Adam

/prombench cancel

Solution implemented in #691. Rule-evaluator and alertmanager will scale to zero when there are no Rules set up in the cluster.

To be more specific, it scales the GMP Rule-evaluator Deployment and Alertmanager StatefulSet to zero if none of these custom resources exist: ``` monitoring.googleapis.com/ClusterRules monitoring.googleapis.com/GlobalRules monitoring.googleapis.com/Rules ``` The primary goal...

This can be implemented with CEL validation and the [authorizer library](https://kubernetes.io/docs/reference/using-api/cel/#kubernetes-authorizer-library).

The presubmit checks the images in the actual manifests, but it does not currently cover example files. Perhaps we can add that.

The correct tag in this case is `v0.15.0-gke.12`, until we get that fixed.

This seems like a reasonable feature to support. I'm not sure we would just want to support providing just a subset of the flags though. Any particular rationale for those...

datasource-syncer does not require root access, and the binary itself should not be impacted by these changes to Cloud Run. I will make a note for our team to review...

@zchenyu Can you clarify how you are creating your PodMonitorings? Usually these are not created with the operator service account. Also, is this in your own cluster or on GKE?

[goccy/go-yaml doesn't seem to support omitzero](https://go.dev/play/p/7Dc7hOcAOGj), either. The [latest version of alertmanager supports unmasking secrets](https://github.com/prometheus/alertmanager/blob/v0.28.1/config/config.go#L42-L45). So does [common](https://github.com/prometheus/common/blob/v0.63.0/config/config.go#L30-L33). That said, it's probably a good idea to switch to a maintained...