# Copyright 2022 Google LLC## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at##     https://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.# NOTE: This file is autogenerated.apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:clusternodemonitorings.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:ClusterNodeMonitoringlistKind:ClusterNodeMonitoringListplural:clusternodemonitoringssingular:clusternodemonitoringscope:Clusterversions:-name:v1schema:openAPIV3Schema:description:ClusterNodeMonitoring defines monitoring for a set of nodes.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:|-Specification of desired node selection for target discovery byPrometheus.properties:endpoints:description:The endpoints to scrape on the selected nodes.items:description:|-ScrapeNodeEndpoint specifies a Prometheus metrics endpoint on a node to scrape.It contains all the fields used in the ScrapeEndpoint except for port and HTTPClientConfig.properties:interval:default:1mdescription:Interval at which to scrape metrics. Must be a valid Prometheus duration.format:durationtype:stringmetricRelabeling:description:|-Relabeling rules for metrics scraped from this endpoint. Relabeling rules thatoverride protected target labels (project_id, location, cluster, namespace, job,instance, or __address__) are not permitted. The labelmap action is not permittedin general.items:description:RelabelingRule defines a single Prometheus relabeling rule.properties:action:description:Action to perform based on regex matching. Defaults to 'replace'.enum:-replace-lowercase-uppercase-keep-drop-keepequal-dropequal-hashmod-labeldrop-labelkeeptype:stringmodulus:description:Modulus to take of the hash of the source label values.format:int64type:integerregex:description:Regular expression against which the extracted value is matched. Defaults to '(.*)'.maxLength:10000type:stringreplacement:description:|-Replacement value against which a regex replace is performed if theregular expression matches. Regex capture groups are available. Defaults to '$1'.type:stringseparator:description:Separator placed between concatenated source label values. Defaults to ';'.type:stringsourceLabels:description:|-The source labels select values from existing labels. Their content is concatenatedusing the configured separator and matched against the configured regular expressionfor the replace, keep, and drop actions.items:pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringmaxItems:100type:arraytargetLabel:description:|-Label to which the resulting value is written in a replace action.It is mandatory for replace actions. Regex capture groups are available.pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringx-kubernetes-validations:-messageExpression:'''cannotrelabelontoprotectedlabel"%s"''.format([self])'rule:self != 'project_id' && self != 'location' && self != 'cluster' && self != 'namespace' && self != 'job' && self != 'instance' && self != 'top_level_controller' && self != 'top_level_controller_type' && self != '__address__'type:objectx-kubernetes-validations:-rule:'!has(self.action)||self.action!=''labeldrop''||has(self.regex)'maxItems:250type:arrayparams:additionalProperties:items:type:stringtype:arraydescription:HTTP GET params to use when scraping.type:objectpath:description:HTTP path to scrape metrics from. Defaults to "/metrics".type:stringscheme:description:Protocol scheme to use to scrape.enum:-http-httpstype:stringtimeout:description:|-Timeout for metrics scrapes. Must be a valid Prometheus duration.Must not be larger then the scrape interval.format:durationtype:stringtls:description:TLS configures the scrape request's TLS settings.properties:insecureSkipVerify:description:InsecureSkipVerify disables target certificate validation.type:booleantype:objectrequired:-intervaltype:objectx-kubernetes-validations:-messageExpression:'''scrapetimeout(%s)mustnotbegreaterthanscrapeinterval(%s)''.format([self.timeout,self.interval])'rule:'!has(self.timeout)||self.timeout<=self.interval'maxItems:10minItems:1type:arraylimits:description:Limits to apply at scrape time.properties:labelNameLength:description:|-Maximum label name length.Uses Prometheus default if left unspecified.format:int64type:integerlabelValueLength:description:|-Maximum label value length.Uses Prometheus default if left unspecified.format:int64type:integerlabels:description:|-Maximum number of labels accepted for a single sample.Uses Prometheus default if left unspecified.format:int64type:integersamples:description:|-Maximum number of samples accepted within a single scrape.Uses Prometheus default if left unspecified.format:int64type:integertype:objectselector:description:|-Label selector that specifies which nodes are selected for this monitoringconfiguration. If left empty all nodes are selected.properties:matchExpressions:description:matchExpressions is a list of label selector requirements. The requirements are ANDed.items:description:|-A label selector requirement is a selector that contains values, a key, and an operator thatrelates the key and values.properties:key:description:key is the label key that the selector applies to.type:stringoperator:description:|-operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.type:stringvalues:description:|-values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.items:type:stringtype:arrayx-kubernetes-list-type:atomicrequired:-key-operatortype:objecttype:arrayx-kubernetes-list-type:atomicmatchLabels:additionalProperties:type:stringdescription:|-matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is "key", theoperator is "In", and the values array contains only "value". The requirements are ANDed.type:objecttype:objectx-kubernetes-map-type:atomicrequired:-endpointstype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:truesubresources:status:{}---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:clusterpodmonitorings.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:ClusterPodMonitoringlistKind:ClusterPodMonitoringListplural:clusterpodmonitoringssingular:clusterpodmonitoringscope:Clusterversions:-name:v1schema:openAPIV3Schema:description:|-ClusterPodMonitoring defines monitoring for a set of pods, scoped to allpods within the cluster.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:|-Specification of desired Pod selection for target discovery byPrometheus.properties:endpoints:description:The endpoints to scrape on the selected pods.items:description:ScrapeEndpoint specifies a Prometheus metrics endpoint to scrape.properties:authorization:description:Authorization is the HTTP authorization credentials for the targets.properties:credentials:description:Credentials uses the secret as the credentials (token) for the authentication header.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objecttype:description:|-Type is the authentication type. Defaults to Bearer.Basic will cause an error, as the BasicAuth object should be used instead.type:stringx-kubernetes-validations:-message:authorization type cannot be set to "basic", use "basic_auth" insteadrule:self != 'Basic'type:objectbasicAuth:description:BasicAuth is the HTTP basic authentication credentials for the targets.properties:password:description:Password uses the secret as the BasicAuth password.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectusername:description:Username is the BasicAuth username.type:stringtype:objectinterval:description:Interval at which to scrape metrics. Must be a valid Prometheus duration.format:durationtype:stringmetricRelabeling:description:|-Relabeling rules for metrics scraped from this endpoint. Relabeling rules thatoverride protected target labels (project_id, location, cluster, namespace, job,instance, top_level_controller, top_level_controller_type, or __address__) arenot permitted. The labelmap action is not permitted in general.items:description:RelabelingRule defines a single Prometheus relabeling rule.properties:action:description:Action to perform based on regex matching. Defaults to 'replace'.enum:-replace-lowercase-uppercase-keep-drop-keepequal-dropequal-hashmod-labeldrop-labelkeeptype:stringmodulus:description:Modulus to take of the hash of the source label values.format:int64type:integerregex:description:Regular expression against which the extracted value is matched. Defaults to '(.*)'.maxLength:10000type:stringreplacement:description:|-Replacement value against which a regex replace is performed if theregular expression matches. Regex capture groups are available. Defaults to '$1'.type:stringseparator:description:Separator placed between concatenated source label values. Defaults to ';'.type:stringsourceLabels:description:|-The source labels select values from existing labels. Their content is concatenatedusing the configured separator and matched against the configured regular expressionfor the replace, keep, and drop actions.items:pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringmaxItems:100type:arraytargetLabel:description:|-Label to which the resulting value is written in a replace action.It is mandatory for replace actions. Regex capture groups are available.pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringx-kubernetes-validations:-messageExpression:'''cannotrelabelontoprotectedlabel"%s"''.format([self])'rule:self != 'project_id' && self != 'location' && self != 'cluster' && self != 'namespace' && self != 'job' && self != 'instance' && self != 'top_level_controller' && self != 'top_level_controller_type' && self != '__address__'type:objectx-kubernetes-validations:-rule:'!has(self.action)||self.action!=''labeldrop''||has(self.regex)'maxItems:250type:arrayoauth2:description:OAuth2 is the OAuth2 client credentials used to fetch a token for the targets.properties:clientID:description:ClientID is the public identifier for the client.type:stringclientSecret:description:ClientSecret uses the secret as the client secret token.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectendpointParams:additionalProperties:type:stringdescription:EndpointParams are additional parameters to append to the token URL.type:objectproxyUrl:description:|-ProxyURL is the HTTP proxy server to use to connect to the targets.Encoded passwords are not supported.maxLength:2000type:stringx-kubernetes-validations:-rule:isURL(self) && !self.matches('@')scopes:description:Scopes represents the scopes for the token request.items:type:stringtype:arraytlsConfig:description:TLS configures the token request's TLS settings.properties:ca:description:|-SecretSelector references a secret from a secret provider e.g. Kubernetes Secret. Only oneprovider can be used at a time.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectcert:description:Cert uses the secret as the certificate for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectinsecureSkipVerify:description:InsecureSkipVerify disables target certificate validation.type:booleankey:description:Key uses the secret as the private key for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectmaxVersion:description:|-MaxVersion is the maximum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringminVersion:description:|-MinVersion is the minimum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringserverName:description:ServerName is used to verify the hostname for the targets.type:stringtype:objectx-kubernetes-validations:-message:client cert and client key must be provided together, when either is providedrule:has(self.cert) == has(self.key)tokenURL:description:TokenURL is the URL to fetch the token from.type:stringtype:objectparams:additionalProperties:items:type:stringtype:arraydescription:HTTP GET params to use when scraping.type:objectpath:description:HTTP path to scrape metrics from. Defaults to "/metrics".type:stringport:anyOf:-type:integer-type:stringdescription:|-Name or number of the port to scrape.The container metadata label is only populated if the port is referenced by namebecause port numbers are not unique across containers.maxLength:253minLength:1x-kubernetes-int-or-string:truex-kubernetes-validations:-message:Port is requiredrule:self != 0proxyUrl:description:|-ProxyURL is the HTTP proxy server to use to connect to the targets.Encoded passwords are not supported.maxLength:2000type:stringx-kubernetes-validations:-rule:isURL(self) && !self.matches('@')scheme:description:Protocol scheme to use to scrape.enum:-http-httpstype:stringtimeout:description:|-Timeout for metrics scrapes. Must be a valid Prometheus duration.Must not be larger than the scrape interval.format:durationtype:stringtls:description:TLS configures the scrape request's TLS settings.properties:ca:description:|-SecretSelector references a secret from a secret provider e.g. Kubernetes Secret. Only oneprovider can be used at a time.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectcert:description:Cert uses the secret as the certificate for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectinsecureSkipVerify:description:InsecureSkipVerify disables target certificate validation.type:booleankey:description:Key uses the secret as the private key for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectmaxVersion:description:|-MaxVersion is the maximum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringminVersion:description:|-MinVersion is the minimum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringserverName:description:ServerName is used to verify the hostname for the targets.type:stringtype:objectx-kubernetes-validations:-message:client cert and client key must be provided together, when either is providedrule:has(self.cert) == has(self.key)required:-interval-porttype:objectx-kubernetes-validations:-messageExpression:'''scrapetimeout(%s)mustnotbegreaterthanscrapeinterval(%s)''.format([self.timeout,self.interval])'rule:'!has(self.timeout)||self.timeout<=self.interval'-rule:'((has(self.authorization)?1:0)+(has(self.basicAuth)?1:0)+(has(self.oauth2)?1:0))<=1'maxItems:10minItems:1type:arrayfilterRunning:description:|-FilterRunning will drop any pods that are in the "Failed" or "Succeeded"pod lifecycle.See: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phaseSpecifically, this prevents scraping Succeeded pods from K8s jobs, whichcould contribute to noisy logs or irrelevant metrics.Additionally, it can mitigate issues with reusing stale targetlabels in cases where Pod IPs are reused (e.g. spot containers).See: https://github.com/GoogleCloudPlatform/prometheus-engine/issues/145type:booleanlimits:description:Limits to apply at scrape time.properties:labelNameLength:description:|-Maximum label name length.Uses Prometheus default if left unspecified.format:int64type:integerlabelValueLength:description:|-Maximum label value length.Uses Prometheus default if left unspecified.format:int64type:integerlabels:description:|-Maximum number of labels accepted for a single sample.Uses Prometheus default if left unspecified.format:int64type:integersamples:description:|-Maximum number of samples accepted within a single scrape.Uses Prometheus default if left unspecified.format:int64type:integertype:objectselector:description:|-Label selector that specifies which pods are selected for this monitoringconfiguration.properties:matchExpressions:description:matchExpressions is a list of label selector requirements. The requirements are ANDed.items:description:|-A label selector requirement is a selector that contains values, a key, and an operator thatrelates the key and values.properties:key:description:key is the label key that the selector applies to.type:stringoperator:description:|-operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.type:stringvalues:description:|-values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.items:type:stringtype:arrayx-kubernetes-list-type:atomicrequired:-key-operatortype:objecttype:arrayx-kubernetes-list-type:atomicmatchLabels:additionalProperties:type:stringdescription:|-matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is "key", theoperator is "In", and the values array contains only "value". The requirements are ANDed.type:objecttype:objectx-kubernetes-map-type:atomictargetLabels:description:|-Labels to add to the Prometheus target for discovered endpoints.The `instance` label is always set to `<pod_name>:<port>` or `<node_name>:<port>`if the scraped pod is controlled by a DaemonSet.properties:fromPod:description:|-Labels to transfer from the Kubernetes Pod to Prometheus target labels.Mappings are applied in order.items:description:|-LabelMapping specifies how to transfer a label from a Kubernetes resourceonto a Prometheus target.properties:from:description:Kubernetes resource label to remap.type:stringto:description:|-Remapped Prometheus target label.Defaults to the same name as `From`.pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringx-kubernetes-validations:-messageExpression:'''cannotrelabelontoprotectedlabel"%s"''.format([self])'rule:self != 'project_id' && self != 'location' && self != 'cluster' && self != 'namespace' && self != 'job' && self != 'instance' && self != 'top_level_controller' && self != 'top_level_controller_type' && self != '__address__'required:-fromtype:objectmaxItems:100type:arraymetadata:default:-container-namespace-pod-top_level_controller_name-top_level_controller_typedescription:|-Pod metadata labels that are set on all scraped targets.Permitted keys are `container`, `namespace`, `node`, `pod`,`top_level_controller_name` and `top_level_controller_type`. The `container`label is only populated if the scrape port is referenced by name.Defaults to [container, namespace, pod, top_level_controller_name, top_level_controller_type].If set to null, it will be interpreted as  [namespace]. This is for backwards-compatibilityonly.items:enum:-container-namespace-node-pod-top_level_controller_name-top_level_controller_typetype:stringtype:arrayx-kubernetes-list-type:settype:objectrequired:-endpoints-selectortype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayendpointStatuses:description:Represents the latest available observations of target state for each ScrapeEndpoint.items:properties:activeTargets:description:Total number of active targets.format:int64type:integercollectorsFraction:description:|-Fraction of collectors included in status, bounded [0,1].Ideally, this should always be 1. Anything less canbe considered a problem and should be investigated.type:stringlastUpdateTime:description:Last time this status was updated.format:date-timetype:stringname:description:The name of the ScrapeEndpoint.type:stringsampleGroups:description:A fixed sample of targets grouped by error type.items:properties:count:description:Total count of similar errors.format:int32type:integersampleTargets:description:Targets emitting the error message.items:properties:health:description:Health status.type:stringlabels:additionalProperties:description:A LabelValue is an associated value for a LabelName.type:stringdescription:The label set, keys and values, of the target.type:objectlastError:description:Error message.type:stringlastScrapeDurationSeconds:description:Scrape duration in seconds.type:stringtype:objecttype:arraytype:objecttype:arrayunhealthyTargets:description:Total number of active, unhealthy targets.format:int64type:integerrequired:-nametype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:truesubresources:status:{}-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:ClusterPodMonitoring defines monitoring for a set of pods.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:|-Specification of desired Pod selection for target discovery byPrometheus.properties:endpoints:description:The endpoints to scrape on the selected pods.items:description:ScrapeEndpoint specifies a Prometheus metrics endpoint to scrape.properties:interval:description:Interval at which to scrape metrics. Must be a valid Prometheus duration.type:stringmetricRelabeling:description:|-Relabeling rules for metrics scraped from this endpoint. Relabeling rules thatoverride protected target labels (project_id, location, cluster, namespace, job,instance, or __address__) are not permitted. The labelmap action is not permittedin general.items:description:RelabelingRule defines a single Prometheus relabeling rule.properties:action:description:Action to perform based on regex matching. Defaults to 'replace'.type:stringmodulus:description:Modulus to take of the hash of the source label values.format:int64type:integerregex:description:Regular expression against which the extracted value is matched. Defaults to '(.*)'.type:stringreplacement:description:|-Replacement value against which a regex replace is performed if theregular expression matches. Regex capture groups are available. Defaults to '$1'.type:stringseparator:description:Separator placed between concatenated source label values. Defaults to ';'.type:stringsourceLabels:description:|-The source labels select values from existing labels. Their content is concatenatedusing the configured separator and matched against the configured regular expressionfor the replace, keep, and drop actions.items:type:stringtype:arraytargetLabel:description:|-Label to which the resulting value is written in a replace action.It is mandatory for replace actions. Regex capture groups are available.type:stringtype:objecttype:arrayparams:additionalProperties:items:type:stringtype:arraydescription:HTTP GET params to use when scraping.type:objectpath:description:HTTP path to scrape metrics from. Defaults to "/metrics".type:stringport:anyOf:-type:integer-type:stringdescription:Name or number of the port to scrape.x-kubernetes-int-or-string:trueproxyUrl:description:Proxy URL to scrape through. Encoded passwords are not supported.type:stringscheme:description:Protocol scheme to use to scrape.type:stringtimeout:description:|-Timeout for metrics scrapes. Must be a valid Prometheus duration.Must not be larger then the scrape interval.type:stringrequired:-porttype:objecttype:arraylimits:description:Limits to apply at scrape time.properties:labelNameLength:description:|-Maximum label name length.Uses Prometheus default if left unspecified.format:int64type:integerlabelValueLength:description:|-Maximum label value length.Uses Prometheus default if left unspecified.format:int64type:integerlabels:description:|-Maximum number of labels accepted for a single sample.Uses Prometheus default if left unspecified.format:int64type:integersamples:description:|-Maximum number of samples accepted within a single scrape.Uses Prometheus default if left unspecified.format:int64type:integertype:objectselector:description:|-Label selector that specifies which pods are selected for this monitoringconfiguration.properties:matchExpressions:description:matchExpressions is a list of label selector requirements. The requirements are ANDed.items:description:|-A label selector requirement is a selector that contains values, a key, and an operator thatrelates the key and values.properties:key:description:key is the label key that the selector applies to.type:stringoperator:description:|-operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.type:stringvalues:description:|-values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.items:type:stringtype:arrayx-kubernetes-list-type:atomicrequired:-key-operatortype:objecttype:arrayx-kubernetes-list-type:atomicmatchLabels:additionalProperties:type:stringdescription:|-matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is "key", theoperator is "In", and the values array contains only "value". The requirements are ANDed.type:objecttype:objectx-kubernetes-map-type:atomictargetLabels:description:Labels to add to the Prometheus target for discovered endpointsproperties:fromPod:description:|-Labels to transfer from the Kubernetes Pod to Prometheus target labels.Mappings are applied in order.items:description:|-LabelMapping specifies how to transfer a label from a Kubernetes resourceonto a Prometheus target.properties:from:description:Kubenetes resource label to remap.type:stringto:description:|-Remapped Prometheus target label.Defaults to the same name as `From`.type:stringrequired:-fromtype:objecttype:arraymetadata:description:|-Pod metadata labels that are set on all scraped targets.Permitted keys are `pod`, `container`, and `node` for PodMonitoring and`pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.Defaults to [pod, container] for PodMonitoring and [namespace, pod, container]for ClusterPodMonitoring.If set to null, it will be interpreted as the empty list for PodMonitoringand to [namespace] for ClusterPodMonitoring. This is for backwards-compatibilityonly.items:type:stringtype:arraytype:objectrequired:-endpoints-selectortype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes a condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:falsesubresources:status:{}---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:clusterrules.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:ClusterRuleslistKind:ClusterRulesListplural:clusterrulessingular:clusterrulesscope:Clusterversions:-name:v1schema:openAPIV3Schema:description:|-ClusterRules defines Prometheus alerting and recording rules that are scopedto the current cluster. Only metric data from the current cluster is processedand all rule results have their project_id and cluster label preservedfor query processing.If the location label is not preserved by the rule, it defaults to the cluster's location.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:default:1mdescription:The interval at which to evaluate the rules. Must be a valid Prometheus duration.format:durationtype:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.format:durationtype:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.pattern:^[a-zA-Z_:][a-zA-Z0-9_:]*$type:stringrequired:-exprtype:objectx-kubernetes-validations:-message:Must set exactly one of Record or Alertrule:'(has(self.record)?1:0)+(has(self.alert)?1:0)==1'-message:Annotations are only allowed for alerting rulesrule:'!has(self.annotations)||has(self.alert)'minItems:1type:arrayrequired:-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:truesubresources:status:{}-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:|-ClusterRules defines Prometheus alerting and recording rules that are scopedto the current cluster. Only metric data from the current cluster is processedand all rule results have their project_id and cluster label preservedfor query processing.If the location label is not preserved by the rule, it defaults to the cluster's location.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:description:The interval at which to evaluate the rules. Must be a valid Prometheus duration.type:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.type:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.type:stringrequired:-exprtype:objecttype:arrayrequired:-interval-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.type:objectrequired:-spectype:objectserved:truestorage:falsesubresources:status:{}---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:globalrules.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:GlobalRuleslistKind:GlobalRulesListplural:globalrulessingular:globalrulesscope:Clusterversions:-name:v1schema:openAPIV3Schema:description:|-GlobalRules defines Prometheus alerting and recording rules that are scopedto all data in the queried project.If the project_id or location labels are not preserved by the rule, they default tothe values of the cluster.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:default:1mdescription:The interval at which to evaluate the rules. Must be a valid Prometheus duration.format:durationtype:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.format:durationtype:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.pattern:^[a-zA-Z_:][a-zA-Z0-9_:]*$type:stringrequired:-exprtype:objectx-kubernetes-validations:-message:Must set exactly one of Record or Alertrule:'(has(self.record)?1:0)+(has(self.alert)?1:0)==1'-message:Annotations are only allowed for alerting rulesrule:'!has(self.annotations)||has(self.alert)'minItems:1type:arrayrequired:-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:truesubresources:status:{}-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:|-GlobalRules defines Prometheus alerting and recording rules that are scopedto all data in the queried project.If the project_id or location labels are not preserved by the rule, they default tothe values of the cluster.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:description:The interval at which to evaluate the rules. Must be a valid Prometheus duration.type:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.type:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.type:stringrequired:-exprtype:objecttype:arrayrequired:-interval-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.type:objectrequired:-spectype:objectserved:truestorage:falsesubresources:status:{}---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:operatorconfigs.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:OperatorConfiglistKind:OperatorConfigListplural:operatorconfigssingular:operatorconfigscope:Namespacedversions:-name:v1schema:openAPIV3Schema:description:OperatorConfig defines configuration of the gmp-operator.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringcollection:description:|-Collection specifies how the operator configures collection, includingscraping and an integrated export to Google Cloud Monitoring.properties:compression:description:Compression enables compression of metrics collection dataenum:-none-gziptype:stringcredentials:description:|-A reference to GCP service account credentials with which Prometheus collectorsare run. It needs to have metric write permissions for all project IDs to whichdata is written.Within GKE, this can typically be left empty if the compute defaultservice account has the required permissions.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicexternalLabels:additionalProperties:type:stringdescription:|-ExternalLabels specifies external labels that are attached to all scrapeddata before being written to Google Cloud Monitoring or any other additional exportsspecified in the OperatorConfig. The precedence behavior matches that of Prometheus.type:objectfilter:description:Filter limits which metric data is sent to Cloud Monitoring (it doesn't apply to additional exports).properties:matchOneOf:description:|-A list of Prometheus time series matchers. Every time series must match at least oneof the matchers to be exported. This field can be used equivalently to the match[]parameter of the Prometheus federation endpoint to selectively export data.Example: `["{job!='foobar'}", "{__name__!~'container_foo.*|container_bar.*'}"]`items:type:stringtype:arraytype:objectkubeletScraping:description:Configuration to scrape the metric endpoints of the Kubelets.properties:interval:description:The interval at which the metric endpoints are scraped.type:stringtlsInsecureSkipVerify:description:|-TLSInsecureSkipVerify disables verifying the target cert.This can be useful for clusters provisioned with kubeadm.type:booleanrequired:-intervaltype:objecttype:objectexports:description:|-Exports is an EXPERIMENTAL feature that specifies additional, optional endpoints to export to,on top of Google Cloud Monitoring collection.Note: To disable integrated export to Google Cloud Monitoring specify a non-matching filter in the "collection.filter" field.items:properties:url:description:The URL of the endpoint that supports Prometheus Remote Write to export samples to.type:stringrequired:-urltype:objecttype:arrayfeatures:description:Features holds configuration for optional managed-collection features.properties:config:description:Settings for the collector configuration propagation.properties:compression:description:|-Compression enables compression of the config data propagated by the operator to collectorsand the rule-evaluator. It is recommended to use the gzip option when using a large number ofClusterPodMonitoring, PodMonitoring, GlobalRules, ClusterRules, and/or Rules.enum:-none-gziptype:stringtype:objecttargetStatus:description:Configuration of target status reporting.properties:enabled:description:Enable target status reporting.type:booleantype:objecttype:objectkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmanagedAlertmanager:default:configSecret:key:alertmanager.yamlname:alertmanagerdescription:ManagedAlertmanager holds information for configuring the managed instance of Alertmanager.properties:configSecret:description:|-ConfigSecret refers to the name of a single-key Secret in the public namespace thatholds the managed Alertmanager config file.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicexternalURL:description:|-ExternalURL is the URL under which Alertmanager is externally reachable (for example, ifAlertmanager is served via a reverse proxy). Used for generating relative and absolutelinks back to Alertmanager itself. If the URL has a path portion, it will be used toprefix all HTTP endpoints served by Alertmanager, otherwise relevant URL components willbe derived automatically.If no URL is provided, Alertmanager will point to the Google Cloud Metric Explorer page.type:stringtype:objectmetadata:type:objectrules:description:Rules specifies how the operator configures and deploys rule-evaluator.properties:alerting:description:Alerting contains how the rule-evaluator configures alerting.properties:alertmanagers:description:Alertmanagers contains endpoint configuration for designated Alertmanagers.items:description:|-AlertmanagerEndpoints defines a selection of a single Endpoints objectcontaining alertmanager IPs to fire alerts against.properties:apiVersion:description:|-Version of the Alertmanager API that rule-evaluator uses to send alerts. Itcan be "v1" or "v2".type:stringauthorization:description:Authorization section for this alertmanager endpointproperties:credentials:description:The secret's key that contains the credentials of the requestproperties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:description:|-Set the authentication type. Defaults to Bearer, Basic will cause anerrortype:stringtype:objectname:description:Name of Endpoints object in Namespace.type:stringnamespace:description:Namespace of Endpoints object.type:stringpathPrefix:description:Prefix for the HTTP path alerts are pushed to.type:stringport:anyOf:-type:integer-type:stringdescription:Port the Alertmanager API is exposed on.x-kubernetes-int-or-string:truescheme:description:Scheme to use when firing alerts.type:stringtimeout:description:Timeout is a per-target Alertmanager timeout when pushing alerts.type:stringtls:description:TLS Config to use for alertmanager connection.properties:ca:description:Struct containing the CA cert to use for the targets.properties:configMap:description:ConfigMap containing data to use for the targets.properties:key:description:The key to select.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the ConfigMap or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicsecret:description:Secret containing data to use for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:objectcert:description:Struct containing the client cert file for the targets.properties:configMap:description:ConfigMap containing data to use for the targets.properties:key:description:The key to select.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the ConfigMap or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicsecret:description:Secret containing data to use for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:objectinsecureSkipVerify:description:Disable target certificate validation.type:booleankeySecret:description:Secret containing the client key file for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicmaxVersion:description:|-Maximum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1), TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.type:stringminVersion:description:|-Minimum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1), TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.type:stringserverName:description:Used to verify the hostname for the targets.type:stringtype:objectrequired:-name-namespace-porttype:objecttype:arraytype:objectcredentials:description:|-A reference to GCP service account credentials with which the ruleevaluator container is run. It needs to have metric read permissionsagainst queryProjectId and metric write permissions against all projectsto which rule results are written.Within GKE, this can typically be left empty if the compute defaultservice account has the required permissions.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicexternalLabels:additionalProperties:type:stringdescription:|-ExternalLabels specifies external labels that are attached to any ruleresults and alerts produced by rules. The precedence behavior matches thatof Prometheus.type:objectgeneratorUrl:description:|-The base URL used for the generator URL in the alert notification payload.Should point to an instance of a query frontend that gives access to queryProjectID.type:stringqueryProjectID:description:|-QueryProjectID is the GCP project ID to evaluate rules against.If left blank, the rule-evaluator will try attempt to infer the Project IDfrom the environment.type:stringtype:objectscaling:description:Scaling contains configuration options for scaling GMP.properties:vpa:description:VPASpec defines configuration options for vertical pod autoscaling.properties:enabled:description:|-Enabled configures whether the operator configures Vertical Pod Autoscaling for GMP workloads.In GKE, installing Vertical Pod Autoscaling requires a cluster restart, and therefore it also results in an operator restart.In other environments, the operator may need to be restarted to enable VPA to run the following check again and watch for the objects.type:booleantype:objecttype:objecttype:objectserved:truestorage:true-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:OperatorConfig defines configuration of the gmp-operator.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringcollection:description:Collection specifies how the operator configures collection.properties:credentials:description:|-A reference to GCP service account credentials with which Prometheus collectorsare run. It needs to have metric write permissions for all project IDs to whichdata is written.Within GKE, this can typically be left empty if the compute defaultservice account has the required permissions.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicexternalLabels:additionalProperties:type:stringdescription:|-ExternalLabels specifies external labels that are attached to all scrapeddata before being written to Cloud Monitoring. The precedence behavior matches thatof Prometheus.type:objectfilter:description:Filter limits which metric data is sent to Cloud Monitoring.properties:matchOneOf:description:|-A list Prometheus time series matchers. Every time series must match at least oneof the matchers to be exported. This field can be used equivalently to the match[]parameter of the Prometheus federation endpoint to selectively export data.Example: `["{job='prometheus'}", "{__name__=~'job:.*'}"]`items:type:stringtype:arraytype:objecttype:objectkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectrules:description:Rules specifies how the operator configures and deployes rule-evaluator.properties:alerting:description:Alerting contains how the rule-evaluator configures alerting.properties:alertmanagers:description:Alertmanagers contains endpoint configuration for designated Alertmanagers.items:description:|-AlertmanagerEndpoints defines a selection of a single Endpoints objectcontaining alertmanager IPs to fire alerts against.properties:apiVersion:description:|-Version of the Alertmanager API that rule-evaluator uses to send alerts. Itcan be "v1" or "v2".type:stringauthorization:description:Authorization section for this alertmanager endpointproperties:credentials:description:The secret's key that contains the credentials of the requestproperties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:description:|-Set the authentication type. Defaults to Bearer, Basic will cause anerrortype:stringtype:objectname:description:Name of Endpoints object in Namespace.type:stringnamespace:description:Namespace of Endpoints object.type:stringpathPrefix:description:Prefix for the HTTP path alerts are pushed to.type:stringport:anyOf:-type:integer-type:stringdescription:Port the Alertmanager API is exposed on.x-kubernetes-int-or-string:truescheme:description:Scheme to use when firing alerts.type:stringtimeout:description:Timeout is a per-target Alertmanager timeout when pushing alerts.type:stringtls:description:TLS Config to use for alertmanager connection.properties:ca:description:Struct containing the CA cert to use for the targets.properties:configMap:description:ConfigMap containing data to use for the targets.properties:key:description:The key to select.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the ConfigMap or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicsecret:description:Secret containing data to use for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:objectcert:description:Struct containing the client cert file for the targets.properties:configMap:description:ConfigMap containing data to use for the targets.properties:key:description:The key to select.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the ConfigMap or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicsecret:description:Secret containing data to use for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomictype:objectinsecureSkipVerify:description:Disable target certificate validation.type:booleankeySecret:description:Secret containing the client key file for the targets.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicserverName:description:Used to verify the hostname for the targets.type:stringtype:objectrequired:-name-namespace-porttype:objecttype:arraytype:objectcredentials:description:|-A reference to GCP service account credentials with which the ruleevaluator container is run. It needs to have metric read permissionsagainst queryProjectId and metric write permissions against all projectsto which rule results are written.Within GKE, this can typically be left empty if the compute defaultservice account has the required permissions.properties:key:description:The key of the secret to select from.  Must be a valid secret key.type:stringname:default:""description:|-Name of the referent.This field is effectively required, but due to backwards compatibility isallowed to be empty. Instances of this type with an empty value here arealmost certainly wrong.More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#namestype:stringoptional:description:Specify whether the Secret or its key must be definedtype:booleanrequired:-keytype:objectx-kubernetes-map-type:atomicexternalLabels:additionalProperties:type:stringdescription:|-ExternalLabels specifies external labels that are attached to any ruleresults and alerts produced by rules. The precedence behavior matches thatof Prometheus.type:objectqueryProjectID:description:|-QueryProjectID is the GCP project ID to evaluate rules against.If left blank, the rule-evaluator will try attempt to infer the Project IDfrom the environment.type:stringtype:objecttype:objectserved:truestorage:false---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:podmonitorings.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:PodMonitoringlistKind:PodMonitoringListplural:podmonitoringssingular:podmonitoringscope:Namespacedversions:-name:v1schema:openAPIV3Schema:description:|-PodMonitoring defines monitoring for a set of pods, scoped to podswithin the PodMonitoring's namespace.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:|-Specification of desired Pod selection for target discovery byPrometheus.properties:endpoints:description:The endpoints to scrape on the selected pods.items:description:ScrapeEndpoint specifies a Prometheus metrics endpoint to scrape.properties:authorization:description:Authorization is the HTTP authorization credentials for the targets.properties:credentials:description:Credentials uses the secret as the credentials (token) for the authentication header.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objecttype:description:|-Type is the authentication type. Defaults to Bearer.Basic will cause an error, as the BasicAuth object should be used instead.type:stringx-kubernetes-validations:-message:authorization type cannot be set to "basic", use "basic_auth" insteadrule:self != 'Basic'type:objectbasicAuth:description:BasicAuth is the HTTP basic authentication credentials for the targets.properties:password:description:Password uses the secret as the BasicAuth password.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectusername:description:Username is the BasicAuth username.type:stringtype:objectinterval:description:Interval at which to scrape metrics. Must be a valid Prometheus duration.format:durationtype:stringmetricRelabeling:description:|-Relabeling rules for metrics scraped from this endpoint. Relabeling rules thatoverride protected target labels (project_id, location, cluster, namespace, job,instance, top_level_controller, top_level_controller_type, or __address__) arenot permitted. The labelmap action is not permitted in general.items:description:RelabelingRule defines a single Prometheus relabeling rule.properties:action:description:Action to perform based on regex matching. Defaults to 'replace'.enum:-replace-lowercase-uppercase-keep-drop-keepequal-dropequal-hashmod-labeldrop-labelkeeptype:stringmodulus:description:Modulus to take of the hash of the source label values.format:int64type:integerregex:description:Regular expression against which the extracted value is matched. Defaults to '(.*)'.maxLength:10000type:stringreplacement:description:|-Replacement value against which a regex replace is performed if theregular expression matches. Regex capture groups are available. Defaults to '$1'.type:stringseparator:description:Separator placed between concatenated source label values. Defaults to ';'.type:stringsourceLabels:description:|-The source labels select values from existing labels. Their content is concatenatedusing the configured separator and matched against the configured regular expressionfor the replace, keep, and drop actions.items:pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringmaxItems:100type:arraytargetLabel:description:|-Label to which the resulting value is written in a replace action.It is mandatory for replace actions. Regex capture groups are available.pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringx-kubernetes-validations:-messageExpression:'''cannotrelabelontoprotectedlabel"%s"''.format([self])'rule:self != 'project_id' && self != 'location' && self != 'cluster' && self != 'namespace' && self != 'job' && self != 'instance' && self != 'top_level_controller' && self != 'top_level_controller_type' && self != '__address__'type:objectx-kubernetes-validations:-rule:'!has(self.action)||self.action!=''labeldrop''||has(self.regex)'maxItems:250type:arrayoauth2:description:OAuth2 is the OAuth2 client credentials used to fetch a token for the targets.properties:clientID:description:ClientID is the public identifier for the client.type:stringclientSecret:description:ClientSecret uses the secret as the client secret token.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectendpointParams:additionalProperties:type:stringdescription:EndpointParams are additional parameters to append to the token URL.type:objectproxyUrl:description:|-ProxyURL is the HTTP proxy server to use to connect to the targets.Encoded passwords are not supported.maxLength:2000type:stringx-kubernetes-validations:-rule:isURL(self) && !self.matches('@')scopes:description:Scopes represents the scopes for the token request.items:type:stringtype:arraytlsConfig:description:TLS configures the token request's TLS settings.properties:ca:description:|-SecretSelector references a secret from a secret provider e.g. Kubernetes Secret. Only oneprovider can be used at a time.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectcert:description:Cert uses the secret as the certificate for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectinsecureSkipVerify:description:InsecureSkipVerify disables target certificate validation.type:booleankey:description:Key uses the secret as the private key for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectmaxVersion:description:|-MaxVersion is the maximum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringminVersion:description:|-MinVersion is the minimum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringserverName:description:ServerName is used to verify the hostname for the targets.type:stringtype:objectx-kubernetes-validations:-message:client cert and client key must be provided together, when either is providedrule:has(self.cert) == has(self.key)tokenURL:description:TokenURL is the URL to fetch the token from.type:stringtype:objectparams:additionalProperties:items:type:stringtype:arraydescription:HTTP GET params to use when scraping.type:objectpath:description:HTTP path to scrape metrics from. Defaults to "/metrics".type:stringport:anyOf:-type:integer-type:stringdescription:|-Name or number of the port to scrape.The container metadata label is only populated if the port is referenced by namebecause port numbers are not unique across containers.maxLength:253minLength:1x-kubernetes-int-or-string:truex-kubernetes-validations:-message:Port is requiredrule:self != 0proxyUrl:description:|-ProxyURL is the HTTP proxy server to use to connect to the targets.Encoded passwords are not supported.maxLength:2000type:stringx-kubernetes-validations:-rule:isURL(self) && !self.matches('@')scheme:description:Protocol scheme to use to scrape.enum:-http-httpstype:stringtimeout:description:|-Timeout for metrics scrapes. Must be a valid Prometheus duration.Must not be larger than the scrape interval.format:durationtype:stringtls:description:TLS configures the scrape request's TLS settings.properties:ca:description:|-SecretSelector references a secret from a secret provider e.g. Kubernetes Secret. Only oneprovider can be used at a time.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectcert:description:Cert uses the secret as the certificate for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectinsecureSkipVerify:description:InsecureSkipVerify disables target certificate validation.type:booleankey:description:Key uses the secret as the private key for client authentication to the server.properties:secret:description:Secret represents reference to a given key from certain Secret in a given namespace.properties:key:description:Key of the secret to select from. Must be a valid secret key.type:stringname:description:Name of the secret to select from.type:stringnamespace:description:|-Namespace of the secret to select from.If empty the parent resource namespace will be chosen.type:stringrequired:-key-nametype:objecttype:objectmaxVersion:description:|-MaxVersion is the maximum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringminVersion:description:|-MinVersion is the minimum TLS version. Accepted values: TLS10 (TLS 1.0), TLS11 (TLS 1.1),TLS12 (TLS 1.2), TLS13 (TLS 1.3).If unset, Prometheus will use Go default minimum version, which is TLS 1.2.See MinVersion in https://pkg.go.dev/crypto/tls#Config.enum:-TLS10-TLS11-TLS12-TLS13type:stringserverName:description:ServerName is used to verify the hostname for the targets.type:stringtype:objectx-kubernetes-validations:-message:client cert and client key must be provided together, when either is providedrule:has(self.cert) == has(self.key)required:-interval-porttype:objectx-kubernetes-validations:-messageExpression:'''scrapetimeout(%s)mustnotbegreaterthanscrapeinterval(%s)''.format([self.timeout,self.interval])'rule:'!has(self.timeout)||self.timeout<=self.interval'-rule:'((has(self.authorization)?1:0)+(has(self.basicAuth)?1:0)+(has(self.oauth2)?1:0))<=1'maxItems:10minItems:1type:arrayfilterRunning:description:|-FilterRunning will drop any pods that are in the "Failed" or "Succeeded"pod lifecycle.See: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phasetype:booleanlimits:description:Limits to apply at scrape time.properties:labelNameLength:description:|-Maximum label name length.Uses Prometheus default if left unspecified.format:int64type:integerlabelValueLength:description:|-Maximum label value length.Uses Prometheus default if left unspecified.format:int64type:integerlabels:description:|-Maximum number of labels accepted for a single sample.Uses Prometheus default if left unspecified.format:int64type:integersamples:description:|-Maximum number of samples accepted within a single scrape.Uses Prometheus default if left unspecified.format:int64type:integertype:objectselector:description:|-Label selector that specifies which pods are selected for this monitoringconfiguration.properties:matchExpressions:description:matchExpressions is a list of label selector requirements. The requirements are ANDed.items:description:|-A label selector requirement is a selector that contains values, a key, and an operator thatrelates the key and values.properties:key:description:key is the label key that the selector applies to.type:stringoperator:description:|-operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.type:stringvalues:description:|-values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.items:type:stringtype:arrayx-kubernetes-list-type:atomicrequired:-key-operatortype:objecttype:arrayx-kubernetes-list-type:atomicmatchLabels:additionalProperties:type:stringdescription:|-matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is "key", theoperator is "In", and the values array contains only "value". The requirements are ANDed.type:objecttype:objectx-kubernetes-map-type:atomictargetLabels:description:|-Labels to add to the Prometheus target for discovered endpoints.The `instance` label is always set to `<pod_name>:<port>` or `<node_name>:<port>`if the scraped pod is controlled by a DaemonSet.properties:fromPod:description:|-Labels to transfer from the Kubernetes Pod to Prometheus target labels.Mappings are applied in order.items:description:|-LabelMapping specifies how to transfer a label from a Kubernetes resourceonto a Prometheus target.properties:from:description:Kubernetes resource label to remap.type:stringto:description:|-Remapped Prometheus target label.Defaults to the same name as `From`.pattern:^[a-zA-Z_][a-zA-Z0-9_]*$type:stringx-kubernetes-validations:-messageExpression:'''cannotrelabelontoprotectedlabel"%s"''.format([self])'rule:self != 'project_id' && self != 'location' && self != 'cluster' && self != 'namespace' && self != 'job' && self != 'instance' && self != 'top_level_controller' && self != 'top_level_controller_type' && self != '__address__'required:-fromtype:objectmaxItems:100type:arraymetadata:default:-container-pod-top_level_controller_name-top_level_controller_typedescription:|-Pod metadata labels that are set on all scraped targets.Permitted keys are `container`, `node`, `pod`, `top_level_controller_name`,and `top_level_controller_type`. The `container`label is only populated if the scrape port is referenced by name.Defaults to [container, pod, top_level_controller_name, top_level_controller_type].If set to null, it will be interpreted as the empty list.This is for backwards-compatibility only.items:enum:-container-node-pod-top_level_controller_name-top_level_controller_typetype:stringtype:arrayx-kubernetes-list-type:settype:objectrequired:-endpoints-selectortype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayendpointStatuses:description:Represents the latest available observations of target state for each ScrapeEndpoint.items:properties:activeTargets:description:Total number of active targets.format:int64type:integercollectorsFraction:description:|-Fraction of collectors included in status, bounded [0,1].Ideally, this should always be 1. Anything less canbe considered a problem and should be investigated.type:stringlastUpdateTime:description:Last time this status was updated.format:date-timetype:stringname:description:The name of the ScrapeEndpoint.type:stringsampleGroups:description:A fixed sample of targets grouped by error type.items:properties:count:description:Total count of similar errors.format:int32type:integersampleTargets:description:Targets emitting the error message.items:properties:health:description:Health status.type:stringlabels:additionalProperties:description:A LabelValue is an associated value for a LabelName.type:stringdescription:The label set, keys and values, of the target.type:objectlastError:description:Error message.type:stringlastScrapeDurationSeconds:description:Scrape duration in seconds.type:stringtype:objecttype:arraytype:objecttype:arrayunhealthyTargets:description:Total number of active, unhealthy targets.format:int64type:integerrequired:-nametype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectx-kubernetes-validations:-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.authorization) || !has(e.authorization.credentials) || !has(e.authorization.credentials.secret) || !has(e.authorization.credentials.secret.__namespace__))-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.basicAuth) || !has(e.basicAuth.password) || !has(e.basicAuth.password.secret) || !has(e.basicAuth.password.secret.__namespace__))-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.tls) || !has(e.tls.ca) || !has(e.tls.ca.secret) || !has(e.tls.ca.secret.__namespace__))-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.tls) || !has(e.tls.cert) || !has(e.tls.cert.secret) || !has(e.tls.cert.secret.__namespace__))-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.tls) || !has(e.tls.key) || !has(e.tls.key.secret) || !has(e.tls.key.secret.__namespace__))-message:Namespace not allowed on PodMonitoring secret references.reason:FieldValueForbiddenrule:self.spec.endpoints.all(e, !has(e.oauth2) || !has(e.oauth2.clientSecret) || !has(e.oauth2.clientSecret.secret) || !has(e.oauth2.clientSecret.secret.__namespace__))served:truestorage:truesubresources:status:{}-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:PodMonitoring defines monitoring for a set of pods.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:|-Specification of desired Pod selection for target discovery byPrometheus.properties:endpoints:description:The endpoints to scrape on the selected pods.items:description:ScrapeEndpoint specifies a Prometheus metrics endpoint to scrape.properties:interval:description:Interval at which to scrape metrics. Must be a valid Prometheus duration.type:stringmetricRelabeling:description:|-Relabeling rules for metrics scraped from this endpoint. Relabeling rules thatoverride protected target labels (project_id, location, cluster, namespace, job,instance, or __address__) are not permitted. The labelmap action is not permittedin general.items:description:RelabelingRule defines a single Prometheus relabeling rule.properties:action:description:Action to perform based on regex matching. Defaults to 'replace'.type:stringmodulus:description:Modulus to take of the hash of the source label values.format:int64type:integerregex:description:Regular expression against which the extracted value is matched. Defaults to '(.*)'.type:stringreplacement:description:|-Replacement value against which a regex replace is performed if theregular expression matches. Regex capture groups are available. Defaults to '$1'.type:stringseparator:description:Separator placed between concatenated source label values. Defaults to ';'.type:stringsourceLabels:description:|-The source labels select values from existing labels. Their content is concatenatedusing the configured separator and matched against the configured regular expressionfor the replace, keep, and drop actions.items:type:stringtype:arraytargetLabel:description:|-Label to which the resulting value is written in a replace action.It is mandatory for replace actions. Regex capture groups are available.type:stringtype:objecttype:arrayparams:additionalProperties:items:type:stringtype:arraydescription:HTTP GET params to use when scraping.type:objectpath:description:HTTP path to scrape metrics from. Defaults to "/metrics".type:stringport:anyOf:-type:integer-type:stringdescription:Name or number of the port to scrape.x-kubernetes-int-or-string:trueproxyUrl:description:Proxy URL to scrape through. Encoded passwords are not supported.type:stringscheme:description:Protocol scheme to use to scrape.type:stringtimeout:description:|-Timeout for metrics scrapes. Must be a valid Prometheus duration.Must not be larger then the scrape interval.type:stringrequired:-porttype:objecttype:arraylimits:description:Limits to apply at scrape time.properties:labelNameLength:description:|-Maximum label name length.Uses Prometheus default if left unspecified.format:int64type:integerlabelValueLength:description:|-Maximum label value length.Uses Prometheus default if left unspecified.format:int64type:integerlabels:description:|-Maximum number of labels accepted for a single sample.Uses Prometheus default if left unspecified.format:int64type:integersamples:description:|-Maximum number of samples accepted within a single scrape.Uses Prometheus default if left unspecified.format:int64type:integertype:objectselector:description:|-Label selector that specifies which pods are selected for this monitoringconfiguration.properties:matchExpressions:description:matchExpressions is a list of label selector requirements. The requirements are ANDed.items:description:|-A label selector requirement is a selector that contains values, a key, and an operator thatrelates the key and values.properties:key:description:key is the label key that the selector applies to.type:stringoperator:description:|-operator represents a key's relationship to a set of values.Valid operators are In, NotIn, Exists and DoesNotExist.type:stringvalues:description:|-values is an array of string values. If the operator is In or NotIn,the values array must be non-empty. If the operator is Exists or DoesNotExist,the values array must be empty. This array is replaced during a strategicmerge patch.items:type:stringtype:arrayx-kubernetes-list-type:atomicrequired:-key-operatortype:objecttype:arrayx-kubernetes-list-type:atomicmatchLabels:additionalProperties:type:stringdescription:|-matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabelsmap is equivalent to an element of matchExpressions, whose key field is "key", theoperator is "In", and the values array contains only "value". The requirements are ANDed.type:objecttype:objectx-kubernetes-map-type:atomictargetLabels:description:Labels to add to the Prometheus target for discovered endpoints.properties:fromPod:description:|-Labels to transfer from the Kubernetes Pod to Prometheus target labels.Mappings are applied in order.items:description:|-LabelMapping specifies how to transfer a label from a Kubernetes resourceonto a Prometheus target.properties:from:description:Kubenetes resource label to remap.type:stringto:description:|-Remapped Prometheus target label.Defaults to the same name as `From`.type:stringrequired:-fromtype:objecttype:arraymetadata:description:|-Pod metadata labels that are set on all scraped targets.Permitted keys are `pod`, `container`, and `node` for PodMonitoring and`pod`, `container`, `node`, and `namespace` for ClusterPodMonitoring.Defaults to [pod, container] for PodMonitoring and [namespace, pod, container]for ClusterPodMonitoring.If set to null, it will be interpreted as the empty list for PodMonitoringand to [namespace] for ClusterPodMonitoring. This is for backwards-compatibilityonly.items:type:stringtype:arraytype:objectrequired:-endpoints-selectortype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes a condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:falsesubresources:status:{}---apiVersion:apiextensions.k8s.io/v1kind:CustomResourceDefinitionmetadata:annotations:controller-gen.kubebuilder.io/version:v0.17.1-0.20250103184936-50893dee96daname:rules.monitoring.googleapis.comspec:group:monitoring.googleapis.comnames:kind:RuleslistKind:RulesListplural:rulessingular:rulesscope:Namespacedversions:-name:v1schema:openAPIV3Schema:description:|-Rules defines Prometheus alerting and recording rules that are scopedto the namespace of the resource. Only metric data from this namespace is processedand all rule results have their project_id, cluster, and namespace label preservedfor query processing.If the location label is not preserved by the rule, it defaults to the cluster's location.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:default:1mdescription:The interval at which to evaluate the rules. Must be a valid Prometheus duration.format:durationtype:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.format:durationtype:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.pattern:^[a-zA-Z_:][a-zA-Z0-9_:]*$type:stringrequired:-exprtype:objectx-kubernetes-validations:-message:Must set exactly one of Record or Alertrule:'(has(self.record)?1:0)+(has(self.alert)?1:0)==1'-message:Annotations are only allowed for alerting rulesrule:'!has(self.annotations)||has(self.alert)'minItems:1type:arrayrequired:-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.properties:conditions:description:Represents the latest available observations of a podmonitor's current state.items:description:MonitoringCondition describes the condition of a PodMonitoring.properties:lastTransitionTime:description:Last time the condition transitioned from one status to another.format:date-timetype:stringlastUpdateTime:description:The last time this condition was updated.format:date-timetype:stringmessage:description:A human-readable message indicating details about the transition.type:stringreason:description:The reason for the condition's last transition.type:stringstatus:description:Status of the condition, one of True, False, Unknown.type:stringtype:description:MonitoringConditionType is the type of MonitoringCondition.type:stringrequired:-status-typetype:objecttype:arrayobservedGeneration:description:The generation observed by the controller.format:int64type:integertype:objectrequired:-spectype:objectserved:truestorage:truesubresources:status:{}-deprecated:truename:v1alpha1schema:openAPIV3Schema:description:|-Rules defines Prometheus alerting and recording rules that are scopedto the namespace of the resource. Only metric data from this namespace is processedand all rule results have their project_id, cluster, and namespace label preservedfor query processing.If the location label is not preserved by the rule, it defaults to the cluster's location.properties:apiVersion:description:|-APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourcestype:stringkind:description:|-Kind is a string value representing the REST resource this object represents.Servers may infer this from the endpoint the client submits requests to.Cannot be updated.In CamelCase.More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindstype:stringmetadata:type:objectspec:description:Specification of rules to record and alert on.properties:groups:description:A list of Prometheus rule groups.items:description:|-RuleGroup declares rules in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:interval:description:The interval at which to evaluate the rules. Must be a valid Prometheus duration.type:stringname:description:The name of the rule group.type:stringrules:description:A list of rules that are executed sequentially as part of this group.items:description:|-Rule is a single rule in the Prometheus format:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/properties:alert:description:|-Name of the alert to evaluate the expression as.Only one of `record` and `alert` must be set.type:stringannotations:additionalProperties:type:stringdescription:|-A set of annotations to attach to alerts produced by the query expression.Only valid if `alert` is set.type:objectexpr:description:The PromQL expression to evaluate.type:stringfor:description:|-The duration to wait before a firing alert produced by this rule is sent to Alertmanager.Only valid if `alert` is set.type:stringlabels:additionalProperties:type:stringdescription:A set of labels to attach to the result of the query expression.type:objectrecord:description:|-Record the result of the expression to this metric name.Only one of `record` and `alert` must be set.type:stringrequired:-exprtype:objecttype:arrayrequired:-interval-name-rulestype:objecttype:arrayrequired:-groupstype:objectstatus:description:Most recently observed status of the resource.type:objectrequired:-spectype:objectserved:truestorage:falsesubresources:status:{}