robintra/perf-sentinel chart-v0.2.24

perf-sentinel chart v0.2.24

on GitHub

What's new in chart-v0.2.24

This is a daemon-version-only chart bump: appVersion advances from 0.5.20 to 0.5.21, the default image.tag now resolves to ghcr.io/robintra/perf-sentinel:0.5.21, and the artifacthub.io/images annotation is updated in lockstep so the Artifact Hub listing advertises the matching image. No chart-level template diff, no values.yaml schema change, no new RBAC, no new optional ConfigMap or Secret. The chart-v0.2.23 surface is preserved byte-for-byte.

The 0.5.21 daemon adds two Prometheus counters on /metrics (perf_sentinel_ack_operations_total{action} for successful ack and unack operations, perf_sentinel_ack_operations_failed_total{action,reason} for failures across nine documented reasons) so operators running the runtime ack workflow can dashboard operator-driven activity, alert on auth misconfiguration via reason="unauthorized", and detect store saturation via reason="limit_reached", reason="file_too_large", or reason="entry_too_large". Existing ServiceMonitor rendering and Prometheus scrapers pick up the new series automatically on the next scrape, both legacy Prometheus and OpenMetrics output formats include them, and the loopback-default --listen-address posture is unchanged.

Changed

• appVersion bumped from 0.5.20 to 0.5.21, default image.tag now resolves to ghcr.io/robintra/perf-sentinel:0.5.21. The artifacthub.io/images annotation tracks the bump.
• No chart-level config change. values.yaml, every template, the ServiceMonitor rendering, the NetworkPolicy rendering, and the optional [daemon.ack] ConfigMap-and-Secret plumbing from chart-v0.2.23 are byte-for-byte identical to the previous chart release.

Behavior

• Existing scrapers pick up the new counters automatically. The two perf_sentinel_ack_operations_* series appear on the next scrape after helm upgrade. No --reset-values, no template re-render, no serviceMonitor.relabelings adjustment needed.
• Pre-warmed-zero series at startup. Fifteen reachable (action, reason) combinations emit zero values from daemon launch (two success series, thirteen failure series), so dashboards built with rate() queries do not need absent() guards. Impossible combinations such as action="ack",reason="not_acked" are intentionally left out so the visible series only contain ones that can actually grow.
• No upgrade hook required, no on-disk migration. The runtime ack store JSONL schema is unchanged. A helm upgrade from chart-v0.2.23 keeps the daemon's existing acks.jsonl intact, the daemon replays and atomically rewrites it at startup as it did before.
• Auth-presence inference disclosure. Operators who scrape the metrics endpoint from outside the daemon's network namespace should know that perf_sentinel_ack_operations_failed_total{reason="unauthorized"} is pre-warmed to zero unconditionally but only ever increments when [daemon.ack] api_key is set and a request fails auth. A non-zero value confirms api_key is configured. Loopback-default scope mitigates the disclosure, the v0.5.19 NetworkPolicy plus Prometheus-side mTLS guidance in docs/HELM-DEPLOYMENT.md and docs/METRICS.md covers cluster-wide topologies.

Install

helm install perf-sentinel oci://ghcr.io/robintra/charts/perf-sentinel --version 0.2.24

Upgrade an existing release:

helm upgrade perf-sentinel oci://ghcr.io/robintra/charts/perf-sentinel --version 0.2.24

The matching daemon release is v0.5.21, see those release notes for the application-side changes (counter pre-warming contract, the EntryTooLarge and FileTooLarge reason split, internal refactors).

View this release on Artifact Hub.