From f974eb498836df0250d4e412b700ac3eb1783018 Mon Sep 17 00:00:00 2001
From: YashasviDevtron <yashasvi.pareta@devtron.ai>
Date: Tue, 25 Nov 2025 17:42:51 +0530
Subject: [PATCH] Updated the version of monitoring stack

---
 charts/devtron-monitoring/Chart.lock      |  33 +++++++
 charts/devtron-monitoring/Chart.yaml      |  90 +++++++++++--------
 charts/devtron-monitoring/README.MD       |   2 +
 charts/devtron-monitoring/app-values.yaml | 103 +++++++++++++++++++---
 charts/devtron-monitoring/values.yaml     |  28 +++---
 5 files changed, 191 insertions(+), 65 deletions(-)
 create mode 100644 charts/devtron-monitoring/Chart.lock

diff --git a/charts/devtron-monitoring/Chart.lock b/charts/devtron-monitoring/Chart.lock
new file mode 100644
index 000000000..9704723a3
--- /dev/null
+++ b/charts/devtron-monitoring/Chart.lock
@@ -0,0 +1,33 @@
+dependencies:
+- name: fluent-bit
+  repository: https://fluent.github.io/helm-charts
+  version: 0.48.5
+- name: vector
+  repository: https://helm.vector.dev
+  version: 0.40.0
+- name: uptime-kuma
+  repository: https://helm.irsigler.cloud
+  version: 2.21.2
+- name: jaeger-all-in-one-opentelemetry
+  repository: https://helm.devtron.ai
+  version: 0.1.0
+- name: metrics-server
+  repository: https://kubernetes-sigs.github.io/metrics-server
+  version: 3.12.2
+- name: prometheus-blackbox-exporter
+  repository: https://prometheus-community.github.io/helm-charts
+  version: 9.2.0
+- name: k8s-event-logger
+  repository: oci://ghcr.io/deliveryhero/helm-charts
+  version: 1.1.9
+- name: victoria-metrics-k8s-stack
+  repository: https://victoriametrics.github.io/helm-charts/
+  version: 0.36.2
+- name: pyroscope
+  repository: https://grafana.github.io/helm-charts
+  version: 1.13.2
+- name: victoria-logs-single
+  repository: https://victoriametrics.github.io/helm-charts/
+  version: 0.9.8
+digest: sha256:fc8b2f09fa1cb41b6b334390684fd8ccbb0bab27dc41947cbbaec6fc4c2bbfb1
+generated: "2025-06-09T15:44:24.354197+05:30"
diff --git a/charts/devtron-monitoring/Chart.yaml b/charts/devtron-monitoring/Chart.yaml
index 33b3d5165..7fc031c71 100644
--- a/charts/devtron-monitoring/Chart.yaml
+++ b/charts/devtron-monitoring/Chart.yaml
@@ -1,54 +1,66 @@
 apiVersion: v2
-name: devtron-monitoring
-description: Enables robust monitoring and logging using Fluent-Bit, Uptime Kuma, Jaeger, Victoria Metrics, Black Box, and Event Logger for observability.  
-type: application
-sources:
-  - https://github.com/fluent/helm-charts/tree/main/charts/fluent-bit
-  - https://github.com/vectordotdev/helm-charts/tree/develop/charts/vector
-  - https://github.com/dirsigler/uptime-kuma-helm/tree/main/charts/uptime-kuma
-  - https://github.com/devtron-labs/charts/tree/main/charts/jaeger-opentelemetry
-  - https://github.com/kubernetes-sigs/metrics-server/tree/master/charts/metrics-server
-  - https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-blackbox-exporter
-  - https://github.com/deliveryhero/helm-charts/tree/master/stable/k8s-event-logger
-
-version: 0.0.4
-appVersion: "0.0.1"
+appVersion: 0.0.1
 dependencies:
-- name: fluent-bit
-  version: "0.48.5"
+- condition: fluent-bit.enabled
+  name: fluent-bit
   repository: https://fluent.github.io/helm-charts
-  condition: fluent-bit.enabled
-- name: vector
-  version: "0.40.0"
+  version: 0.48.5
+- condition: vector.enabled
+  name: vector
   repository: https://helm.vector.dev
-  condition: vector.enabled
-- name: uptime-kuma
-  version: "2.21.2"
+  version: 0.40.0
+- condition: uptime-kuma.enabled
+  name: uptime-kuma
   repository: https://helm.irsigler.cloud
-  condition: uptime-kuma.enabled
-- name: jaeger-all-in-one-opentelemetry
-  version: "0.1.0"
+  version: 2.21.2
+- condition: jaeger-all-in-one-opentelemetry.enabled
+  name: jaeger-all-in-one-opentelemetry
   repository: https://helm.devtron.ai
-  condition: jaeger-all-in-one-opentelemetry.enabled
-- name: metrics-server
-  version: "3.12.2"
+  version: 0.1.2
+- condition: metrics-server.enabled
+  name: metrics-server
   repository: https://kubernetes-sigs.github.io/metrics-server
-  condition: metrics-server.enabled
-- name: prometheus-blackbox-exporter
-  version: "9.2.0"
+  version: 3.12.2
+- condition: prometheus-blackbox-exporter.enabled
+  name: prometheus-blackbox-exporter
   repository: https://prometheus-community.github.io/helm-charts
-  condition: prometheus-blackbox-exporter.enabled
-- name: k8s-event-logger
-  version: "1.1.9"
+  version: 9.2.0
+- condition: k8s-event-logger.enabled
+  name: k8s-event-logger
   repository: oci://ghcr.io/deliveryhero/helm-charts
-  condition: k8s-event-logger.enabled
-- name: victoria-metrics-k8s-stack
-  version: "0.36.2"
-  repository: https://victoriametrics.github.io/helm-charts/
+  version: 1.1.9
+- alias: victoriametrics
   condition: victoriametrics.enabled
-  alias: victoriametrics
+  name: victoria-metrics-k8s-stack
+  repository: https://victoriametrics.github.io/helm-charts/
+  version: 0.36.2
+- alias: pyroscope
+  condition: pyroscope.enabled
+  name: pyroscope
+  repository: https://grafana.github.io/helm-charts
+  version: 1.13.2
+- alias: vmlogs
+  condition: vmlogs.enabled
+  name: victoria-logs-single
+  repository: https://victoriametrics.github.io/helm-charts/
+  version: 0.9.8
+description: Enables robust monitoring and logging using Fluent-Bit, Uptime Kuma,
+  Jaeger, Victoria Metrics, Black Box, and Event Logger for observability.
 maintainers:
 - email: badal@devtron.ai
   name: Badal Kumar
 - email: pawan.mehta@devtron.ai
   name: Pawan Kumar
+name: devtron-monitoring
+sources:
+- https://github.com/fluent/helm-charts/tree/main/charts/fluent-bit
+- https://github.com/vectordotdev/helm-charts/tree/develop/charts/vector
+- https://github.com/dirsigler/uptime-kuma-helm/tree/main/charts/uptime-kuma
+- https://github.com/devtron-labs/charts/tree/main/charts/jaeger-opentelemetry
+- https://github.com/kubernetes-sigs/metrics-server/tree/master/charts/metrics-server
+- https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-blackbox-exporter
+- https://github.com/deliveryhero/helm-charts/tree/master/stable/k8s-event-logger
+- https://github.com/grafana/pyroscope
+- https://github.com/VictoriaMetrics/helm-charts
+type: application
+version: 0.0.10
diff --git a/charts/devtron-monitoring/README.MD b/charts/devtron-monitoring/README.MD
index 762e4cb97..eebd87fd7 100644
--- a/charts/devtron-monitoring/README.MD
+++ b/charts/devtron-monitoring/README.MD
@@ -8,6 +8,8 @@
 - Kube-Prom-Stack / Victoria Metrics  
 - Black Box  
 - Event Logger  
+- VMlogs
+- Pyroscope
 
 
 
diff --git a/charts/devtron-monitoring/app-values.yaml b/charts/devtron-monitoring/app-values.yaml
index e8dac449b..3501020ee 100644
--- a/charts/devtron-monitoring/app-values.yaml
+++ b/charts/devtron-monitoring/app-values.yaml
@@ -92,7 +92,6 @@ fluent-bit:
           endpoint https://<add if any custom endpoint>
           bucket <bucket_name>
           s3_key_format /$TAG[1]/$TAG[3]/%Y-%m-%d/%H_%M_%S_$TAG[2].log
-          # s3_key_format /$TAG[1]/$TAG[3]/%Y-%m-%d/%H_%M_%S.log
           s3_key_format_tag_delimiters .
           static_file_path On
           use_put_object Off
@@ -241,7 +240,6 @@ vector:
         inputs:
           - my_remap_id_audit
         key_prefix: '{{ print "audit-log/devtroncd/{{ container_name }}/%Y-%m-%d/" }}'
-        region: <region_name>
         type: aws_s3
       my_sink_id_audit:
         batch:
@@ -255,7 +253,7 @@ vector:
         inputs:
           - my_remap_id
         key_prefix: '{{ print "vector-log-2/devtroncd/{{ container_name }}/%Y-%m-%d/" }}'
-        region: <region_name>
+        
         type: aws_s3
     sources:
       kube_log:
@@ -436,12 +434,7 @@ victoriametrics:
               path: /var/lib/grafana/dashboards/default
             orgId: 1
             type: file
-    dashboards:
-      default:
-        nodeexporter:
-          datasource: VictoriaMetrics
-          gnetId: 1860
-          revision: 22
+    dashboards: {}
     defaultDashboardsTimezone: ist
     enabled: true
     forceDeployDatasource: false
@@ -462,7 +455,7 @@ victoriametrics:
         nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
         nginx.ingress.kubernetes.io/rewrite-target: /grafana/$2
         nginx.ingress.kubernetes.io/ssl-redirect: "false"
-      enabled: true
+      enabled: false
       hosts:
         - <testing>.domain.com
       ingressClassName: nginx-new
@@ -501,7 +494,7 @@ victoriametrics:
       disable_prometheus_converter: false
       prometheus_converter_add_argocd_ignore_annotations: true
   vmagent:
-    enabled: true
+    enabled: false
     ingress:
       enabled: true
       hosts:
@@ -517,7 +510,7 @@ victoriametrics:
         promscrape.suppressScrapeErrorsDelay: 30s
       scrapeInterval: 20s
   vmalert:
-    enabled: true
+    enabled: false
     ingress:
       enabled: true
       hosts:
@@ -527,11 +520,93 @@ victoriametrics:
       extraArgs:
         external.url: https://vmalert-<testing>.domain.com
   vmsingle:
-    enabled: true
+    enabled: false
+    containers:
+      - name: oauth2-proxy
+        image: quay.io/oauth2-proxy/oauth2-proxy:v7.4.0
+        args:
+          - --provider=google  # Change this to: google, github, azure, oidc, etc.
+          - --upstream=http://127.0.0.1:8429
+          - --http-address=0.0.0.0:4180
+          - --cookie-secure=true
+          - --redirect-url=https://vmsingle-<testing>.domain.com/oauth2/callback
+          - --email-domain=
+        env:
+          - name: OAUTH2_PROXY_CLIENT_ID
+            valueFrom:
+              secretKeyRef:
+                name: google-oauth-secrets
+                key: client-id
+          - name: OAUTH2_PROXY_CLIENT_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: google-oauth-secrets
+                key: client-secret
+          - name: OAUTH2_PROXY_COOKIE_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: google-oauth-secrets
+                key: cookie-secret
+          - name: OAUTH2_PROXY_REDIRECT_URL
+            value: "https://vmsingle-<testing>.domain.com/oauth2/callback"
+        ports:
+          - containerPort: 4180
+            name: oauth-proxy
+        resources:
+          limits:
+            cpu: 100m
+            memory: 128Mi
+          requests:
+            cpu: 50m
+            memory: 64Mi
+        livenessProbe:
+          httpGet:
+            path: /ping
+            port: 4180
+          initialDelaySeconds: 30
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /ping
+            port: 4180
+          initialDelaySeconds: 5
+          periodSeconds: 5
+    # Update service to expose oauth2-proxy port
+    ports:
+      - name: http
+        port: 8429
+        targetPort: 8429
+      - name: oauth-proxy
+        port: 4180
+        targetPort: 4180
     ingress:
-      enabled: true
+      enabled: false
+      annotations:
+        nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+        nginx.ingress.kubernetes.io/upstream-vhost: vmsingle-<testing>.domain.com
+        # Route traffic to oauth2-proxy port instead of VMSingle directly
+        nginx.ingress.kubernetes.io/service-upstream: "true"
       hosts:
         - vmsingle-<testing>.domain.com
+      extraPaths:
+      - path: /oauth2
+        pathType: Prefix
+        backend:
+          service:
+            name: vmsingle-victoria-metrics
+            port:
+              name: oauth-proxy
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: vmsingle-victoria-metrics
+            port:
+              name: oauth-proxy
       ingressClassName: nginx
     spec:
       retentionPeriod: 5d
+pyroscope:
+  enabled: false
+vmlogs:
+  enabled: false
diff --git a/charts/devtron-monitoring/values.yaml b/charts/devtron-monitoring/values.yaml
index 06a304250..41d677d3b 100644
--- a/charts/devtron-monitoring/values.yaml
+++ b/charts/devtron-monitoring/values.yaml
@@ -92,7 +92,6 @@ fluent-bit:
           endpoint https://<add if any custom endpoint>
           bucket <bucket_name>
           s3_key_format /$TAG[1]/$TAG[3]/%Y-%m-%d/%H_%M_%S_$TAG[2].log
-          # s3_key_format /$TAG[1]/$TAG[3]/%Y-%m-%d/%H_%M_%S.log
           s3_key_format_tag_delimiters .
           static_file_path On
           use_put_object Off
@@ -413,7 +412,7 @@ victoriametrics:
           - continue: true
             match: null
             receiver: discord
-    enabled: true
+    enabled: false
   crds:
     enabled: true
   defaultDashboards:
@@ -436,7 +435,7 @@ victoriametrics:
               path: /var/lib/grafana/dashboards/default
             orgId: 1
             type: file
-    dashboards:  {}
+    dashboards: {}
     defaultDashboardsTimezone: ist
     enabled: true
     forceDeployDatasource: false
@@ -453,10 +452,7 @@ victoriametrics:
         serve_from_sub_path: true
       tag: 9.4.17
     ingress:
-      annotations:
-        nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
-        nginx.ingress.kubernetes.io/rewrite-target: /grafana/$2
-        nginx.ingress.kubernetes.io/ssl-redirect: "false"
+      annotations: {}
       enabled: true
       hosts:
         - <testing>.domain.com
@@ -496,7 +492,7 @@ victoriametrics:
       disable_prometheus_converter: false
       prometheus_converter_add_argocd_ignore_annotations: true
   vmagent:
-    enabled: true
+    enabled: false
     ingress:
       enabled: true
       hosts:
@@ -512,7 +508,7 @@ victoriametrics:
         promscrape.suppressScrapeErrorsDelay: 30s
       scrapeInterval: 20s
   vmalert:
-    enabled: true
+    enabled: false
     ingress:
       enabled: true
       hosts:
@@ -522,11 +518,19 @@ victoriametrics:
       extraArgs:
         external.url: https://vmalert-<testing>.domain.com
   vmsingle:
-    enabled: true
+    enabled: false
+    containers: []
+    # Update service to expose oauth2-proxy port
+    ports: []
     ingress:
-      enabled: true
+      enabled: false
+      annotations: {}
       hosts:
         - vmsingle-<testing>.domain.com
-      ingressClassName: nginx
+      extraPaths: []
     spec:
       retentionPeriod: 5d
+pyroscope:
+  enabled: false
+vmlogs:
+  enabled: false