From 33765657ece5a70f38a50f992259b918873d12d5 Mon Sep 17 00:00:00 2001 From: MichaelFisher1997 Date: Tue, 31 Mar 2026 22:54:57 +0000 Subject: [PATCH] fix: Correct pod selectors for Prometheus and Flux Tailscale services, use Doppler for Grafana creds Prometheus needs operator.prometheus.io/name label selector. Flux UI pods are labeled gitops-server not weave-gitops. Grafana now reads admin creds from Doppler via ExternalSecret instead of hardcoded values. --- infrastructure/addons/flux-ui/flux-tailscale-service.yaml | 5 +++-- .../observability/helmrelease-kube-prometheus-stack.yaml | 3 +-- infrastructure/addons/observability/kustomization.yaml | 1 + .../addons/observability/prometheus-tailscale-service.yaml | 1 + 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/infrastructure/addons/flux-ui/flux-tailscale-service.yaml b/infrastructure/addons/flux-ui/flux-tailscale-service.yaml index 739bab9..c5f9c35 100644 --- a/infrastructure/addons/flux-ui/flux-tailscale-service.yaml +++ b/infrastructure/addons/flux-ui/flux-tailscale-service.yaml @@ -10,9 +10,10 @@ spec: type: LoadBalancer loadBalancerClass: tailscale selector: - app.kubernetes.io/name: weave-gitops + app.kubernetes.io/name: gitops-server + app.kubernetes.io/instance: weave-gitops ports: - name: http port: 9001 protocol: TCP - targetPort: 9001 + targetPort: http diff --git a/infrastructure/addons/observability/helmrelease-kube-prometheus-stack.yaml b/infrastructure/addons/observability/helmrelease-kube-prometheus-stack.yaml index b2467d8..a364dda 100644 --- a/infrastructure/addons/observability/helmrelease-kube-prometheus-stack.yaml +++ b/infrastructure/addons/observability/helmrelease-kube-prometheus-stack.yaml @@ -25,8 +25,7 @@ spec: grafana: enabled: true admin: - user: admin - password: admin123 + existingSecret: grafana-admin-credentials grafana.ini: server: root_url: http://grafana.silverside-gopher.ts.net/ diff --git a/infrastructure/addons/observability/kustomization.yaml b/infrastructure/addons/observability/kustomization.yaml index ceb5acd..27173c3 100644 --- a/infrastructure/addons/observability/kustomization.yaml +++ b/infrastructure/addons/observability/kustomization.yaml @@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - namespace.yaml + - grafana-admin-externalsecret.yaml - helmrepository-prometheus-community.yaml - helmrepository-grafana.yaml - helmrelease-kube-prometheus-stack.yaml diff --git a/infrastructure/addons/observability/prometheus-tailscale-service.yaml b/infrastructure/addons/observability/prometheus-tailscale-service.yaml index 6a6ad57..3e641f3 100644 --- a/infrastructure/addons/observability/prometheus-tailscale-service.yaml +++ b/infrastructure/addons/observability/prometheus-tailscale-service.yaml @@ -11,6 +11,7 @@ spec: loadBalancerClass: tailscale selector: app.kubernetes.io/name: prometheus + operator.prometheus.io/name: observability-kube-prometh-prometheus ports: - name: http port: 9090