kyverno/pkg/metrics/policyresults/policyResults.go

package policyresults

import (
	"context"

	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
	"github.com/kyverno/kyverno/pkg/engine/response"
	"github.com/kyverno/kyverno/pkg/metrics"
)

func registerPolicyResultsMetric(
	ctx context.Context,
	m *metrics.MetricsConfig,
	policyValidationMode metrics.PolicyValidationMode,
	policyType metrics.PolicyType,
	policyBackgroundMode metrics.PolicyBackgroundMode,
	policyNamespace, policyName string,
	resourceKind, resourceNamespace string,
	resourceRequestOperation metrics.ResourceRequestOperation,
	ruleName string,
	ruleResult metrics.RuleResult,
	ruleType metrics.RuleType,
	ruleExecutionCause metrics.RuleExecutionCause,
) {
	if policyType == metrics.Cluster {
		policyNamespace = "-"
	}
	if m.Config.CheckNamespace(policyNamespace) {
		m.RecordPolicyResults(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, resourceKind, resourceNamespace, resourceRequestOperation, ruleName, ruleResult, ruleType, ruleExecutionCause)
	}
}

// policy - policy related data
// engineResponse - resource and rule related data
func ProcessEngineResponse(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
	name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
	if err != nil {
		return err
	}
	resourceSpec := engineResponse.PolicyResponse.Resource
	resourceKind := resourceSpec.Kind
	resourceNamespace := resourceSpec.Namespace
	ruleResponses := engineResponse.PolicyResponse.Rules
	for _, rule := range ruleResponses {
		ruleName := rule.Name
		ruleType := metrics.ParseRuleTypeFromEngineRuleResponse(rule)
		var ruleResult metrics.RuleResult
		switch rule.Status {
		case response.RuleStatusPass:
			ruleResult = metrics.Pass
		case response.RuleStatusFail:
			ruleResult = metrics.Fail
		case response.RuleStatusWarn:
			ruleResult = metrics.Warn
		case response.RuleStatusError:
			ruleResult = metrics.Error
		case response.RuleStatusSkip:
			ruleResult = metrics.Skip
		default:
			ruleResult = metrics.Fail
		}
		registerPolicyResultsMetric(
			ctx,
			m,
			validationMode,
			policyType,
			backgroundMode,
			namespace, name,
			resourceKind, resourceNamespace,
			resourceRequestOperation,
			ruleName,
			ruleResult,
			ruleType,
			executionCause,
		)
	}
	return nil
}
dealt with cardinality explosion (#2157) 2021-07-23 21:46:50 +05:30			`package policyresults`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30
			`import (`
feat: propagate context to the metrics package (#5479) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 11:30:14 +01:00			`"context"`
added: support for metrics configuration, periodic metrics cleanup and selective namespace whitelisting and blacklisting for metrics (#2288) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-11 03:09:12 +05:30
chore: make kyverno api import aliases consistent (#3939) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-05-17 13:12:43 +02:00			`kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`"github.com/kyverno/kyverno/pkg/engine/response"`
			`"github.com/kyverno/kyverno/pkg/metrics"`
			`)`

refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`func registerPolicyResultsMetric(`
feat: propagate context to the metrics package (#5479) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 11:30:14 +01:00			`ctx context.Context,`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`m *metrics.MetricsConfig,`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`policyValidationMode metrics.PolicyValidationMode,`
			`policyType metrics.PolicyType,`
			`policyBackgroundMode metrics.PolicyBackgroundMode,`
			`policyNamespace, policyName string,`
removed: resource_name label which is exposed as a part of Kyverno's metrics (#2351) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-02 06:56:25 +05:30			`resourceKind, resourceNamespace string,`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`resourceRequestOperation metrics.ResourceRequestOperation,`
			`ruleName string,`
			`ruleResult metrics.RuleResult,`
			`ruleType metrics.RuleType,`
			`ruleExecutionCause metrics.RuleExecutionCause,`
chore: refactor metrics namespace check (#5489) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 16:53:26 +01:00			`) {`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`if policyType == metrics.Cluster {`
			`policyNamespace = "-"`
			`}`
chore: refactor metrics namespace check (#5489) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 16:53:26 +01:00			`if m.Config.CheckNamespace(policyNamespace) {`
			`m.RecordPolicyResults(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, resourceKind, resourceNamespace, resourceRequestOperation, ruleName, ruleResult, ruleType, ruleExecutionCause)`
added: support for metrics configuration, periodic metrics cleanup and selective namespace whitelisting and blacklisting for metrics (#2288) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-11 03:09:12 +05:30			`}`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`}`

chore: fix golangcilint timeout (#4388) * chore: fix golangcilint timeout Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix commit sha Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * add .gitattributes Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-08-24 15:08:24 +02:00			`// policy - policy related data`
			`// engineResponse - resource and rule related data`
feat: propagate context to the metrics package (#5479) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 11:30:14 +01:00			`func ProcessEngineResponse(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {`
Revert "fix: metrics with invalid validationMode (#4198)" (#4241) This reverts commit 65c100566c92283669db03fd64d6b3be70601a67. 2022-07-20 23:22:03 +08:00			`name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`if err != nil {`
			`return err`
			`}`
			`resourceSpec := engineResponse.PolicyResponse.Resource`
			`resourceKind := resourceSpec.Kind`
			`resourceNamespace := resourceSpec.Namespace`
			`ruleResponses := engineResponse.PolicyResponse.Rules`
			`for _, rule := range ruleResponses {`
			`ruleName := rule.Name`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`ruleType := metrics.ParseRuleTypeFromEngineRuleResponse(rule)`
Fix: RuleResult label to be correctly populated while registering respective metrics Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-10-30 02:56:04 +05:30			`var ruleResult metrics.RuleResult`
			`switch rule.Status {`
			`case response.RuleStatusPass:`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`ruleResult = metrics.Pass`
Fix: RuleResult label to be correctly populated while registering respective metrics Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-10-30 02:56:04 +05:30			`case response.RuleStatusFail:`
			`ruleResult = metrics.Fail`
			`case response.RuleStatusWarn:`
			`ruleResult = metrics.Warn`
			`case response.RuleStatusError:`
			`ruleResult = metrics.Error`
			`case response.RuleStatusSkip:`
			`ruleResult = metrics.Skip`
			`default:`
			`ruleResult = metrics.Fail`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`}`
chore: refactor metrics namespace check (#5489) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 16:53:26 +01:00			`registerPolicyResultsMetric(`
feat: propagate context to the metrics package (#5479) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 11:30:14 +01:00			`ctx,`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`m,`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`validationMode,`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`policyType,`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`backgroundMode,`
			`namespace, name,`
removed: resource_name label which is exposed as a part of Kyverno's metrics (#2351) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-02 06:56:25 +05:30			`resourceKind, resourceNamespace,`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`resourceRequestOperation,`
			`ruleName,`
			`ruleResult,`
			`ruleType,`
			`executionCause,`
chore: refactor metrics namespace check (#5489) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2022-11-28 16:53:26 +01:00			`)`
feat: added kyverno_policy_rule_results_info metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 19:15:04 +05:30			`}`
			`return nil`
			`}`