feat: add PrometheusRule alerts for all services

28 alert rules across 9 PrometheusRule files covering infrastructure (Longhorn, cert-manager), data (PostgreSQL, OpenBao, OpenSearch), storage (SeaweedFS), devtools (Gitea), identity (Hydra, Kratos), media (LiveKit), and mesh (Linkerd golden signals for all services). Severity routing: critical alerts fire to Matrix + email, warnings to Matrix only (AlertManager config updated in separate commit).
2026-03-24 12:20:55 +00:00
parent 74bb59cfdc
commit 3fc54c8851
15 changed files with 363 additions and 2 deletions
--- a/base/devtools/gitea-alertrules.yaml
+++ b/base/devtools/gitea-alertrules.yaml
@@ -0,0 +1,28 @@
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: gitea-alerts
+  namespace: devtools
+  labels:
+    role: alert-rules
+spec:
+  groups:
+    - name: gitea
+      rules:
+        - alert: GiteaDown
+          expr: up{job=~".*gitea.*"} == 0
+          for: 3m
+          labels:
+            severity: critical
+          annotations:
+            summary: "Gitea is down"
+            description: "Gitea instance {{ $labels.namespace }}/{{ $labels.pod }} is down."
+
+        - alert: GiteaHighGoroutines
+          expr: go_goroutines{job=~".*gitea.*"} > 500
+          for: 5m
+          labels:
+            severity: warning
+          annotations:
+            summary: "Gitea goroutine count is high"
+            description: "Gitea {{ $labels.namespace }}/{{ $labels.pod }} has {{ $value }} goroutines."
--- a/base/devtools/kustomization.yaml
+++ b/base/devtools/kustomization.yaml
@@ -7,6 +7,8 @@ resources:
  - namespace.yaml
  - vault-secrets.yaml
  - gitea-theme-cm.yaml
+  - gitea-servicemonitor.yaml
+  - gitea-alertrules.yaml

 helmCharts:
  # helm repo add gitea-charts https://dl.gitea.com/charts/