# prometheus.yaml # ArgoCD Application für Prometheus apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: prometheus namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec: project: default source: repoURL: https://prometheus-community.github.io/helm-charts targetRevision: 27.*.* chart: prometheus helm: valueFiles: - values.yaml values: | server: global: scrape_interval: 15s evaluation_interval: 15s service: type: ClusterIP port: 80 persistentVolume: enabled: true size: 10Gi storageClass: "local-path" resources: limits: cpu: 500m memory: 512Mi requests: cpu: 100m memory: 128Mi prometheus-node-exporter: enabled: false kubeStateMetrics: enabled: true alertmanager: enabled: true service: type: ClusterIP persistentVolume: enabled: true size: 2Gi storageClass: "local-path" pushgateway: enabled: true service: type: ClusterIP securityContext: runAsNonRoot: true runAsUser: 65534 runAsGroup: 65534 fsGroup: 65534 seccompProfile: type: RuntimeDefault containerSecurityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 65534 runAsGroup: 65534 capabilities: drop: - ALL destination: server: https://kubernetes.default.svc namespace: prometheus syncPolicy: anagedNamespaceMetadata: labels: pod-security.kubernetes.io/enforce: privileged pod-security.kubernetes.io/audit: privileged pod-security.kubernetes.io/warn: privileged automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true - PrunePropagationPolicy=foreground - RespectIgnoreDifferences=true