kyverno/pkg/metrics/policyruleinfo/policyRuleInfo.go

package policyruleinfo

import (
	"fmt"

	kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
	"github.com/kyverno/kyverno/pkg/autogen"
	"github.com/kyverno/kyverno/pkg/metrics"
	"github.com/kyverno/kyverno/pkg/utils"
)

func registerPolicyRuleInfoMetric(
	m *metrics.MetricsConfig,
	policyValidationMode metrics.PolicyValidationMode,
	policyType metrics.PolicyType,
	policyBackgroundMode metrics.PolicyBackgroundMode,
	policyNamespace, policyName, ruleName string,
	ruleType metrics.RuleType,
	metricChangeType PolicyRuleInfoMetricChangeType,
	ready bool,
) error {
	var metricValue float64
	switch metricChangeType {
	case PolicyRuleCreated:
		metricValue = float64(1)
	case PolicyRuleDeleted:
		metricValue = float64(0)
	default:
		return fmt.Errorf("unknown metric change type found:  %s", metricChangeType)
	}
	includeNamespaces, excludeNamespaces := m.Config.GetIncludeNamespaces(), m.Config.GetExcludeNamespaces()
	if (policyNamespace != "" && policyNamespace != "-") && utils.ContainsString(excludeNamespaces, policyNamespace) {
		m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", policyNamespace, excludeNamespaces))
		return nil
	}
	if (policyNamespace != "" && policyNamespace != "-") && len(includeNamespaces) > 0 && !utils.ContainsString(includeNamespaces, policyNamespace) {
		m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", policyNamespace, includeNamespaces))
		return nil
	}
	if policyType == metrics.Cluster {
		policyNamespace = "-"
	}
	status := "false"
	if ready {
		status = "true"
	}
	m.RecordPolicyRuleInfo(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, status, metricValue)

	return nil
}

func AddPolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
	name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
	if err != nil {
		return err
	}
	ready := policy.IsReady()
	for _, rule := range autogen.ComputeRules(policy) {
		ruleName := rule.Name
		ruleType := metrics.ParseRuleType(rule)
		if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleCreated, ready); err != nil {
			return err
		}
	}
	return nil
}

func RemovePolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
	name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
	if err != nil {
		return err
	}
	ready := policy.IsReady()
	for _, rule := range autogen.ComputeRules(policy) {
		ruleName := rule.Name
		ruleType := metrics.ParseRuleType(rule)
		if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleDeleted, ready); err != nil {
			return err
		}
	}
	return nil
}
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`package policyruleinfo`

			`import (`
			`"fmt"`

chore: make kyverno api import aliases consistent (#3939) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-05-17 13:12:43 +02:00			`kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"`
feat: stop mutating rules (#3410) * feat: stop adding autogen annotation Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: stop mutating rules Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * feat: stop mutating rules Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: use toggle Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * fix: review comments Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-03-28 16:01:27 +02:00			`"github.com/kyverno/kyverno/pkg/autogen"`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`"github.com/kyverno/kyverno/pkg/metrics"`
refactor: use existing ContainsString util (#3543) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-04-04 17:31:33 +02:00			`"github.com/kyverno/kyverno/pkg/utils"`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`)`

refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`func registerPolicyRuleInfoMetric(`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`m *metrics.MetricsConfig,`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`policyValidationMode metrics.PolicyValidationMode,`
			`policyType metrics.PolicyType,`
			`policyBackgroundMode metrics.PolicyBackgroundMode,`
			`policyNamespace, policyName, ruleName string,`
			`ruleType metrics.RuleType,`
			`metricChangeType PolicyRuleInfoMetricChangeType,`
Dynamic webhooks (#2425) * support k8s 1.22, update admissionregistration.k8s.io/v1beta1 to admissionregistration.k8s.io/v1 Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add failurePolicy to policy spec; - fix typo Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add schema validation for failurePolicy; - add a printer column Signed-off-by: ShutingZhao <shutting06@gmail.com> * set default failure policy to fail if not defined Signed-off-by: ShutingZhao <shutting06@gmail.com> * resolve conflicts Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix missing type for printerColumn Signed-off-by: ShutingZhao <shutting06@gmail.com> * refactor policy controller Signed-off-by: ShutingZhao <shutting06@gmail.com> * add webhook config manager Signed-off-by: ShutingZhao <shutting06@gmail.com> * - build webhook objects per policy update; - add fail webhook to default webhook configurations Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix panic on policy update Signed-off-by: ShutingZhao <shutting06@gmail.com> * build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all Signed-off-by: ShutingZhao <shutting06@gmail.com> * - set default webhook configs rule to empty; - handle policy deletion Signed-off-by: ShutingZhao <shutting06@gmail.com> * reset webhook config if policies with a specific failurePolicy are cleaned up Signed-off-by: ShutingZhao <shutting06@gmail.com> * handle wildcard pocliy Signed-off-by: ShutingZhao <shutting06@gmail.com> * update default webhook timeout to 10s Signed-off-by: ShutingZhao <shutting06@gmail.com> * cleanups Signed-off-by: ShutingZhao <shutting06@gmail.com> * added webhook informer to re-create it immediately if missing Signed-off-by: ShutingZhao <shutting06@gmail.com> * update tag webhookTimeoutSeconds description Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix e2e tests Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix linter issue Signed-off-by: ShutingZhao <shutting06@gmail.com> * correct metric endpoint Signed-off-by: ShutingZhao <shutting06@gmail.com> * add pol.generate.kind to webhooks Signed-off-by: ShutingZhao <shutting06@gmail.com> 2021-10-05 00:15:09 -07:00			`ready bool,`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`) error {`
			`var metricValue float64`
			`switch metricChangeType {`
			`case PolicyRuleCreated:`
			`metricValue = float64(1)`
			`case PolicyRuleDeleted:`
			`metricValue = float64(0)`
			`default:`
			`return fmt.Errorf("unknown metric change type found: %s", metricChangeType)`
			`}`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`includeNamespaces, excludeNamespaces := m.Config.GetIncludeNamespaces(), m.Config.GetExcludeNamespaces()`
refactor: use existing ContainsString util (#3543) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-04-04 17:31:33 +02:00			`if (policyNamespace != "" && policyNamespace != "-") && utils.ContainsString(excludeNamespaces, policyNamespace) {`
Added appropriate logging levels to log.Info() calls wherever necessary (#4341) * Added appropriate logging levels to log.Info() calls wherever necessary Signed-off-by: anutosh491 <andersonbhat491@gmail.com> * Changed logging levels to 2 Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-08-18 18:54:59 +05:30			`m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", policyNamespace, excludeNamespaces))`
added: support for metrics configuration, periodic metrics cleanup and selective namespace whitelisting and blacklisting for metrics (#2288) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-11 03:09:12 +05:30			`return nil`
			`}`
refactor: use existing ContainsString util (#3543) Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-04-04 17:31:33 +02:00			`if (policyNamespace != "" && policyNamespace != "-") && len(includeNamespaces) > 0 && !utils.ContainsString(includeNamespaces, policyNamespace) {`
Added appropriate logging levels to log.Info() calls wherever necessary (#4341) * Added appropriate logging levels to log.Info() calls wherever necessary Signed-off-by: anutosh491 <andersonbhat491@gmail.com> * Changed logging levels to 2 Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Signed-off-by: anutosh491 <andersonbhat491@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-08-18 18:54:59 +05:30			`m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", policyNamespace, includeNamespaces))`
added: support for metrics configuration, periodic metrics cleanup and selective namespace whitelisting and blacklisting for metrics (#2288) Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-09-11 03:09:12 +05:30			`return nil`
			`}`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`if policyType == metrics.Cluster {`
			`policyNamespace = "-"`
			`}`
Dynamic webhooks (#2425) * support k8s 1.22, update admissionregistration.k8s.io/v1beta1 to admissionregistration.k8s.io/v1 Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add failurePolicy to policy spec; - fix typo Signed-off-by: ShutingZhao <shutting06@gmail.com> * - add schema validation for failurePolicy; - add a printer column Signed-off-by: ShutingZhao <shutting06@gmail.com> * set default failure policy to fail if not defined Signed-off-by: ShutingZhao <shutting06@gmail.com> * resolve conflicts Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix missing type for printerColumn Signed-off-by: ShutingZhao <shutting06@gmail.com> * refactor policy controller Signed-off-by: ShutingZhao <shutting06@gmail.com> * add webhook config manager Signed-off-by: ShutingZhao <shutting06@gmail.com> * - build webhook objects per policy update; - add fail webhook to default webhook configurations Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix panic on policy update Signed-off-by: ShutingZhao <shutting06@gmail.com> * build default webhook: match empty if autoUpdateWebhooks is enabled, otherwise match all Signed-off-by: ShutingZhao <shutting06@gmail.com> * - set default webhook configs rule to empty; - handle policy deletion Signed-off-by: ShutingZhao <shutting06@gmail.com> * reset webhook config if policies with a specific failurePolicy are cleaned up Signed-off-by: ShutingZhao <shutting06@gmail.com> * handle wildcard pocliy Signed-off-by: ShutingZhao <shutting06@gmail.com> * update default webhook timeout to 10s Signed-off-by: ShutingZhao <shutting06@gmail.com> * cleanups Signed-off-by: ShutingZhao <shutting06@gmail.com> * added webhook informer to re-create it immediately if missing Signed-off-by: ShutingZhao <shutting06@gmail.com> * update tag webhookTimeoutSeconds description Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix e2e tests Signed-off-by: ShutingZhao <shutting06@gmail.com> * fix linter issue Signed-off-by: ShutingZhao <shutting06@gmail.com> * correct metric endpoint Signed-off-by: ShutingZhao <shutting06@gmail.com> * add pol.generate.kind to webhooks Signed-off-by: ShutingZhao <shutting06@gmail.com> 2021-10-05 00:15:09 -07:00			`status := "false"`
			`if ready {`
			`status = "true"`
			`}`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`m.RecordPolicyRuleInfo(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, status, metricValue)`

feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`return nil`
			`}`

feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`func AddPolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)`
			`if err != nil {`
			`return err`
			`}`
			`ready := policy.IsReady()`
			`for _, rule := range autogen.ComputeRules(policy) {`
			`ruleName := rule.Name`
			`ruleType := metrics.ParseRuleType(rule)`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleCreated, ready); err != nil {`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`return err`
			`}`
			`}`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`return nil`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`}`

feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`func RemovePolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)`
			`if err != nil {`
			`return err`
			`}`
			`ready := policy.IsReady()`
			`for _, rule := range autogen.ComputeRules(policy) {`
			`ruleName := rule.Name`
			`ruleType := metrics.ParseRuleType(rule)`
feat: Opentelemetry support for metrics and traces (#3910) * integrating opentelemetry Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fix multiple imports Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * fixed cli help statement Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> * added init file for metrics Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com> Co-authored-by: shuting <shuting@nirmata.com> 2022-07-11 23:19:47 +05:30			`if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleDeleted, ready); err != nil {`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`return err`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`}`
			`}`
refactor: metrics package (#3549) * refactor: use BackgroundProcessingEnabled method Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: webhooks metrics reporting Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> * refactor: metrics package Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com> 2022-04-06 20:14:13 +02:00			`return nil`
feat: added kyverno_policy_rule_info_total metric Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com> 2021-05-15 18:10:11 +05:30			`}`