2022-11-09 11:52:20 +01:00
package handlers
import (
2022-11-17 16:17:52 +01:00
"context"
2022-12-09 18:12:37 +01:00
"net/http"
2022-11-28 19:11:11 +01:00
"strings"
2022-11-09 11:52:20 +01:00
"time"
"github.com/go-logr/logr"
2022-11-28 19:11:11 +01:00
"github.com/kyverno/kyverno/pkg/config"
2022-12-09 10:49:45 +01:00
"github.com/kyverno/kyverno/pkg/metrics"
2022-11-28 19:11:11 +01:00
"go.opentelemetry.io/otel/attribute"
"go.opentelemetry.io/otel/metric/global"
"go.opentelemetry.io/otel/metric/instrument"
2022-12-09 18:12:37 +01:00
semconv "go.opentelemetry.io/otel/semconv/v1.4.0"
2022-11-09 11:52:20 +01:00
admissionv1 "k8s.io/api/admission/v1"
)
2022-11-30 10:30:24 +01:00
func ( inner AdmissionHandler ) WithMetrics ( logger logr . Logger , metricsConfig config . MetricsConfiguration , attrs ... attribute . KeyValue ) AdmissionHandler {
2022-12-09 10:49:45 +01:00
return inner . withMetrics ( logger , metricsConfig , attrs ... ) . WithTrace ( "METRICS" )
2022-11-09 11:52:20 +01:00
}
2022-11-30 10:30:24 +01:00
func ( inner AdmissionHandler ) withMetrics ( logger logr . Logger , metricsConfig config . MetricsConfiguration , attrs ... attribute . KeyValue ) AdmissionHandler {
2022-12-09 10:49:45 +01:00
meter := global . MeterProvider ( ) . Meter ( metrics . MeterName )
2022-12-09 18:12:37 +01:00
requestsMetric , err := meter . SyncInt64 ( ) . Counter (
2022-12-11 22:51:15 +01:00
"kyverno_admission_requests" ,
2022-11-28 19:11:11 +01:00
instrument . WithDescription ( "can be used to track the number of admission requests encountered by Kyverno in the cluster" ) ,
)
if err != nil {
logger . Error ( err , "Failed to create instrument, kyverno_admission_requests_total" )
}
2022-12-09 18:12:37 +01:00
durationMetric , err := meter . SyncFloat64 ( ) . Histogram (
2022-11-28 19:11:11 +01:00
"kyverno_admission_review_duration_seconds" ,
instrument . WithDescription ( "can be used to track the latencies (in seconds) associated with the entire individual admission review. For example, if an incoming request trigger, say, five policies, this metric will track the e2e latency associated with the execution of all those policies" ) ,
)
if err != nil {
logger . Error ( err , "Failed to create instrument, kyverno_admission_review_duration_seconds" )
}
2022-11-17 16:17:52 +01:00
return func ( ctx context . Context , logger logr . Logger , request * admissionv1 . AdmissionRequest , startTime time . Time ) * admissionv1 . AdmissionResponse {
2022-11-28 09:59:05 +01:00
response := inner ( ctx , logger , request , startTime )
2022-11-28 19:11:11 +01:00
namespace := request . Namespace
if metricsConfig . CheckNamespace ( namespace ) {
operation := strings . ToLower ( string ( request . Operation ) )
2022-11-29 12:39:44 +01:00
allowed := true
if response != nil {
allowed = response . Allowed
}
2022-11-30 10:30:24 +01:00
attributes := [ ] attribute . KeyValue {
attribute . String ( "resource_kind" , request . Kind . Kind ) ,
attribute . String ( "resource_namespace" , namespace ) ,
attribute . String ( "resource_request_operation" , operation ) ,
attribute . Bool ( "request_allowed" , allowed ) ,
}
attributes = append ( attributes , attrs ... )
2022-12-09 18:12:37 +01:00
if durationMetric != nil {
2022-11-28 19:11:11 +01:00
defer func ( ) {
latency := int64 ( time . Since ( startTime ) )
2022-12-09 18:12:37 +01:00
durationInSeconds := float64 ( latency ) / float64 ( 1000 * 1000 * 1000 )
durationMetric . Record ( ctx , durationInSeconds , attributes ... )
2022-11-28 19:11:11 +01:00
} ( )
}
2022-12-09 18:12:37 +01:00
if requestsMetric != nil {
requestsMetric . Add ( ctx , 1 , attributes ... )
2022-11-28 19:11:11 +01:00
}
}
2022-11-28 09:59:05 +01:00
return response
2022-11-09 11:52:20 +01:00
}
}
2022-12-09 18:12:37 +01:00
func ( inner HttpHandler ) WithMetrics ( logger logr . Logger , attrs ... attribute . KeyValue ) HttpHandler {
return inner . withMetrics ( logger , attrs ... ) . WithTrace ( "METRICS" )
}
func ( inner HttpHandler ) withMetrics ( logger logr . Logger , attrs ... attribute . KeyValue ) HttpHandler {
meter := global . MeterProvider ( ) . Meter ( metrics . MeterName )
requestsMetric , err := meter . SyncInt64 ( ) . Counter (
"kyverno_http_requests_total" ,
instrument . WithDescription ( "can be used to track the number of http requests" ) ,
)
if err != nil {
logger . Error ( err , "Failed to create instrument, kyverno_http_requests_total" )
}
durationMetric , err := meter . SyncFloat64 ( ) . Histogram (
"kyverno_http_requests_duration_seconds" ,
instrument . WithDescription ( "can be used to track the latencies (in seconds) associated with the entire individual http request." ) ,
)
if err != nil {
logger . Error ( err , "Failed to create instrument, kyverno_http_requests_duration_seconds" )
}
return func ( writer http . ResponseWriter , request * http . Request ) {
startTime := time . Now ( )
attributes := [ ] attribute . KeyValue {
semconv . HTTPRequestContentLengthKey . Int64 ( request . ContentLength ) ,
semconv . HTTPHostKey . String ( request . Host ) ,
semconv . HTTPMethodKey . String ( request . Method ) ,
semconv . HTTPURLKey . String ( request . RequestURI ) ,
}
attributes = append ( attributes , attrs ... )
if requestsMetric != nil {
requestsMetric . Add ( request . Context ( ) , 1 , attributes ... )
}
if durationMetric != nil {
defer func ( ) {
latency := int64 ( time . Since ( startTime ) )
durationInSeconds := float64 ( latency ) / float64 ( 1000 * 1000 * 1000 )
durationMetric . Record ( request . Context ( ) , durationInSeconds , attributes ... )
} ( )
}
inner ( writer , request )
}
}
