Skip to content

update prometheus-community dependencies #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
tsipo wants to merge 2 commits into from
Closed

update prometheus-community dependencies #109

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2370217
update prometheus-community dependencies
tsipo May 14, 2026
3c8204d
bump up chart versions
tsipo May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions charts/kubex-automation-stack/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ dependencies:
version: 4.0.16
- name: prometheus
repository: https://prometheus-community.github.io/helm-charts
version: 27.52.0
version: 29.6.0
- name: k8s-ephemeral-storage-metrics
repository: https://densify-dev.github.io/helm-charts
version: 1.20.2
- name: node-labeler
repository: https://densify-dev.github.io/helm-charts
version: 0.1.1
digest: sha256:81d3e9479a5f0203fa50dd47e827710465bd81795d5b6a1a4cc5abe2a8450feb
generated: "2026-05-08T09:30:37.859134485-04:00"
digest: sha256:281c8079c052c84479e3ba46fc604433de8a35c22afc89755669b170e5da7027
generated: "2026-05-14T16:30:14.770282539-04:00"
4 changes: 2 additions & 2 deletions charts/kubex-automation-stack/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
apiVersion: v2
description: Kubex Collection Stack
name: kubex-automation-stack
version: 1.0.11
version: 1.0.12
type: application
icon: https://www.kubex.ai/wp-content/uploads/kubex-by-densify-logo.png
dependencies:
- name: container-optimization-data-forwarder
version: "4.*.*"
repository: https://densify-dev.github.io/helm-charts
- name: prometheus
version: "27.*.*"
version: "29.*.*"
Copy link
Copy Markdown
Contributor

@kubexautomation kubexautomation Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CONTENT OF THIS REVIEW IS AI GENERATED

[Severity: Major] [Confidence: High]

Location: charts/kubex-automation-stack/Chart.yaml:12

Issue: The prometheus dependency jumps two major versions (27.*.*29.*.*), skipping all of version 28.

Why it matters: The prometheus community Helm chart introduced breaking changes across both major 28 and major 29 releases (e.g. changes to sub-chart value structure, removal of deprecated fields, RBAC and serviceAccount schema changes). Skipping an entire major is double the surface area for breakage, and any per-major migration steps documented upstream would need to be applied in sequence. If a deployment is upgraded from a chart using v27 to one using v29 without going through v28 first, subtle runtime misconfigurations can be silently deployed.

Suggested fix: Confirm the upstream release notes for both prometheus chart v28 and v29 have been reviewed end-to-end. In particular, verify:

  1. No key renames under prometheus.server, prometheus.kube-state-metrics, or prometheus.prometheus-node-exporter that conflict with this chart's values.yaml.
  2. Any deprecated fields still in use (e.g. prometheusScrape, metricLabelsAllowlist) are still valid in v29.
  3. Consider an incremental bump (v28 first, then v29) in separate PRs to isolate regressions.

Copy link
Copy Markdown
Contributor

@kubexautomation kubexautomation Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CONTENT OF THIS REVIEW IS AI GENERATED

[Severity: Major] [Confidence: High]

Location: charts/kubex-automation-stack/values.yaml (kube-state-metrics sub-chart block, ~line 47)

Issue: prometheus.kube-state-metrics.prometheusScrape: false is a key that was removed in kube-state-metrics chart v7. The prometheus chart v29 bundles kube-state-metrics v7, so this key will be silently ignored after this upgrade.

Why it matters: With prometheusScrape no longer suppressing the default prometheus.io/scrape: "true" annotation, the Prometheus server's kubernetes-service-endpointslice job will start scraping the KSM service via annotation-based discovery in addition to the static scrape job already configured. This results in double-ingestion of all KSM metrics, inflating TSDB storage and potentially causing Densify analysis issues from duplicated time-series.

Suggested fix:

  1. Remove the prometheusScrape key (it no longer has any effect).
  2. Instead, explicitly set the KSM service annotation to opt out of Prometheus scraping via the values.yaml:
prometheus:
  kube-state-metrics:
    service:
      annotations:
        prometheus.io/scrape: "false"
  1. Validate with helm template that the rendered KSM Service no longer carries a prometheus.io/scrape: "true" annotation after the upgrade.

repository: https://prometheus-community.github.io/helm-charts
condition: stack.prometheus.deploy
- name: k8s-ephemeral-storage-metrics
Expand Down
6 changes: 3 additions & 3 deletions charts/kubex-collection-gke-autopilot/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@ dependencies:
version: 4.0.16
- name: kube-state-metrics
repository: https://prometheus-community.github.io/helm-charts
version: 6.4.2
digest: sha256:dbb1a13b8b5b2c2255dfc25bbdb83e99a026b03182b2331f5b1dd02558e3f61a
generated: "2026-05-08T09:32:54.347559314-04:00"
version: 7.3.0
digest: sha256:f4c4247751afff05ec575744f1f1535d849acaa9bb78c05dfde474ad27c7d29a
generated: "2026-05-14T16:31:26.904576854-04:00"
4 changes: 2 additions & 2 deletions charts/kubex-collection-gke-autopilot/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
apiVersion: v2
description: Kubex Collection Stack for GKE Autopilot Clusters
name: kubex-collection-gke-autopilot
version: 1.0.6
version: 1.0.7
type: application
icon: https://www.kubex.ai/wp-content/uploads/kubex-by-densify-logo.png
dependencies:
- name: container-optimization-data-forwarder
version: "4.*.*"
repository: https://densify-dev.github.io/helm-charts
- name: kube-state-metrics
version: "6.*.*"
version: "7.*.*"
Copy link
Copy Markdown
Contributor

@kubexautomation kubexautomation Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CONTENT OF THIS REVIEW IS AI GENERATED

[Severity: Major] [Confidence: High]

Location: charts/kubex-collection-gke-autopilot/Chart.yaml:12

Issue: kube-state-metrics is bumped a full major version (6.*.*7.*.*), but the downstream values.yaml has not been audited for breaking value key changes introduced in kube-state-metrics chart v7.

Why it matters: The kube-state-metrics Helm chart v7 renamed and restructured several values. Notably:

  • metricAnnotationsAllowList and metricLabelsAllowlist key casing/naming changed across versions.
  • The collectors list format and default set changed in v7.
  • rbac.create was reorganised under a new schema.

The values.yaml for this chart (and the embedded kube-state-metrics block inside kubex-automation-stack/values.yaml) still uses the old key names. Silently-ignored unrecognised values will cause the deployed KSM to use upstream defaults rather than the intended configuration, which could result in missing metrics or excess RBAC permissions.

Suggested fix:

  1. Diff the values.yaml schema between kube-state-metrics chart v6 and v7.
  2. Update metricAnnotationsAllowList, metricLabelsAllowlist, collectors, and rbac blocks accordingly in both values.yaml files.
  3. Add an explicit helm upgrade --dry-run step to CI or document it in the PR description.

Copy link
Copy Markdown
Contributor

@kubexautomation kubexautomation Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CONTENT OF THIS REVIEW IS AI GENERATED

[Severity: Major] [Confidence: Medium]

Location: charts/kubex-collection-gke-autopilot/Chart.yaml:12

Issue: metricLabelsAllowlist (lowercase l) is used in both values.yaml files, but kube-state-metrics chart v7 renamed the field to metricLabelsAllowList (capital L). The same applies to metricAnnotationsAllowList which already uses the right casing in isolation, but the all-lowercase metricLabelsAllowlist form is not accepted in v7 and will be silently dropped.

Why it matters: If KSM silently ignores these values, it falls back to collecting no extra label/annotation metadata. The downstream Densify platform relies on node, pod, deployment, and namespace labels being present in the KSM metrics. Loss of these labels will cause incomplete resource tagging and degraded optimization recommendations.

Suggested fix: After bumping to v7, verify the exact accepted key names against the kube-state-metrics v7 values.yaml schema. The current best-known mapping is:

  • metricLabelsAllowlistmetricLabelsAllowList
  • metricAnnotationsAllowList → unchanged (already correct casing)

Update both charts/kubex-collection-gke-autopilot/values.yaml and the prometheus.kube-state-metrics block in charts/kubex-automation-stack/values.yaml accordingly, and confirm with helm template output that the KSM deployment args contain --metric-labels-allowlist.

repository: https://prometheus-community.github.io/helm-charts
condition: stack.runsInGKEAutopilot
keywords:
Expand Down