{{- if and (.Values.alertmanager.enabled) (not .Values.alertmanager.alertmanagerSpec.useExistingSecret) (.Values.alertmanager.secret.cleanupOnUninstall) }} apiVersion: batch/v1 kind: Job metadata: name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete namespace: {{ template "kube-prometheus-stack.namespace" . }} labels: {{ include "kube-prometheus-stack.labels" . | indent 4 }} app: {{ template "kube-prometheus-stack.name" . }}-alertmanager annotations: "helm.sh/hook": post-delete "helm.sh/hook-delete-policy": hook-succeeded, hook-failed "helm.sh/hook-weight": "5" spec: template: metadata: name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete labels: {{ include "kube-prometheus-stack.labels" . | nindent 8 }} app: {{ template "kube-prometheus-stack.name" . }}-alertmanager spec: serviceAccountName: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete {{- if .Values.alertmanager.secret.securityContext }} securityContext: {{ toYaml .Values.alertmanager.secret.securityContext | indent 8 }} {{- end }} containers: - name: delete-secret image: {{ template "system_default_registry" . }}{{ .Values.alertmanager.secret.image.repository }}:{{ .Values.alertmanager.secret.image.tag }} imagePullPolicy: {{ .Values.alertmanager.secret.image.pullPolicy }} command: - /bin/sh - -c - > if kubectl get secret -n {{ template "kube-prometheus-stack.namespace" . }} alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-alertmanager > /dev/null 2>&1; then kubectl delete secret -n {{ template "kube-prometheus-stack.namespace" . }} alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-alertmanager fi; restartPolicy: OnFailure --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete labels: app: {{ template "kube-prometheus-stack.name" . }}-alertmanager annotations: "helm.sh/hook": post-delete "helm.sh/hook-delete-policy": hook-succeeded, hook-failed "helm.sh/hook-weight": "3" rules: - apiGroups: - "" resources: - secrets verbs: ['get', 'delete'] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete labels: app: {{ template "kube-prometheus-stack.name" . }}-alertmanager annotations: "helm.sh/hook": post-delete "helm.sh/hook-delete-policy": hook-succeeded, hook-failed "helm.sh/hook-weight": "3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete subjects: - kind: ServiceAccount name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete namespace: {{ template "kube-prometheus-stack.namespace" . }} --- apiVersion: v1 kind: ServiceAccount metadata: name: alertmanager-{{ template "kube-prometheus-stack.fullname" . }}-post-delete namespace: {{ template "kube-prometheus-stack.namespace" . }} labels: app: {{ template "kube-prometheus-stack.name" . }}-alertmanager annotations: "helm.sh/hook": post-delete "helm.sh/hook-delete-policy": hook-succeeded, hook-failed "helm.sh/hook-weight": "3" {{- end }}