make charts && make validate

2023-12-10 00:38:09 +00:00 · 2023-12-10 00:38:09 +00:00 · f149c9f184
parent 3a699797bf
commit f149c9f184
138 changed files with 172 additions and 1583 deletions
--- a/assets/rancher-monitoring/rancher-monitoring-103.0.1+up45.31.1.tgz
+++ b/assets/rancher-monitoring/rancher-monitoring-103.0.1+up45.31.1.tgz
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: hardenedKubelet
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedKubelet/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: hardenedNodeExporter
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/hardenedNodeExporter/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: k3sServer
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/k3sServer/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: kubeAdmControllerManager
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmControllerManager/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: kubeAdmEtcd
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmEtcd/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: kubeAdmProxy
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmProxy/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: kubeAdmScheduler
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/kubeAdmScheduler/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rke2ControllerManager
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2ControllerManager/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rke2Etcd
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Etcd/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rke2IngressNginx
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2IngressNginx/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rke2Proxy
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Proxy/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rke2Scheduler
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rke2Scheduler/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rkeControllerManager
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeControllerManager/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rkeEtcd
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/README.md
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/README.md
@ -55,15 +55,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
 | `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
 | `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
 | `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
-| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
 | `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
-| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
-| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
-| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
-| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
-| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
 | `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
 | `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
 | `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/_helpers.tpl
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/_helpers.tpl
@ -68,10 +68,6 @@ provider: kubernetes
 {{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
 {{- end -}}

-{{- define "pushProxy.client.serviceAccountTokenName" -}}
-{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
-{{- end -}}
-
 {{- define "pushProxy.client.labels" -}}
 k8s-app: {{ template "pushProxy.client.name" . }}
 {{ template "pushProxy.commonLabels" . }}
@ -102,11 +98,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- define "pushProxy.serviceMonitor.endpoints" -}}
 {{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
 {{- $useHTTPS := .Values.clients.https.enabled -}}
-{{- $forceHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
-{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
-{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
-{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
-{{- $metricRelabelings := list }}
 {{- $endpoints := .Values.serviceMonitor.endpoints }}
 {{- range $endpoints }}
 {{- if $.Values.proxy.enabled }}
@ -126,14 +117,8 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
 {{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
 {{- end }}
-{{- $metricRelabelings := gt (len (keys $clusterNameRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterNameRelabel)) ($metricRelabelings) }}
-{{- $metricRelabelings := gt (len (keys $clusterIdRelabel)) 0 | ternary (append ($metricRelabelings) ($clusterIdRelabel)) ($metricRelabelings) }}
-{{- if not (empty $metricRelabelings) }}
+{{- $metricRelabelings := append (list ($clusterNameRelabel)) ($clusterIdRelabel) }}
 {{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
-{{- end }}
-{{- if $forceHTTPSScheme -}}
-{{- $_ := set . "scheme" "https" }}
-{{- end -}}
 {{- if $useHTTPS -}}
 {{- if (hasKey . "params") }}
 {{- $_ := set (get . "params") "_scheme" (list "https") }}
@ -141,26 +126,6 @@ app: {{ template "pushprox.serviceMonitor.name" . }}
 {{- $_ := set . "params" (dict "_scheme" (list "https")) }}
 {{- end }}
 {{- end }}
-{{- if (hasKey . "tlsConfig") }}
-{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
-{{- else }}
-{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
-{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
-{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
-{{- end }}
-{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
-{{- if (hasKey . "authorization") }}
-{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
-{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
-{{- else }}
-{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
-{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
-{{- end }}
-{{- end }}
 {{- end }}
 {{- toYaml $endpoints }}
 {{- end -}}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
@ -42,18 +42,6 @@ metadata:
  namespace: {{ include "pushprox.namespace" . }}
  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
 ---
-{{- if .Values.clients.https.useServiceAccountCredentials }}
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
-  namespace: {{ include "pushprox.namespace" . }}
-  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
-  annotations:
-    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
-{{- end }}
---
 {{- if .Values.global.cattle.psp.enabled }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-clients.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-clients.yaml
@ -35,10 +35,6 @@ spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: {{ template "pushProxy.client.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-client
        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-proxy.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/templates/pushprox-proxy.yaml
@ -26,10 +26,6 @@ spec:
 {{ toYaml .Values.proxy.tolerations | indent 8 }}
 {{- end }}
      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
-      {{- if .Values.global.imagePullSecretName }}
-      imagePullSecrets:
-      - name: {{ .Values.global.imagePullSecretName }}
-      {{- end }}
      containers:
      - name: pushprox-proxy
        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/values.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeEtcd/values.yaml
@ -75,29 +75,9 @@ clients:
  https:
    # Does the client require https to access the metrics?
    enabled: false
-    # Does the client require requests be sent to http or https?
-    forceHTTPSScheme: false
    # If set to true, the client will create a service account with adequate permissions and set a flag
    # on the client to use the service account token provided by it to make authorized scrape requests
    useServiceAccountCredentials: false
-    # Configuration for authentication to metrics via https endpoint
-    authenticationMethod:
-      # Reads token from defined file in container
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenFile:
-        enabled: false
-        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
-      # Reads token from defined secret in namespace
-      # This function is deprecated in the prometheus operator api and may be removed in a future version
-      bearerTokenSecret:
-        enabled: false
-      # Reads token from defined secret in namespace
-      authorization:
-        enabled: false
-        type: "bearer"
-        credentials:
-          key: "token"
-          optional: false
    # If set to true, the client will disable SSL security checks
    insecureSkipVerify: false
    # Directory on host where necessary TLS cert and key to scrape metrics can be found
--- a/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeIngressNginx/Chart.yaml
+++ b/charts/rancher-monitoring/103.0.1+up45.31.1/charts/rkeIngressNginx/Chart.yaml
@ -6,9 +6,9 @@ annotations:
  catalog.rancher.io/namespace: cattle-monitoring-system
  catalog.rancher.io/release-name: rancher-pushprox
 apiVersion: v1
-appVersion: 0.1.1
+appVersion: 0.1.0
 description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
  clients.
 name: rkeIngressNginx
 type: application
-version: 103.0.0
+version: 0.1.6
--- a/Show More
+++ b/Show More