---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: thanos
spec:
  interval: 30m
  timeout: 15m
  chart:
    spec:
      chart: thanos
      version: 14.0.2
      sourceRef:
        kind: HelmRepository
        name: bitnami
        namespace: flux-system
  install:
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
  uninstall:
    keepHistory: false
  dependsOn:
    - name: openebs
      namespace: openebs-system
    - name: redis
      namespace: database
    - name: rook-ceph-cluster
      namespace: rook-ceph
  values:
    existingObjstoreSecret: thanos-s3-secret
    image:
      registry: quay.io
      repository: thanos/thanos
      tag: v0.34.1
    objstoreConfig:
      type: s3
      config:
        insecure: true
    receive:
      enabled: false
      networkPolicy:
        enabled: false
    queryFrontend:
      enabled: true
      replicaCount: 2
      config: &config |-
        type: REDIS
        config:
          addr: dragonfly.database.svc.cluster.local:6379
          db: 2
      ingress:
        enabled: true
        ingressClassName: internal-nginx
        hostname: &host thanos-query-frontend.jahanson.tech
        tls: true
        extraTls:
          - hosts:
              - *host
      networkPolicy:
        enabled: false
    query:
      enabled: true
      replicaCount: 2
      replicaLabel: ["__replica__"]
      dnsDiscovery:
        sidecarsService: kube-prometheus-stack-thanos-discovery
        sidecarsNamespace: observability
      stores: ["thanos.jahanson.tech:10901"]
      networkPolicy:
        enabled: false
    bucketweb:
      enabled: true
      replicaCount: 2
      networkPolicy:
        enabled: false
    compactor:
      enabled: true
      extraFlags:
        - --compact.concurrency=4
        - --delete-delay=30m
      retentionResolutionRaw: 14d
      retentionResolution5m: 30d
      retentionResolution1h: 60d
      persistence:
        enabled: true
        storageClass: openebs-hostpath
        size: 10Gi
      networkPolicy:
        enabled: false
    storegateway:
      enabled: true
      replicaCount: 2
      config: *config
      persistence:
        enabled: true
        storageClass: openebs-hostpath
        size: 10Gi
      networkPolicy:
        enabled: false
    ruler:
      enabled: true
      replicaCount: 2
      replicaLabel: __replica__
      alertmanagers: ["http://alertmanager-operated.observability.svc.cluster.local:9093"]
      extraFlags: ["--web.prefix-header=X-Forwarded-Prefix"]
      config: |-
        groups:
          - name: PrometheusWatcher
            rules:
              - alert: PrometheusDown
                annotations:
                  summary: A Prometheus has disappeared from Prometheus target discovery
                expr: absent(up{job="kube-prometheus-stack-prometheus"})
                for: 5m
                labels:
                  severity: critical
      persistence:
        enabled: true
        storageClass: openebs-hostpath
        size: 10Gi
      networkPolicy:
        enabled: false
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true