | | ||
argocdUrl: https://example.com/argocd | ||
template.app-deployed: | | ||
message: Application {{.app.metadata.name}} has been healthy. | ||
alertmanager: | ||
labels: | ||
fault_priority: "P5" | ||
event_bucket: "deploy" | ||
event_status: "succeed" | ||
recipient: "{{.recipient}}" | ||
annotations: | ||
application: '<a href="{{.context.argocdUrl}}/applications/{{.app.metadata.name}}">{{.app.metadata.name}}</a>' | ||
author: "{{(call .repo.GetCommitMetadata .app.status.sync.revision).Author}}" | ||
message: "{{(call .repo.GetCommitMetadata .app.status.sync.revision).Message}}" | ||
``` | ||
|
||
You can do targeted push on [Alertmanager](https://github.com/prometheus/alertmanager) according to labels. | ||
|
||
```yaml | ||
template.app-deployed: | | ||
message: Application {{.app.metadata.name}} has been healthy. | ||
alertmanager: | ||
labels: | ||
alertname: app-deployed | ||
fault_priority: "P5" | ||
event_bucket: "deploy" | ||
``` | ||
|
||
There is a special label `alertname`. If you don’t set its value, it will be equal to the template name by default. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
# Google Chat | ||
|
||
## Parameters | ||
|
||
The Google Chat notification service send message notifications to a google chat webhook. This service uses the following settings: | ||
|
||
* `webhooks` - a map of the form `webhookName: webhookUrl` | ||
|
||
## Configuration | ||
|
||
1. Open `Google chat` and go to the space to which you want to send messages | ||
2. From the menu at the top of the page, select **Configure Webhooks** | ||
3. Under **Incoming Webhooks**, click **Add Webhook** | ||
4. Give a name to the webhook, optionally add an image and click **Save** | ||
5. Copy the URL next to your webhook | ||
6. Store the URL in `argocd-notification-secret` and declare it in `argocd-notifications-cm` | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.googlechat: | | ||
webhooks: | ||
spaceName: $space-webhook-url | ||
``` | ||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: <secret-name> | ||
stringData: | ||
space-webhook-url: https://chat.googleapis.com/v1/spaces/<space_id>/messages?key=<key>&token=<token> | ||
``` | ||
6. Create a subscription for your space | ||
```yaml | ||
apiVersion: argoproj.io/v1alpha1 | ||
kind: Application | ||
metadata: | ||
annotations: | ||
notifications.argoproj.io/subscribe.on-sync-succeeded.googlechat: spaceName | ||
``` | ||
## Templates | ||
You can send [simple text](https://developers.google.com/chat/reference/message-formats/basic) or [card messages](https://developers.google.com/chat/reference/message-formats/cards) to a Google Chat space. A simple text message template can be defined as follows: | ||
```yaml | ||
template.app-sync-succeeded: | | ||
message: The app {{ .app.metadata.name }} has succesfully synced! | ||
``` | ||
A card message can be defined as follows: | ||
```yaml | ||
template.app-sync-succeeded: | | ||
googlechat: | ||
cards: | | ||
- header: | ||
title: ArgoCD Bot Notification | ||
sections: | ||
- widgets: | ||
- textParagraph: | ||
text: The app {{ .app.metadata.name }} has succesfully synced! | ||
- widgets: | ||
- keyValue: | ||
topLabel: Repository | ||
content: {{ call .repo.RepoURLToHTTPS .app.spec.source.repoURL }} | ||
- keyValue: | ||
topLabel: Revision | ||
content: {{ .app.spec.source.targetRevision }} | ||
- keyValue: | ||
topLabel: Author | ||
content: {{ (call .repo.GetCommitMetadata .app.status.sync.revision).Author }} | ||
``` | ||
The card message can be written in JSON too. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Pushover | ||
|
||
1. Create an app at [pushover.net](https://pushover.net/apps/build). | ||
2. Store the API key in `<secret-name>` Secret and define the secret name in `<config-map-name>` ConfigMap: | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: <config-map-name> | ||
data: | ||
service.pushover: | | ||
token: $pushover-token | ||
``` | ||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: <secret-name> | ||
stringData: | ||
pushover-token: avtc41pn13asmra6zaiyf7dh6cgx97 | ||
``` | ||
3. Add your user key to your Application resource: | ||
```yaml | ||
apiVersion: argoproj.io/v1alpha1 | ||
kind: Application | ||
metadata: | ||
annotations: | ||
notifications.argoproj.io/subscribe.on-sync-succeeded.pushover: uumy8u4owy7bgkapp6mc5mvhfsvpcd | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.