added: support for metrics configuration, periodic metrics cleanup and selective namespace whitelisting and blacklisting for metrics (#2288)

Signed-off-by: Yashvardhan Kukreja <yash.kukreja.98@gmail.com>
2025-03-28 18:38:40 +00:00 · 2021-09-11 03:09:12 +05:30 · 2021-09-11 03:09:12 +05:30 · 5fcd9b83d9
commit 5fcd9b83d9
parent c2e298a1f6
40 changed files with 6502 additions and 4177 deletions
--- a/charts/kyverno-crds/templates/crds.yaml
+++ b/charts/kyverno-crds/templates/crds.yaml
--- a/charts/kyverno/templates/_helpers.tpl
+++ b/charts/kyverno/templates/_helpers.tpl
@ -53,6 +53,10 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- printf "%s" (default (include "kyverno.fullname" .) .Values.config.existingConfig) -}}
 {{- end -}}

+{{/* Get the metrics config map name. */}}
+{{- define "kyverno.metricsConfigMapName" -}}
+{{- printf "%s" (default (printf "%s-metrics" (include "kyverno.fullname" .)) .Values.config.existingMetricsConfig) -}}
+{{- end -}}

 {{/* Get the namespace name. */}}
 {{- define "kyverno.namespace" -}}
--- a/charts/kyverno/templates/deployment.yaml
+++ b/charts/kyverno/templates/deployment.yaml
@ -68,6 +68,8 @@ spec:
              drop:
                - all
          env:
+          - name: METRICS_CONFIG
+            value: {{ template "kyverno.metricsConfigMapName" . }}
          - name: KYVERNO_NAMESPACE
            valueFrom:
              fieldRef:
@ -103,6 +105,8 @@ spec:
          env:
          - name: INIT_CONFIG
            value: {{ template "kyverno.configMapName" . }}
+          - name: METRICS_CONFIG
+            value: {{ template "kyverno.metricsConfigMapName" . }}
          - name: KYVERNO_NAMESPACE
            valueFrom:
              fieldRef:
--- a/charts/kyverno/templates/metricsconfigmap.yaml
+++ b/charts/kyverno/templates/metricsconfigmap.yaml
@ -0,0 +1,22 @@
+{{- if (not .Values.config.existingMetricsConfig) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels: {{ include "kyverno.labels" . | nindent 4 }}
+    app: kyverno
+  name: {{ template "kyverno.metricsConfigMapName" . }}
+  namespace: {{ template "kyverno.namespace" . }}
+{{- if .Values.config.metricsConfig }}
+data:
+  {{- if .Values.config.metricsConfig.namespaces }}
+  namespaces: {{ .Values.config.metricsConfig.namespaces | toJson | quote }}
+  {{- end -}}
+  {{- if .Values.config.metricsConfig.metricsRefreshInterval }}
+  metricsRefreshInterval: {{ .Values.config.metricsConfig.metricsRefreshInterval }}
+  {{- end -}}
+{{- else }}
+data:
+  namespaces: '{"include": [], "exclude": []}'
+  metricsRefreshInterval: 0s
+{{- end }}
+{{- end -}}
--- a/charts/kyverno/values.yaml
+++ b/charts/kyverno/values.yaml
@ -94,7 +94,7 @@ livenessProbe:
    path: /health/liveness
    port: 9443
    scheme: HTTPS
-  initialDelaySeconds: 10
+  initialDelaySeconds: 15
  periodSeconds: 30
  timeoutSeconds: 5
  failureThreshold: 2
@ -152,6 +152,19 @@ config:
  # webhooks: [{"namespaceSelector":{"matchExpressions":[{"key":"environment","operator":"In","values":["prod"]}]}}]
  generateSuccessEvents: 'false'
  # existingConfig: init-config
+  metricsConfig:
+    namespaces: {
+      "include": [],
+      "exclude": []
+    }
+    # 'namespaces.include': list of namespaces to capture metrics for. Default: metrics being captured for all namespaces except excludeNamespaces.
+    # 'namespaces.exclude': list of namespaces to NOT capture metrics for. Default: []
+
+    # metricsRefreshInterval: 24h
+    # rate at which metrics should reset so as to clean up the memory footprint of kyverno metrics, if you might be expecting high memory footprint of Kyverno's metrics. Default: 0, no refresh of metrics
+
+  # Or provide an existing metrics config-map by uncommenting the below line
+  # existingMetricsConfig: sample-metrics-configmap. Refer to the ./templates/metricsconfigmap.yaml for the structure of metrics configmap.

 ## Deployment update strategy
 ## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
--- a/cmd/kyverno/main.go
+++ b/cmd/kyverno/main.go
@ -113,20 +113,6 @@ func main() {
 		}()
 	}

-	if !disableMetricsExport {
-		promConfig = metrics.NewPromConfig()
-		metricsServerMux = http.NewServeMux()
-		metricsServerMux.Handle("/metrics", promhttp.HandlerFor(promConfig.MetricsRegistry, promhttp.HandlerOpts{Timeout: 10 * time.Second}))
-		metricsAddr := ":" + metricsPort
-		go func() {
-			setupLog.Info("enabling metrics service", "address", metricsAddr)
-			if err := http.ListenAndServe(metricsAddr, metricsServerMux); err != nil {
-				setupLog.Error(err, "failed to enable metrics service", "address", metricsAddr)
-				os.Exit(1)
-			}
-		}()
-	}
-
 	// KYVERNO CRD CLIENT
 	// access CRD resources
 	//		- ClusterPolicy, Policy
@ -253,6 +239,33 @@ func main() {
 		log.Log.WithName("ConfigData"),
 	)

+	metricsConfigData, err := config.NewMetricsConfigData(
+		kubeClient,
+		log.Log.WithName("MetricsConfigData"),
+	)
+	if err != nil {
+		setupLog.Error(err, "failed to fetch metrics config")
+		os.Exit(1)
+	}
+
+	if !disableMetricsExport {
+		promConfig, err = metrics.NewPromConfig(metricsConfigData, log.Log.WithName("MetricsConfig"))
+		if err != nil {
+			setupLog.Error(err, "failed to setup Prometheus metric configuration")
+			os.Exit(1)
+		}
+		metricsServerMux = http.NewServeMux()
+		metricsServerMux.Handle("/metrics", promhttp.HandlerFor(promConfig.MetricsRegistry, promhttp.HandlerOpts{Timeout: 10 * time.Second}))
+		metricsAddr := ":" + metricsPort
+		go func() {
+			setupLog.Info("enabling metrics service", "address", metricsAddr)
+			if err := http.ListenAndServe(metricsAddr, metricsServerMux); err != nil {
+				setupLog.Error(err, "failed to enable metrics service", "address", metricsAddr)
+				os.Exit(1)
+			}
+		}()
+	}
+
 	// POLICY CONTROLLER
 	// - reconciliation policy and policy violation
 	// - process policy on existing resources
--- a/definitions/install.yaml
+++ b/definitions/install.yaml
--- a/definitions/install_debug.yaml
+++ b/definitions/install_debug.yaml
--- a/definitions/k8s-resource/kustomization.yaml
+++ b/definitions/k8s-resource/kustomization.yaml
@ -5,5 +5,6 @@ resources:
 - ./clusterroles.yaml
 - ./clusterrolebindings.yaml
 - ./configmap.yaml
+- ./metricsconfigmap.yaml
 - ./service.yaml
 - ./serviceaccount.yaml
--- a/definitions/k8s-resource/metricsconfigmap.yaml
+++ b/definitions/k8s-resource/metricsconfigmap.yaml
@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  metricsRefreshInterval: 24h
+  namespaces: '{"exclude":[],"include":[]}'
+kind: ConfigMap
+metadata:
+  labels:
+    app: kyverno
+  name: kyverno-metrics
+  namespace: kyverno
--- a/definitions/manifest/deployment.yaml
+++ b/definitions/manifest/deployment.yaml
@ -43,6 +43,9 @@ spec:
            capabilities:
              drop:
                - all
+          env:
+            - name: METRICS_CONFIG
+              value: kyverno-metrics
      containers:
        - name: kyverno
          image: ghcr.io/kyverno/kyverno:latest
@ -66,6 +69,8 @@ spec:
          env:
            - name: INIT_CONFIG
              value: init-config
+            - name: METRICS_CONFIG
+              value: kyverno-metrics
            - name: KYVERNO_NAMESPACE
              valueFrom:
                fieldRef:
@ -91,7 +96,7 @@ spec:
              path: /health/liveness
              port: 9443
              scheme: HTTPS
-            initialDelaySeconds: 10
+            initialDelaySeconds: 15
            periodSeconds: 30
            timeoutSeconds: 5
            failureThreshold: 2
--- a/go.mod
+++ b/go.mod
@ -30,6 +30,7 @@ require (
 	github.com/patrickmn/go-cache v2.1.0+incompatible
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.11.0
+	github.com/robfig/cron/v3 v3.0.1
 	github.com/sigstore/cosign v1.1.0
 	github.com/sigstore/sigstore v0.0.0-20210729211320-56a91f560f44
 	github.com/spf13/cobra v1.2.1
--- a/go.sum
+++ b/go.sum
@ -481,9 +481,6 @@ github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8l
 github.com/devigned/tab v0.1.1/go.mod h1:XG9mPq0dFghrYvoBF3xdRrJzSTX1b7IQrvaL9mzjeJY=
 github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgryski/go-gk v0.0.0-20140819190930-201884a44051/go.mod h1:qm+vckxRlDt0aOla0RYJJVeqHZlWfOm2UIxHaqPB46E=
-github.com/dgryski/go-gk v0.0.0-20200319235926-a69029f61654/go.mod h1:qm+vckxRlDt0aOla0RYJJVeqHZlWfOm2UIxHaqPB46E=
-github.com/dgryski/go-lttb v0.0.0-20180810165845-318fcdf10a77/go.mod h1:Va5MyIzkU0rAM92tn3hb3Anb7oz7KcnixF49+2wOMe4=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
@ -1493,6 +1490,8 @@ github.com/rcrowley/go-metrics v0.0.0-20190704165056-9c2d0518ed81/go.mod h1:bCqn
 github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M=
 github.com/rjeczalik/notify v0.9.2/go.mod h1:aErll2f0sUX9PXZnVNyeiObbmTlk5jnMoCa4QEjJeqM=
+github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
+github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
--- a/pkg/config/metricsconfig.go
+++ b/pkg/config/metricsconfig.go
@ -0,0 +1,106 @@
+package config
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/go-logr/logr"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+)
+
+// read the conifgMap with name in env:METRICS_CONFIG
+// this configmap stores the information associated with Kyverno's metrics exposure
+const metricsCmName string = "METRICS_CONFIG"
+
+// MetricsConfigData stores the metrics-related configuration
+type MetricsConfigData struct {
+	client        kubernetes.Interface
+	cmName        string
+	metricsConfig MetricsConfig
+	log           logr.Logger
+}
+
+type MetricsConfig struct {
+	namespaces             namespacesConfig
+	metricsRefreshInterval time.Duration
+}
+
+type namespacesConfig struct {
+	IncludeNamespaces []string `json:"include,omitempty"`
+	ExcludeNamespaces []string `json:"exclude,omitempty"`
+}
+
+// GetExcludeNamespaces returns the namespaces to ignore for metrics exposure
+func (mcd *MetricsConfigData) GetExcludeNamespaces() []string {
+	return mcd.metricsConfig.namespaces.ExcludeNamespaces
+}
+
+// GetIncludeNamespaces returns the namespaces to specifically consider for metrics exposure
+func (mcd *MetricsConfigData) GetIncludeNamespaces() []string {
+	return mcd.metricsConfig.namespaces.IncludeNamespaces
+}
+
+func (mcd *MetricsConfigData) GetMetricsRefreshInterval() time.Duration {
+	return mcd.metricsConfig.metricsRefreshInterval
+}
+
+func (mcd *MetricsConfigData) GetMetricsConfigMapName() string {
+	return mcd.cmName
+}
+
+// NewMetricsConfigData ...
+func NewMetricsConfigData(rclient kubernetes.Interface, log logr.Logger) (*MetricsConfigData, error) {
+	// environment var is read at start only
+	if metricsCmName == "" {
+		log.Info("ConfigMap name not defined in env:METRICS_CONFIG: loading no default configuration")
+	}
+
+	mcd := MetricsConfigData{
+		client: rclient,
+		cmName: os.Getenv(metricsCmName),
+		log:    log,
+	}
+
+	kyvernoNamespace := getKyvernoNameSpace()
+	configMap, err := rclient.CoreV1().ConfigMaps(kyvernoNamespace).Get(context.TODO(), mcd.cmName, metav1.GetOptions{})
+	if err != nil {
+		return nil, fmt.Errorf("error occurred while fetching the metrics configmap at %s/%s: %w", kyvernoNamespace, mcd.cmName, err)
+	}
+	// parsing namespace-related config from the config map
+	namespacesConfigStr, found := configMap.Data["namespaces"]
+	if !found {
+		mcd.metricsConfig.namespaces.IncludeNamespaces = []string{}
+		mcd.metricsConfig.namespaces.ExcludeNamespaces = []string{}
+	} else {
+		mcd.metricsConfig.namespaces.IncludeNamespaces, mcd.metricsConfig.namespaces.ExcludeNamespaces, err = parseIncludeExcludeNamespacesFromNamespacesConfig(namespacesConfigStr)
+		if err != nil {
+			return nil, fmt.Errorf("error occurred while parsing the 'namespaces' field of metrics config map: %w", err)
+		}
+	}
+
+	// parsing metricsRefreshInterval from the config map
+	metricsRefreshInterval, found := configMap.Data["metricsRefreshInterval"]
+	if found {
+		mcd.metricsConfig.metricsRefreshInterval, err = time.ParseDuration(metricsRefreshInterval)
+		if err != nil {
+			return nil, fmt.Errorf("error occurred while parsing metricsRefreshInterval: %w", err)
+		}
+	} else {
+		mcd.metricsConfig.metricsRefreshInterval = 0
+	}
+
+	return &mcd, nil
+}
+
+func parseIncludeExcludeNamespacesFromNamespacesConfig(jsonStr string) ([]string, []string, error) {
+	var namespacesConfigObject *namespacesConfig
+	err := json.Unmarshal([]byte(jsonStr), &namespacesConfigObject)
+	if err != nil {
+		return nil, nil, err
+	}
+	return namespacesConfigObject.IncludeNamespaces, namespacesConfigObject.ExcludeNamespaces, nil
+}
--- a/pkg/metrics/admissionrequests/admissionRequests.go
+++ b/pkg/metrics/admissionrequests/admissionRequests.go
@ -1,16 +1,27 @@
 package admissionrequests

 import (
+	"fmt"
+
 	"github.com/kyverno/kyverno/pkg/engine/response"
 	"github.com/kyverno/kyverno/pkg/metrics"
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerAdmissionRequestsMetric(
+func (pc PromConfig) registerAdmissionRequestsMetric(
 	resourceKind, resourceNamespace string,
 	resourceRequestOperation metrics.ResourceRequestOperation,
 ) error {
-	pm.AdmissionRequests.With(prom.Labels{
+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (resourceNamespace != "" && resourceNamespace != "-") && metrics.ElementInSlice(resourceNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_admission_requests_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
+		return nil
+	}
+	if (resourceNamespace != "" && resourceNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(resourceNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_admission_requests_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
+		return nil
+	}
+	pc.Metrics.AdmissionRequests.With(prom.Labels{
 		"resource_kind":              resourceKind,
 		"resource_namespace":         resourceNamespace,
 		"resource_request_operation": string(resourceRequestOperation),
@ -18,7 +29,7 @@ func (pm PromMetrics) registerAdmissionRequestsMetric(
 	return nil
 }

-func (pm PromMetrics) ProcessEngineResponses(engineResponses []*response.EngineResponse, resourceRequestOperation metrics.ResourceRequestOperation) error {
+func (pc PromConfig) ProcessEngineResponses(engineResponses []*response.EngineResponse, resourceRequestOperation metrics.ResourceRequestOperation) error {
 	if len(engineResponses) == 0 {
 		return nil
 	}
@ -48,5 +59,5 @@ func (pm PromMetrics) ProcessEngineResponses(engineResponses []*response.EngineR
 	if totalValidateRulesCount+totalMutateRulesCount+totalGenerateRulesCount == 0 {
 		return nil
 	}
-	return pm.registerAdmissionRequestsMetric(resourceKind, resourceNamespace, resourceRequestOperation)
+	return pc.registerAdmissionRequestsMetric(resourceKind, resourceNamespace, resourceRequestOperation)
 }
--- a/pkg/metrics/admissionrequests/parsers.go
+++ b/pkg/metrics/admissionrequests/parsers.go
@ -9,6 +9,10 @@ func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }

+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
+
 func ParseResourceRequestOperation(requestOperationStr string) (metrics.ResourceRequestOperation, error) {
 	switch requestOperationStr {
 	case "CREATE":
--- a/pkg/metrics/admissionrequests/types.go
+++ b/pkg/metrics/admissionrequests/types.go
@ -5,3 +5,5 @@ import (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/metrics/admissionreviewduration/admissionReviewDuration.go
+++ b/pkg/metrics/admissionreviewduration/admissionReviewDuration.go
@ -1,17 +1,28 @@
 package admissionreviewduration

 import (
+	"fmt"
+
 	"github.com/kyverno/kyverno/pkg/engine/response"
 	"github.com/kyverno/kyverno/pkg/metrics"
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerAdmissionReviewDurationMetric(
+func (pc PromConfig) registerAdmissionReviewDurationMetric(
 	resourceKind, resourceNamespace string,
 	resourceRequestOperation metrics.ResourceRequestOperation,
 	admissionRequestLatency float64,
 ) error {
-	pm.AdmissionReviewDuration.With(prom.Labels{
+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (resourceNamespace != "" && resourceNamespace != "-") && metrics.ElementInSlice(resourceNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_admission_review_duration_seconds metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
+		return nil
+	}
+	if (resourceNamespace != "" && resourceNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(resourceNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_admission_review_duration_seconds metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
+		return nil
+	}
+	pc.Metrics.AdmissionReviewDuration.With(prom.Labels{
 		"resource_kind":              resourceKind,
 		"resource_namespace":         resourceNamespace,
 		"resource_request_operation": string(resourceRequestOperation),
@ -19,7 +30,7 @@ func (pm PromMetrics) registerAdmissionReviewDurationMetric(
 	return nil
 }

-func (pm PromMetrics) ProcessEngineResponses(engineResponses []*response.EngineResponse, admissionReviewLatencyDuration int64, resourceRequestOperation metrics.ResourceRequestOperation) error {
+func (pc PromConfig) ProcessEngineResponses(engineResponses []*response.EngineResponse, admissionReviewLatencyDuration int64, resourceRequestOperation metrics.ResourceRequestOperation) error {
 	if len(engineResponses) == 0 {
 		return nil
 	}
@ -50,5 +61,5 @@ func (pm PromMetrics) ProcessEngineResponses(engineResponses []*response.EngineR
 		return nil
 	}
 	admissionReviewLatencyDurationInSeconds := float64(admissionReviewLatencyDuration) / float64(1000*1000*1000)
-	return pm.registerAdmissionReviewDurationMetric(resourceKind, resourceNamespace, resourceRequestOperation, admissionReviewLatencyDurationInSeconds)
+	return pc.registerAdmissionReviewDurationMetric(resourceKind, resourceNamespace, resourceRequestOperation, admissionReviewLatencyDurationInSeconds)
 }
--- a/pkg/metrics/admissionreviewduration/parsers.go
+++ b/pkg/metrics/admissionreviewduration/parsers.go
@ -10,6 +10,10 @@ func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }

+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
+
 func ParseResourceRequestOperation(requestOperationStr string) (metrics.ResourceRequestOperation, error) {
 	switch requestOperationStr {
 	case "CREATE":
--- a/pkg/metrics/admissionreviewduration/types.go
+++ b/pkg/metrics/admissionreviewduration/types.go
@ -5,3 +5,5 @@ import (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/metrics/helpers.go
+++ b/pkg/metrics/helpers.go
@ -0,0 +1,10 @@
+package metrics
+
+func ElementInSlice(element string, slice []string) bool {
+	for _, v := range slice {
+		if v == element {
+			return true
+		}
+	}
+	return false
+}
--- a/pkg/metrics/metrics.go
+++ b/pkg/metrics/metrics.go
@ -1,12 +1,20 @@
 package metrics

 import (
+	"fmt"
+
+	"github.com/go-logr/logr"
+	"github.com/kyverno/kyverno/pkg/config"
 	prom "github.com/prometheus/client_golang/prometheus"
+	"github.com/robfig/cron/v3"
 )

 type PromConfig struct {
 	MetricsRegistry *prom.Registry
 	Metrics         *PromMetrics
+	Config          *config.MetricsConfigData
+	Log             logr.Logger
+	cron            *cron.Cron
 }

 type PromMetrics struct {
@ -18,10 +26,12 @@ type PromMetrics struct {
 	AdmissionRequests       *prom.CounterVec
 }

-func NewPromConfig() *PromConfig {
+func NewPromConfig(metricsConfigData *config.MetricsConfigData, log logr.Logger) (*PromConfig, error) {
 	pc := new(PromConfig)
-
+	pc.Config = metricsConfigData
+	pc.cron = cron.New()
 	pc.MetricsRegistry = prom.NewRegistry()
+	pc.Log = log

 	policyResultsLabels := []string{
 		"policy_validation_mode", "policy_type", "policy_background_mode", "policy_name", "policy_namespace",
@ -109,5 +119,28 @@ func NewPromConfig() *PromConfig {
 	pc.MetricsRegistry.MustRegister(pc.Metrics.AdmissionReviewDuration)
 	pc.MetricsRegistry.MustRegister(pc.Metrics.AdmissionRequests)

-	return pc
+	// configuring metrics periodic refresh
+	if pc.Config.GetMetricsRefreshInterval() != 0 {
+		if len(pc.cron.Entries()) > 0 {
+			pc.Log.Info("Skipping the configuration of metrics refresh. Already found cron expiration to be set.")
+		} else {
+			_, err := pc.cron.AddFunc(fmt.Sprintf("@every %s", pc.Config.GetMetricsRefreshInterval()), func() {
+				pc.Log.Info("Resetting the metrics as per their periodic refresh")
+				pc.Metrics.PolicyResults.Reset()
+				pc.Metrics.PolicyRuleInfo.Reset()
+				pc.Metrics.PolicyChanges.Reset()
+				pc.Metrics.PolicyExecutionDuration.Reset()
+				pc.Metrics.AdmissionReviewDuration.Reset()
+				pc.Metrics.AdmissionRequests.Reset()
+			})
+			if err != nil {
+				return nil, err
+			}
+			log.Info(fmt.Sprintf("Configuring metrics refresh at a periodic rate of %s", pc.Config.GetMetricsRefreshInterval()))
+			pc.cron.Start()
+		}
+	} else {
+		pc.Log.Info("Skipping the configuration of metrics refresh as 'metricsRefreshInterval' wasn't specified in values.yaml at the time of installing kyverno")
+	}
+	return pc, nil
 }
--- a/pkg/metrics/policychanges/parsers.go
+++ b/pkg/metrics/policychanges/parsers.go
@ -7,3 +7,7 @@ import (
 func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }
+
+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
--- a/pkg/metrics/policychanges/policyChanges.go
+++ b/pkg/metrics/policychanges/policyChanges.go
@ -8,7 +8,7 @@ import (
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerPolicyChangesMetric(
+func (pc PromConfig) registerPolicyChangesMetric(
 	policyValidationMode metrics.PolicyValidationMode,
 	policyType metrics.PolicyType,
 	policyBackgroundMode metrics.PolicyBackgroundMode,
@ -18,7 +18,16 @@ func (pm PromMetrics) registerPolicyChangesMetric(
 	if policyType == metrics.Cluster {
 		policyNamespace = "-"
 	}
-	pm.PolicyChanges.With(prom.Labels{
+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (policyNamespace != "" && policyNamespace != "-") && metrics.ElementInSlice(policyNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_changes_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", policyNamespace, excludeNamespaces))
+		return nil
+	}
+	if (policyNamespace != "" && policyNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(policyNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_changes_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", policyNamespace, includeNamespaces))
+		return nil
+	}
+	pc.Metrics.PolicyChanges.With(prom.Labels{
 		"policy_validation_mode": string(policyValidationMode),
 		"policy_type":            string(policyType),
 		"policy_background_mode": string(policyBackgroundMode),
@ -29,7 +38,7 @@ func (pm PromMetrics) registerPolicyChangesMetric(
 	return nil
 }

-func (pm PromMetrics) RegisterPolicy(policy interface{}, policyChangeType PolicyChangeType) error {
+func (pc PromConfig) RegisterPolicy(policy interface{}, policyChangeType PolicyChangeType) error {
 	switch inputPolicy := policy.(type) {
 	case *kyverno.ClusterPolicy:
 		policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
@ -40,7 +49,7 @@ func (pm PromMetrics) RegisterPolicy(policy interface{}, policyChangeType Policy
 		policyType := metrics.Cluster
 		policyNamespace := "" // doesn't matter for cluster policy
 		policyName := inputPolicy.ObjectMeta.Name
-		if err = pm.registerPolicyChangesMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, policyChangeType); err != nil {
+		if err = pc.registerPolicyChangesMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, policyChangeType); err != nil {
 			return err
 		}
 		return nil
@ -53,7 +62,7 @@ func (pm PromMetrics) RegisterPolicy(policy interface{}, policyChangeType Policy
 		policyType := metrics.Namespaced
 		policyNamespace := inputPolicy.ObjectMeta.Namespace
 		policyName := inputPolicy.ObjectMeta.Name
-		if err = pm.registerPolicyChangesMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, policyChangeType); err != nil {
+		if err = pc.registerPolicyChangesMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, policyChangeType); err != nil {
 			return err
 		}
 		return nil
--- a/pkg/metrics/policychanges/types.go
+++ b/pkg/metrics/policychanges/types.go
@ -13,3 +13,5 @@ const (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/metrics/policyexecutionduration/parsers.go
+++ b/pkg/metrics/policyexecutionduration/parsers.go
@ -11,6 +11,10 @@ func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }

+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
+
 func ParseRuleTypeFromEngineRuleResponse(rule response.RuleResponse) metrics.RuleType {
 	switch rule.Type {
 	case "Validation":
--- a/pkg/metrics/policyexecutionduration/policyExecutionDuration.go
+++ b/pkg/metrics/policyexecutionduration/policyExecutionDuration.go
@ -1,13 +1,15 @@
 package policyexecutionduration

 import (
+	"fmt"
+
 	kyverno "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
 	"github.com/kyverno/kyverno/pkg/engine/response"
 	"github.com/kyverno/kyverno/pkg/metrics"
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerPolicyExecutionDurationMetric(
+func (pc PromConfig) registerPolicyExecutionDurationMetric(
 	policyValidationMode metrics.PolicyValidationMode,
 	policyType metrics.PolicyType,
 	policyBackgroundMode metrics.PolicyBackgroundMode,
@ -27,7 +29,16 @@ func (pm PromMetrics) registerPolicyExecutionDurationMetric(
 	if ruleType != metrics.Generate || generateRuleLatencyType == "" {
 		generateRuleLatencyType = "-"
 	}
-	pm.PolicyExecutionDuration.With(prom.Labels{
+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (resourceNamespace != "" && resourceNamespace != "-") && metrics.ElementInSlice(resourceNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_execution_duration_seconds metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
+		return nil
+	}
+	if (resourceNamespace != "" && resourceNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(resourceNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_execution_duration_seconds metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
+		return nil
+	}
+	pc.Metrics.PolicyExecutionDuration.With(prom.Labels{
 		"policy_validation_mode":     string(policyValidationMode),
 		"policy_type":                string(policyType),
 		"policy_background_mode":     string(policyBackgroundMode),
@ -47,7 +58,7 @@ func (pm PromMetrics) registerPolicyExecutionDurationMetric(

 //policy - policy related data
 //engineResponse - resource and rule related data
-func (pm PromMetrics) ProcessEngineResponse(policy kyverno.ClusterPolicy, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, generateRuleLatencyType string, resourceRequestOperation metrics.ResourceRequestOperation) error {
+func (pc PromConfig) ProcessEngineResponse(policy kyverno.ClusterPolicy, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, generateRuleLatencyType string, resourceRequestOperation metrics.ResourceRequestOperation) error {

 	policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.Spec.ValidationFailureAction)
 	if err != nil {
@ -79,7 +90,7 @@ func (pm PromMetrics) ProcessEngineResponse(policy kyverno.ClusterPolicy, engine

 		ruleExecutionLatencyInSeconds := float64(rule.RuleStats.ProcessingTime) / float64(1000*1000*1000)

-		if err := pm.registerPolicyExecutionDurationMetric(
+		if err := pc.registerPolicyExecutionDurationMetric(
 			policyValidationMode,
 			policyType,
 			policyBackgroundMode,
--- a/pkg/metrics/policyexecutionduration/types.go
+++ b/pkg/metrics/policyexecutionduration/types.go
@ -5,3 +5,5 @@ import (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/metrics/policyresults/parsers.go
+++ b/pkg/metrics/policyresults/parsers.go
@ -11,6 +11,10 @@ func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }

+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
+
 func ParseRuleTypeFromEngineRuleResponse(rule response.RuleResponse) metrics.RuleType {
 	switch rule.Type {
 	case "Validation":
--- a/pkg/metrics/policyresults/policyResults.go
+++ b/pkg/metrics/policyresults/policyResults.go
@ -1,13 +1,15 @@
 package policyresults

 import (
+	"fmt"
+
 	kyverno "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
 	"github.com/kyverno/kyverno/pkg/engine/response"
 	"github.com/kyverno/kyverno/pkg/metrics"
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerPolicyResultsMetric(
+func (pc PromConfig) registerPolicyResultsMetric(
 	policyValidationMode metrics.PolicyValidationMode,
 	policyType metrics.PolicyType,
 	policyBackgroundMode metrics.PolicyBackgroundMode,
@ -22,7 +24,16 @@ func (pm PromMetrics) registerPolicyResultsMetric(
 	if policyType == metrics.Cluster {
 		policyNamespace = "-"
 	}
-	pm.PolicyResults.With(prom.Labels{
+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (resourceNamespace != "" && resourceNamespace != "-") && metrics.ElementInSlice(resourceNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_results_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
+		return nil
+	}
+	if (resourceNamespace != "" && resourceNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(resourceNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_results_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
+		return nil
+	}
+	pc.Metrics.PolicyResults.With(prom.Labels{
 		"policy_validation_mode":     string(policyValidationMode),
 		"policy_type":                string(policyType),
 		"policy_background_mode":     string(policyBackgroundMode),
@ -41,8 +52,7 @@ func (pm PromMetrics) registerPolicyResultsMetric(

 //policy - policy related data
 //engineResponse - resource and rule related data
-func (pm PromMetrics) ProcessEngineResponse(policy kyverno.ClusterPolicy, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
-
+func (pc PromConfig) ProcessEngineResponse(policy kyverno.ClusterPolicy, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
 	policyValidationMode, err := metrics.ParsePolicyValidationMode(policy.Spec.ValidationFailureAction)
 	if err != nil {
 		return err
@ -71,7 +81,7 @@ func (pm PromMetrics) ProcessEngineResponse(policy kyverno.ClusterPolicy, engine
 			ruleResult = metrics.Pass
 		}

-		if err := pm.registerPolicyResultsMetric(
+		if err := pc.registerPolicyResultsMetric(
 			policyValidationMode,
 			policyType,
 			policyBackgroundMode,
--- a/pkg/metrics/policyresults/types.go
+++ b/pkg/metrics/policyresults/types.go
@ -5,3 +5,5 @@ import (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/metrics/policyruleinfo/parsers.go
+++ b/pkg/metrics/policyruleinfo/parsers.go
@ -19,3 +19,7 @@ func ParsePolicyRuleInfoMetricChangeType(change string) (PolicyRuleInfoMetricCha
 func ParsePromMetrics(pm metrics.PromMetrics) PromMetrics {
 	return PromMetrics(pm)
 }
+
+func ParsePromConfig(pc metrics.PromConfig) PromConfig {
+	return PromConfig(pc)
+}
--- a/pkg/metrics/policyruleinfo/policyRuleInfo.go
+++ b/pkg/metrics/policyruleinfo/policyRuleInfo.go
@ -8,7 +8,7 @@ import (
 	prom "github.com/prometheus/client_golang/prometheus"
 )

-func (pm PromMetrics) registerPolicyRuleInfoMetric(
+func (pc PromConfig) registerPolicyRuleInfoMetric(
 	policyValidationMode metrics.PolicyValidationMode,
 	policyType metrics.PolicyType,
 	policyBackgroundMode metrics.PolicyBackgroundMode,
@ -26,11 +26,21 @@ func (pm PromMetrics) registerPolicyRuleInfoMetric(
 		return fmt.Errorf("unknown metric change type found:  %s", metricChangeType)
 	}

+	includeNamespaces, excludeNamespaces := pc.Config.GetIncludeNamespaces(), pc.Config.GetExcludeNamespaces()
+	if (policyNamespace != "" && policyNamespace != "-") && metrics.ElementInSlice(policyNamespace, excludeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", policyNamespace, excludeNamespaces))
+		return nil
+	}
+	if (policyNamespace != "" && policyNamespace != "-") && len(includeNamespaces) > 0 && !metrics.ElementInSlice(policyNamespace, includeNamespaces) {
+		pc.Log.Info(fmt.Sprintf("Skipping the registration of kyverno_policy_rule_info_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", policyNamespace, includeNamespaces))
+		return nil
+	}
+
 	if policyType == metrics.Cluster {
 		policyNamespace = "-"
 	}

-	pm.PolicyRuleInfo.With(prom.Labels{
+	pc.Metrics.PolicyRuleInfo.With(prom.Labels{
 		"policy_validation_mode": string(policyValidationMode),
 		"policy_type":            string(policyType),
 		"policy_background_mode": string(policyBackgroundMode),
@ -43,7 +53,7 @@ func (pm PromMetrics) registerPolicyRuleInfoMetric(
 	return nil
 }

-func (pm PromMetrics) AddPolicy(policy interface{}) error {
+func (pc PromConfig) AddPolicy(policy interface{}) error {
 	switch inputPolicy := policy.(type) {
 	case *kyverno.ClusterPolicy:
 		policyValidationMode, err := metrics.ParsePolicyValidationMode(inputPolicy.Spec.ValidationFailureAction)
@ -59,7 +69,7 @@ func (pm PromMetrics) AddPolicy(policy interface{}) error {
 			ruleName := rule.Name
 			ruleType := metrics.ParseRuleType(rule)

-			if err = pm.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleCreated); err != nil {
+			if err = pc.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleCreated); err != nil {
 				return err
 			}
 		}
@ -78,7 +88,7 @@ func (pm PromMetrics) AddPolicy(policy interface{}) error {
 			ruleName := rule.Name
 			ruleType := metrics.ParseRuleType(rule)

-			if err = pm.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleCreated); err != nil {
+			if err = pc.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleCreated); err != nil {
 				return err
 			}
 		}
@ -88,7 +98,7 @@ func (pm PromMetrics) AddPolicy(policy interface{}) error {
 	}
 }

-func (pm PromMetrics) RemovePolicy(policy interface{}) error {
+func (pc PromConfig) RemovePolicy(policy interface{}) error {
 	switch inputPolicy := policy.(type) {
 	case *kyverno.ClusterPolicy:
 		for _, rule := range inputPolicy.Spec.Rules {
@ -103,7 +113,7 @@ func (pm PromMetrics) RemovePolicy(policy interface{}) error {
 			ruleName := rule.Name
 			ruleType := metrics.ParseRuleType(rule)

-			if err = pm.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleDeleted); err != nil {
+			if err = pc.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleDeleted); err != nil {
 				return err
 			}
 		}
@ -121,7 +131,7 @@ func (pm PromMetrics) RemovePolicy(policy interface{}) error {
 			ruleName := rule.Name
 			ruleType := metrics.ParseRuleType(rule)

-			if err = pm.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleDeleted); err != nil {
+			if err = pc.registerPolicyRuleInfoMetric(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, PolicyRuleDeleted); err != nil {
 				return err
 			}
 		}
--- a/pkg/metrics/policyruleinfo/types.go
+++ b/pkg/metrics/policyruleinfo/types.go
@ -12,3 +12,5 @@ const (
 )

 type PromMetrics metrics.PromMetrics
+
+type PromConfig metrics.PromConfig
--- a/pkg/policy/existing.go
+++ b/pkg/policy/existing.go
@ -100,13 +100,13 @@ func (pc *PolicyController) applyAndReportPerNamespace(policy *kyverno.ClusterPo
 }

 func (pc *PolicyController) registerPolicyResultsMetricValidation(logger logr.Logger, policy kyverno.ClusterPolicy, engineResponse response.EngineResponse) {
-	if err := policyResults.ParsePromMetrics(*pc.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
+	if err := policyResults.ParsePromConfig(*pc.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
 }

 func (pc *PolicyController) registerPolicyExecutionDurationMetricValidate(logger logr.Logger, policy kyverno.ClusterPolicy, engineResponse response.EngineResponse) {
-	if err := policyExecutionDuration.ParsePromMetrics(*pc.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.BackgroundScan, "", metrics.ResourceCreated); err != nil {
+	if err := policyExecutionDuration.ParsePromConfig(*pc.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.BackgroundScan, "", metrics.ResourceCreated); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
 }
--- a/pkg/policy/validate_controller.go
+++ b/pkg/policy/validate_controller.go
@ -198,7 +198,7 @@ func (pc *PolicyController) canBackgroundProcess(p *kyverno.ClusterPolicy) bool
 }

 func (pc *PolicyController) registerPolicyRuleInfoMetricAddPolicy(logger logr.Logger, p *kyverno.ClusterPolicy) {
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).AddPolicy(p)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).AddPolicy(p)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's creation", "name", p.Name)
 	}
@ -206,26 +206,26 @@ func (pc *PolicyController) registerPolicyRuleInfoMetricAddPolicy(logger logr.Lo

 func (pc *PolicyController) registerPolicyRuleInfoMetricUpdatePolicy(logger logr.Logger, oldP, curP *kyverno.ClusterPolicy) {
 	// removing the old rules associated metrics
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).RemovePolicy(oldP)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).RemovePolicy(oldP)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 	// adding the new rules associated metrics
-	err = policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).AddPolicy(curP)
+	err = policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).AddPolicy(curP)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 }

 func (pc *PolicyController) registerPolicyRuleInfoMetricDeletePolicy(logger logr.Logger, p *kyverno.ClusterPolicy) {
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).RemovePolicy(p)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).RemovePolicy(p)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's deletion", "name", p.Name)
 	}
 }

 func (pc *PolicyController) registerPolicyChangesMetricAddPolicy(logger logr.Logger, p *kyverno.ClusterPolicy) {
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(p, policyChangesMetric.PolicyCreated)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(p, policyChangesMetric.PolicyCreated)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's creation", "name", p.Name)
 	}
@ -235,13 +235,13 @@ func (pc *PolicyController) registerPolicyChangesMetricUpdatePolicy(logger logr.
 	if reflect.DeepEqual((*oldP).Spec, (*curP).Spec) {
 		return
 	}
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(oldP, policyChangesMetric.PolicyUpdated)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(oldP, policyChangesMetric.PolicyUpdated)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 	// curP will require a new kyverno_policy_changes_total metric if the above update involved change in the following fields:
 	if curP.Spec.Background != oldP.Spec.Background || curP.Spec.ValidationFailureAction != oldP.Spec.ValidationFailureAction {
-		err = policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(curP, policyChangesMetric.PolicyUpdated)
+		err = policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(curP, policyChangesMetric.PolicyUpdated)
 		if err != nil {
 			logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", curP.Name)
 		}
@ -249,7 +249,7 @@ func (pc *PolicyController) registerPolicyChangesMetricUpdatePolicy(logger logr.
 }

 func (pc *PolicyController) registerPolicyChangesMetricDeletePolicy(logger logr.Logger, p *kyverno.ClusterPolicy) {
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(p, policyChangesMetric.PolicyDeleted)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(p, policyChangesMetric.PolicyDeleted)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's deletion", "name", p.Name)
 	}
@ -354,7 +354,7 @@ func (pc *PolicyController) deletePolicy(obj interface{}) {
 }

 func (pc *PolicyController) registerPolicyRuleInfoMetricAddNsPolicy(logger logr.Logger, p *kyverno.Policy) {
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).AddPolicy(p)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).AddPolicy(p)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's creation", "name", p.Name)
 	}
@ -362,26 +362,26 @@ func (pc *PolicyController) registerPolicyRuleInfoMetricAddNsPolicy(logger logr.

 func (pc *PolicyController) registerPolicyRuleInfoMetricUpdateNsPolicy(logger logr.Logger, oldP, curP *kyverno.Policy) {
 	// removing the old rules associated metrics
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).RemovePolicy(oldP)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).RemovePolicy(oldP)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 	// adding the new rules associated metrics
-	err = policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).AddPolicy(curP)
+	err = policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).AddPolicy(curP)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 }

 func (pc *PolicyController) registerPolicyRuleInfoMetricDeleteNsPolicy(logger logr.Logger, p *kyverno.Policy) {
-	err := policyRuleInfoMetric.ParsePromMetrics(*pc.promConfig.Metrics).RemovePolicy(p)
+	err := policyRuleInfoMetric.ParsePromConfig(*pc.promConfig).RemovePolicy(p)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's deletion", "name", p.Name)
 	}
 }

 func (pc *PolicyController) registerPolicyChangesMetricAddNsPolicy(logger logr.Logger, p *kyverno.Policy) {
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(p, policyChangesMetric.PolicyCreated)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(p, policyChangesMetric.PolicyCreated)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's creation", "name", p.Name)
 	}
@ -391,13 +391,13 @@ func (pc *PolicyController) registerPolicyChangesMetricUpdateNsPolicy(logger log
 	if reflect.DeepEqual((*oldP).Spec, (*curP).Spec) {
 		return
 	}
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(oldP, policyChangesMetric.PolicyUpdated)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(oldP, policyChangesMetric.PolicyUpdated)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", oldP.Name)
 	}
 	// curP will require a new kyverno_policy_changes_total metric if the above update involved change in the following fields:
 	if curP.Spec.Background != oldP.Spec.Background || curP.Spec.ValidationFailureAction != oldP.Spec.ValidationFailureAction {
-		err = policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(curP, policyChangesMetric.PolicyUpdated)
+		err = policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(curP, policyChangesMetric.PolicyUpdated)
 		if err != nil {
 			logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", curP.Name)
 		}
@ -405,7 +405,7 @@ func (pc *PolicyController) registerPolicyChangesMetricUpdateNsPolicy(logger log
 }

 func (pc *PolicyController) registerPolicyChangesMetricDeleteNsPolicy(logger logr.Logger, p *kyverno.Policy) {
-	err := policyChangesMetric.ParsePromMetrics(*pc.promConfig.Metrics).RegisterPolicy(p, policyChangesMetric.PolicyDeleted)
+	err := policyChangesMetric.ParsePromConfig(*pc.promConfig).RegisterPolicy(p, policyChangesMetric.PolicyDeleted)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's deletion", "name", p.Name)
 	}
--- a/pkg/webhooks/generation.go
+++ b/pkg/webhooks/generation.go
@ -39,8 +39,8 @@ func (ws *WebhookServer) applyGeneratePolicies(request *v1beta1.AdmissionRequest
 	generateEngineResponsesSenderForAdmissionRequestsCountMetric := make(chan []*response.EngineResponse, 1)

 	go ws.handleGenerate(request, policies, policyContext.JSONContext, policyContext.AdmissionInfo, ws.configHandler, ts, &admissionReviewCompletionLatencyChannel, &generateEngineResponsesSenderForAdmissionReviewDurationMetric, &generateEngineResponsesSenderForAdmissionRequestsCountMetric)
-	go registerAdmissionReviewDurationMetricGenerate(logger, *ws.promConfig.Metrics, string(request.Operation), &admissionReviewCompletionLatencyChannel, &generateEngineResponsesSenderForAdmissionReviewDurationMetric)
-	go registerAdmissionRequestsMetricGenerate(logger, *ws.promConfig.Metrics, string(request.Operation), &generateEngineResponsesSenderForAdmissionRequestsCountMetric)
+	go registerAdmissionReviewDurationMetricGenerate(logger, *ws.promConfig, string(request.Operation), &admissionReviewCompletionLatencyChannel, &generateEngineResponsesSenderForAdmissionReviewDurationMetric)
+	go registerAdmissionRequestsMetricGenerate(logger, *ws.promConfig, string(request.Operation), &generateEngineResponsesSenderForAdmissionRequestsCountMetric)
 }

 //handleGenerate handles admission-requests for policies with generate rules
@ -132,7 +132,7 @@ func (ws *WebhookServer) registerPolicyResultsMetricGeneration(logger logr.Logge
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyResults.ParsePromMetrics(*ws.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
+	if err := policyResults.ParsePromConfig(*ws.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
 }
@ -142,7 +142,7 @@ func (ws *WebhookServer) registerPolicyExecutionDurationMetricGenerate(logger lo
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyExecutionDuration.ParsePromMetrics(*ws.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
+	if err := policyExecutionDuration.ParsePromConfig(*ws.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
 }
--- a/pkg/webhooks/mutation.go
+++ b/pkg/webhooks/mutation.go
@ -30,8 +30,8 @@ func (ws *WebhookServer) applyMutatePolicies(request *v1beta1.AdmissionRequest,
 	logger.V(6).Info("", "generated patches", string(mutatePatches))

 	admissionReviewLatencyDuration := int64(time.Since(time.Unix(ts, 0)))
-	go registerAdmissionReviewDurationMetricMutate(logger, *ws.promConfig.Metrics, string(request.Operation), mutateEngineResponses, admissionReviewLatencyDuration)
-	go registerAdmissionRequestsMetricMutate(logger, *ws.promConfig.Metrics, string(request.Operation), mutateEngineResponses)
+	go registerAdmissionReviewDurationMetricMutate(logger, *ws.promConfig, string(request.Operation), mutateEngineResponses, admissionReviewLatencyDuration)
+	go registerAdmissionRequestsMetricMutate(logger, *ws.promConfig, string(request.Operation), mutateEngineResponses)

 	return mutatePatches
 }
@ -162,7 +162,7 @@ func (ws *WebhookServer) registerPolicyResultsMetricMutation(logger logr.Logger,
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyResults.ParsePromMetrics(*ws.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
+	if err := policyResults.ParsePromConfig(*ws.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
 }
@ -172,7 +172,7 @@ func (ws *WebhookServer) registerPolicyExecutionDurationMetricMutate(logger logr
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyExecutionDuration.ParsePromMetrics(*ws.promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
+	if err := policyExecutionDuration.ParsePromConfig(*ws.promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
 }
--- a/pkg/webhooks/server.go
+++ b/pkg/webhooks/server.go
@ -432,27 +432,27 @@ func failureResponse(message string) *v1beta1.AdmissionResponse {
 	}
 }

-func registerAdmissionReviewDurationMetricMutate(logger logr.Logger, promMetrics metrics.PromMetrics, requestOperation string, engineResponses []*response.EngineResponse, admissionReviewLatencyDuration int64) {
+func registerAdmissionReviewDurationMetricMutate(logger logr.Logger, promConfig metrics.PromConfig, requestOperation string, engineResponses []*response.EngineResponse, admissionReviewLatencyDuration int64) {
 	resourceRequestOperationPromAlias, err := admissionReviewDuration.ParseResourceRequestOperation(requestOperation)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_review_duration_seconds metrics")
 	}
-	if err := admissionReviewDuration.ParsePromMetrics(promMetrics).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionReviewDuration.ParsePromConfig(promConfig).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_review_duration_seconds metrics")
 	}
 }

-func registerAdmissionRequestsMetricMutate(logger logr.Logger, promMetrics metrics.PromMetrics, requestOperation string, engineResponses []*response.EngineResponse) {
+func registerAdmissionRequestsMetricMutate(logger logr.Logger, promConfig metrics.PromConfig, requestOperation string, engineResponses []*response.EngineResponse) {
 	resourceRequestOperationPromAlias, err := admissionReviewDuration.ParseResourceRequestOperation(requestOperation)
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
-	if err := admissionRequests.ParsePromMetrics(promMetrics).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionRequests.ParsePromConfig(promConfig).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
 }

-func registerAdmissionReviewDurationMetricGenerate(logger logr.Logger, promMetrics metrics.PromMetrics, requestOperation string, latencyReceiver *chan int64, engineResponsesReceiver *chan []*response.EngineResponse) {
+func registerAdmissionReviewDurationMetricGenerate(logger logr.Logger, promConfig metrics.PromConfig, requestOperation string, latencyReceiver *chan int64, engineResponsesReceiver *chan []*response.EngineResponse) {
 	defer close(*latencyReceiver)
 	defer close(*engineResponsesReceiver)

@ -464,12 +464,12 @@ func registerAdmissionReviewDurationMetricGenerate(logger logr.Logger, promMetri
 	}
 	// this goroutine will keep on waiting here till it doesn't receive the admission review latency int64 from the other goroutine i.e. ws.HandleGenerate
 	admissionReviewLatencyDuration := <-(*latencyReceiver)
-	if err := admissionReviewDuration.ParsePromMetrics(promMetrics).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionReviewDuration.ParsePromConfig(promConfig).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_review_duration_seconds metrics")
 	}
 }

-func registerAdmissionRequestsMetricGenerate(logger logr.Logger, promMetrics metrics.PromMetrics, requestOperation string, engineResponsesReceiver *chan []*response.EngineResponse) {
+func registerAdmissionRequestsMetricGenerate(logger logr.Logger, promConfig metrics.PromConfig, requestOperation string, engineResponsesReceiver *chan []*response.EngineResponse) {
 	defer close(*engineResponsesReceiver)
 	engineResponses := <-(*engineResponsesReceiver)

@ -477,7 +477,7 @@ func registerAdmissionRequestsMetricGenerate(logger logr.Logger, promMetrics met
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
-	if err := admissionRequests.ParsePromMetrics(promMetrics).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionRequests.ParsePromConfig(promConfig).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
 }
--- a/pkg/webhooks/validation.go
+++ b/pkg/webhooks/validation.go
@ -141,7 +141,7 @@ func registerPolicyResultsMetricValidation(promConfig *metrics.PromConfig, logge
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyResults.ParsePromMetrics(*promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
+	if err := policyResults.ParsePromConfig(*promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.Name)
 	}
 }
@ -151,7 +151,7 @@ func registerPolicyExecutionDurationMetricValidate(promConfig *metrics.PromConfi
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
-	if err := policyExecutionDuration.ParsePromMetrics(*promConfig.Metrics).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
+	if err := policyExecutionDuration.ParsePromConfig(*promConfig).ProcessEngineResponse(policy, engineResponse, metrics.AdmissionRequest, "", resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.Name)
 	}
 }
@ -161,7 +161,7 @@ func registerAdmissionReviewDurationMetricValidate(promConfig *metrics.PromConfi
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_review_duration_seconds metrics")
 	}
-	if err := admissionReviewDuration.ParsePromMetrics(*promConfig.Metrics).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionReviewDuration.ParsePromConfig(*promConfig).ProcessEngineResponses(engineResponses, admissionReviewLatencyDuration, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_review_duration_seconds metrics")
 	}
 }
@ -171,7 +171,7 @@ func registerAdmissionRequestsMetricValidate(promConfig *metrics.PromConfig, log
 	if err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
-	if err := admissionRequests.ParsePromMetrics(*promConfig.Metrics).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
+	if err := admissionRequests.ParsePromConfig(*promConfig).ProcessEngineResponses(engineResponses, resourceRequestOperationPromAlias); err != nil {
 		logger.Error(err, "error occurred while registering kyverno_admission_requests_total metrics")
 	}
 }