mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-28 10:28:36 +00:00
feat: propagate context to the metrics package (#5479)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché
GitHub
parent
08447c108f
commit
dfded5cc60
20 changed files with 129 additions and 116 deletions
|
|
@ -38,12 +38,13 @@ const (
|
|||
resyncPeriod = 15 * time.Minute
|
||||
)
|
||||
|
||||
func setupMetrics(logger logr.Logger, kubeClient kubernetes.Interface) (*metrics.MetricsConfig, context.CancelFunc, error) {
|
||||
func setupMetrics(ctx context.Context, logger logr.Logger, kubeClient kubernetes.Interface) (*metrics.MetricsConfig, context.CancelFunc, error) {
|
||||
logger = logger.WithName("metrics")
|
||||
logger.Info("setup metrics...", "otel", otel, "port", metricsPort, "collector", otelCollector, "creds", transportCreds)
|
||||
metricsConfiguration := internal.GetMetricsConfiguration(logger, kubeClient)
|
||||
metricsAddr := ":" + metricsPort
|
||||
metricsConfig, metricsServerMux, metricsPusher, err := metrics.InitMetrics(
|
||||
ctx,
|
||||
disableMetricsExport,
|
||||
otel,
|
||||
metricsAddr,
|
||||
|
|
@ -105,7 +106,7 @@ func main() {
|
|||
// create raw client
|
||||
rawClient := internal.CreateKubernetesClient(logger)
|
||||
// setup metrics
|
||||
metricsConfig, metricsShutdown, err := setupMetrics(logger, rawClient)
|
||||
metricsConfig, metricsShutdown, err := setupMetrics(ctx, logger, rawClient)
|
||||
if err != nil {
|
||||
logger.Error(err, "failed to setup metrics")
|
||||
os.Exit(1)
|
||||
|
|
|
|||
|
|
@ -117,12 +117,13 @@ func parseFlags(config internal.Configuration) {
|
|||
flag.Parse()
|
||||
}
|
||||
|
||||
func setupMetrics(logger logr.Logger, kubeClient kubernetes.Interface) (*metrics.MetricsConfig, context.CancelFunc, error) {
|
||||
func setupMetrics(ctx context.Context, logger logr.Logger, kubeClient kubernetes.Interface) (*metrics.MetricsConfig, context.CancelFunc, error) {
|
||||
logger = logger.WithName("metrics")
|
||||
logger.Info("setup metrics...", "otel", otel, "port", metricsPort, "collector", otelCollector, "creds", transportCreds)
|
||||
metricsConfiguration := internal.GetMetricsConfiguration(logger, kubeClient)
|
||||
metricsAddr := ":" + metricsPort
|
||||
metricsConfig, metricsServerMux, metricsPusher, err := metrics.InitMetrics(
|
||||
ctx,
|
||||
disableMetricsExport,
|
||||
otel,
|
||||
metricsAddr,
|
||||
|
|
@ -425,8 +426,11 @@ func main() {
|
|||
internal.SetupProfiling(logger)
|
||||
// create raw client
|
||||
rawClient := internal.CreateKubernetesClient(logger)
|
||||
// setup signals
|
||||
signalCtx, signalCancel := internal.SetupSignals(logger)
|
||||
defer signalCancel()
|
||||
// setup metrics
|
||||
metricsConfig, metricsShutdown, err := setupMetrics(logger, rawClient)
|
||||
metricsConfig, metricsShutdown, err := setupMetrics(signalCtx, logger, rawClient)
|
||||
if err != nil {
|
||||
logger.Error(err, "failed to setup metrics")
|
||||
os.Exit(1)
|
||||
|
|
@ -434,9 +438,6 @@ func main() {
|
|||
if metricsShutdown != nil {
|
||||
defer metricsShutdown()
|
||||
}
|
||||
// setup signals
|
||||
signalCtx, signalCancel := internal.SetupSignals(logger)
|
||||
defer signalCancel()
|
||||
// create instrumented clients
|
||||
kubeClient := internal.CreateKubernetesClient(logger, kubeclient.WithMetrics(metricsConfig, metrics.KubeClient), kubeclient.WithTracing())
|
||||
leaderElectionClient := internal.CreateKubernetesClient(logger, kubeclient.WithMetrics(metricsConfig, metrics.KubeClient), kubeclient.WithTracing())
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
package policy
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
kyvernov1informers "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
|
||||
"github.com/kyverno/kyverno/pkg/metrics"
|
||||
|
|
@ -27,17 +29,17 @@ func NewController(metricsConfig *metrics.MetricsConfig, cpolInformer kyvernov1i
|
|||
func (c *controller) addPolicy(obj interface{}) {
|
||||
p := obj.(*kyvernov1.ClusterPolicy)
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricAddPolicy(logger, p)
|
||||
go c.registerPolicyRuleInfoMetricAddPolicy(context.TODO(), logger, p)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricAddPolicy(logger, p)
|
||||
go c.registerPolicyChangesMetricAddPolicy(context.TODO(), logger, p)
|
||||
}
|
||||
|
||||
func (c *controller) updatePolicy(old, cur interface{}) {
|
||||
oldP, curP := old.(*kyvernov1.ClusterPolicy), cur.(*kyvernov1.ClusterPolicy)
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricUpdatePolicy(logger, oldP, curP)
|
||||
go c.registerPolicyRuleInfoMetricUpdatePolicy(context.TODO(), logger, oldP, curP)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricUpdatePolicy(logger, oldP, curP)
|
||||
go c.registerPolicyChangesMetricUpdatePolicy(context.TODO(), logger, oldP, curP)
|
||||
}
|
||||
|
||||
func (c *controller) deletePolicy(obj interface{}) {
|
||||
|
|
@ -47,25 +49,25 @@ func (c *controller) deletePolicy(obj interface{}) {
|
|||
return
|
||||
}
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricDeletePolicy(logger, p)
|
||||
go c.registerPolicyRuleInfoMetricDeletePolicy(context.TODO(), logger, p)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricDeletePolicy(logger, p)
|
||||
go c.registerPolicyChangesMetricDeletePolicy(context.TODO(), logger, p)
|
||||
}
|
||||
|
||||
func (c *controller) addNsPolicy(obj interface{}) {
|
||||
p := obj.(*kyvernov1.Policy)
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricAddPolicy(logger, p)
|
||||
go c.registerPolicyRuleInfoMetricAddPolicy(context.TODO(), logger, p)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricAddPolicy(logger, p)
|
||||
go c.registerPolicyChangesMetricAddPolicy(context.TODO(), logger, p)
|
||||
}
|
||||
|
||||
func (c *controller) updateNsPolicy(old, cur interface{}) {
|
||||
oldP, curP := old.(*kyvernov1.Policy), cur.(*kyvernov1.Policy)
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricUpdatePolicy(logger, oldP, curP)
|
||||
go c.registerPolicyRuleInfoMetricUpdatePolicy(context.TODO(), logger, oldP, curP)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricUpdatePolicy(logger, oldP, curP)
|
||||
go c.registerPolicyChangesMetricUpdatePolicy(context.TODO(), logger, oldP, curP)
|
||||
}
|
||||
|
||||
func (c *controller) deleteNsPolicy(obj interface{}) {
|
||||
|
|
@ -75,7 +77,7 @@ func (c *controller) deleteNsPolicy(obj interface{}) {
|
|||
return
|
||||
}
|
||||
// register kyverno_policy_rule_info_total metric concurrently
|
||||
go c.registerPolicyRuleInfoMetricDeletePolicy(logger, p)
|
||||
go c.registerPolicyRuleInfoMetricDeletePolicy(context.TODO(), logger, p)
|
||||
// register kyverno_policy_changes_total metric concurrently
|
||||
go c.registerPolicyChangesMetricDeletePolicy(logger, p)
|
||||
go c.registerPolicyChangesMetricDeletePolicy(context.TODO(), logger, p)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policy
|
||||
|
||||
import (
|
||||
"context"
|
||||
"reflect"
|
||||
|
||||
"github.com/go-logr/logr"
|
||||
|
|
@ -9,61 +10,61 @@ import (
|
|||
policyRuleInfoMetric "github.com/kyverno/kyverno/pkg/metrics/policyruleinfo"
|
||||
)
|
||||
|
||||
func (pc *controller) registerPolicyRuleInfoMetricAddPolicy(logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyRuleInfoMetric.AddPolicy(pc.metricsConfig, p)
|
||||
func (pc *controller) registerPolicyRuleInfoMetricAddPolicy(ctx context.Context, logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyRuleInfoMetric.AddPolicy(ctx, pc.metricsConfig, p)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's creation", "name", p.GetName())
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *controller) registerPolicyRuleInfoMetricUpdatePolicy(logger logr.Logger, oldP, curP kyvernov1.PolicyInterface) {
|
||||
func (pc *controller) registerPolicyRuleInfoMetricUpdatePolicy(ctx context.Context, logger logr.Logger, oldP, curP kyvernov1.PolicyInterface) {
|
||||
// removing the old rules associated metrics
|
||||
err := policyRuleInfoMetric.RemovePolicy(pc.metricsConfig, oldP)
|
||||
err := policyRuleInfoMetric.RemovePolicy(ctx, pc.metricsConfig, oldP)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.GetName())
|
||||
}
|
||||
// adding the new rules associated metrics
|
||||
err = policyRuleInfoMetric.AddPolicy(pc.metricsConfig, curP)
|
||||
err = policyRuleInfoMetric.AddPolicy(ctx, pc.metricsConfig, curP)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's updation", "name", oldP.GetName())
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *controller) registerPolicyRuleInfoMetricDeletePolicy(logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyRuleInfoMetric.RemovePolicy(pc.metricsConfig, p)
|
||||
func (pc *controller) registerPolicyRuleInfoMetricDeletePolicy(ctx context.Context, logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyRuleInfoMetric.RemovePolicy(ctx, pc.metricsConfig, p)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_rule_info_total metrics for the above policy's deletion", "name", p.GetName())
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *controller) registerPolicyChangesMetricAddPolicy(logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyChangesMetric.RegisterPolicy(pc.metricsConfig, p, policyChangesMetric.PolicyCreated)
|
||||
func (pc *controller) registerPolicyChangesMetricAddPolicy(ctx context.Context, logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyChangesMetric.RegisterPolicy(ctx, pc.metricsConfig, p, policyChangesMetric.PolicyCreated)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's creation", "name", p.GetName())
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *controller) registerPolicyChangesMetricUpdatePolicy(logger logr.Logger, oldP, curP kyvernov1.PolicyInterface) {
|
||||
func (pc *controller) registerPolicyChangesMetricUpdatePolicy(ctx context.Context, logger logr.Logger, oldP, curP kyvernov1.PolicyInterface) {
|
||||
oldSpec := oldP.GetSpec()
|
||||
curSpec := curP.GetSpec()
|
||||
if reflect.DeepEqual(oldSpec, curSpec) {
|
||||
return
|
||||
}
|
||||
err := policyChangesMetric.RegisterPolicy(pc.metricsConfig, oldP, policyChangesMetric.PolicyUpdated)
|
||||
err := policyChangesMetric.RegisterPolicy(ctx, pc.metricsConfig, oldP, policyChangesMetric.PolicyUpdated)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", oldP.GetName())
|
||||
}
|
||||
// curP will require a new kyverno_policy_changes_total metric if the above update involved change in the following fields:
|
||||
if curSpec.BackgroundProcessingEnabled() != oldSpec.BackgroundProcessingEnabled() || curSpec.ValidationFailureAction.Enforce() != oldSpec.ValidationFailureAction.Enforce() {
|
||||
err = policyChangesMetric.RegisterPolicy(pc.metricsConfig, curP, policyChangesMetric.PolicyUpdated)
|
||||
err = policyChangesMetric.RegisterPolicy(ctx, pc.metricsConfig, curP, policyChangesMetric.PolicyUpdated)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's updation", "name", curP.GetName())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *controller) registerPolicyChangesMetricDeletePolicy(logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyChangesMetric.RegisterPolicy(pc.metricsConfig, p, policyChangesMetric.PolicyDeleted)
|
||||
func (pc *controller) registerPolicyChangesMetricDeletePolicy(ctx context.Context, logger logr.Logger, p kyvernov1.PolicyInterface) {
|
||||
err := policyChangesMetric.RegisterPolicy(ctx, pc.metricsConfig, p, policyChangesMetric.PolicyDeleted)
|
||||
if err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_changes_total metrics for the above policy's deletion", "name", p.GetName())
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package admissionrequests
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
|
|
@ -9,7 +10,7 @@ import (
|
|||
admissionv1 "k8s.io/api/admission/v1"
|
||||
)
|
||||
|
||||
func registerAdmissionRequestsMetric(m *metrics.MetricsConfig, resourceKind, resourceNamespace string, resourceRequestOperation metrics.ResourceRequestOperation, allowed bool) {
|
||||
func registerAdmissionRequestsMetric(ctx context.Context, m *metrics.MetricsConfig, resourceKind, resourceNamespace string, resourceRequestOperation metrics.ResourceRequestOperation, allowed bool) {
|
||||
includeNamespaces, excludeNamespaces := m.Config.GetIncludeNamespaces(), m.Config.GetExcludeNamespaces()
|
||||
if (resourceNamespace != "" && resourceNamespace != "-") && utils.ContainsString(excludeNamespaces, resourceNamespace) {
|
||||
m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_admission_requests_total metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
|
||||
|
|
@ -19,10 +20,10 @@ func registerAdmissionRequestsMetric(m *metrics.MetricsConfig, resourceKind, res
|
|||
m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_admission_requests_total metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
|
||||
return
|
||||
}
|
||||
m.RecordAdmissionRequests(resourceKind, resourceNamespace, resourceRequestOperation, allowed)
|
||||
m.RecordAdmissionRequests(ctx, resourceKind, resourceNamespace, resourceRequestOperation, allowed)
|
||||
}
|
||||
|
||||
func Process(m *metrics.MetricsConfig, request *admissionv1.AdmissionRequest, response *admissionv1.AdmissionResponse) {
|
||||
func Process(ctx context.Context, m *metrics.MetricsConfig, request *admissionv1.AdmissionRequest, response *admissionv1.AdmissionResponse) {
|
||||
op := strings.ToLower(string(request.Operation))
|
||||
registerAdmissionRequestsMetric(m, request.Kind.Kind, request.Namespace, metrics.ResourceRequestOperation(op), response.Allowed)
|
||||
registerAdmissionRequestsMetric(ctx, m, request.Kind.Kind, request.Namespace, metrics.ResourceRequestOperation(op), response.Allowed)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package admissionreviewduration
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
|
|
@ -9,7 +10,7 @@ import (
|
|||
admissionv1 "k8s.io/api/admission/v1"
|
||||
)
|
||||
|
||||
func registerAdmissionReviewDurationMetric(m *metrics.MetricsConfig, resourceKind, resourceNamespace string, resourceRequestOperation metrics.ResourceRequestOperation, admissionRequestLatency float64, allowed bool) {
|
||||
func registerAdmissionReviewDurationMetric(ctx context.Context, m *metrics.MetricsConfig, resourceKind, resourceNamespace string, resourceRequestOperation metrics.ResourceRequestOperation, admissionRequestLatency float64, allowed bool) {
|
||||
includeNamespaces, excludeNamespaces := m.Config.GetIncludeNamespaces(), m.Config.GetExcludeNamespaces()
|
||||
if (resourceNamespace != "" && resourceNamespace != "-") && utils.ContainsString(excludeNamespaces, resourceNamespace) {
|
||||
m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_admission_review_duration_seconds metric as the operation belongs to the namespace '%s' which is one of 'namespaces.exclude' %+v in values.yaml", resourceNamespace, excludeNamespaces))
|
||||
|
|
@ -19,11 +20,11 @@ func registerAdmissionReviewDurationMetric(m *metrics.MetricsConfig, resourceKin
|
|||
m.Log.V(2).Info(fmt.Sprintf("Skipping the registration of kyverno_admission_review_duration_seconds metric as the operation belongs to the namespace '%s' which is not one of 'namespaces.include' %+v in values.yaml", resourceNamespace, includeNamespaces))
|
||||
return
|
||||
}
|
||||
m.RecordAdmissionReviewDuration(resourceKind, resourceNamespace, string(resourceRequestOperation), admissionRequestLatency, allowed)
|
||||
m.RecordAdmissionReviewDuration(ctx, resourceKind, resourceNamespace, string(resourceRequestOperation), admissionRequestLatency, allowed)
|
||||
}
|
||||
|
||||
func Process(m *metrics.MetricsConfig, request *admissionv1.AdmissionRequest, response *admissionv1.AdmissionResponse, latency int64) {
|
||||
func Process(ctx context.Context, m *metrics.MetricsConfig, request *admissionv1.AdmissionRequest, response *admissionv1.AdmissionResponse, latency int64) {
|
||||
op := strings.ToLower(string(request.Operation))
|
||||
admissionReviewLatencyDurationInSeconds := float64(latency) / float64(1000*1000*1000)
|
||||
registerAdmissionReviewDurationMetric(m, request.Kind.Kind, request.Namespace, metrics.ResourceRequestOperation(op), admissionReviewLatencyDurationInSeconds, response.Allowed)
|
||||
registerAdmissionReviewDurationMetric(ctx, m, request.Kind.Kind, request.Namespace, metrics.ResourceRequestOperation(op), admissionReviewLatencyDurationInSeconds, response.Allowed)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
package metrics
|
||||
|
||||
import "context"
|
||||
|
||||
type Recorder interface {
|
||||
Record(clientQueryOperation ClientQueryOperation)
|
||||
}
|
||||
|
|
@ -29,5 +31,9 @@ func ClusteredClientQueryRecorder(m MetricsConfigManager, kind string, client Cl
|
|||
}
|
||||
|
||||
func (r *clientQueryRecorder) Record(clientQueryOperation ClientQueryOperation) {
|
||||
r.manager.RecordClientQueries(clientQueryOperation, r.client, r.kind, r.ns)
|
||||
r.RecordWithContext(context.TODO(), clientQueryOperation)
|
||||
}
|
||||
|
||||
func (r *clientQueryRecorder) RecordWithContext(ctx context.Context, clientQueryOperation ClientQueryOperation) {
|
||||
r.manager.RecordClientQueries(ctx, clientQueryOperation, r.client, r.kind, r.ns)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package metrics
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
|
||||
"github.com/go-logr/logr"
|
||||
|
|
@ -10,6 +11,7 @@ import (
|
|||
)
|
||||
|
||||
func InitMetrics(
|
||||
ctx context.Context,
|
||||
disableMetricsExport bool,
|
||||
otel string,
|
||||
metricsAddr string,
|
||||
|
|
@ -41,6 +43,7 @@ func InitMetrics(
|
|||
|
||||
endpoint := otelCollector + metricsAddr
|
||||
pusher, err = NewOTLPGRPCConfig(
|
||||
ctx,
|
||||
endpoint,
|
||||
transportCreds,
|
||||
kubeClient,
|
||||
|
|
@ -51,7 +54,7 @@ func InitMetrics(
|
|||
}
|
||||
} else if otel == "prometheus" {
|
||||
// Prometheus Server will serve metrics on metrics-port
|
||||
metricsServerMux, err = NewPrometheusConfig(log)
|
||||
metricsServerMux, err = NewPrometheusConfig(ctx, log)
|
||||
|
||||
if err != nil {
|
||||
return nil, nil, pusher, err
|
||||
|
|
|
|||
|
|
@ -47,13 +47,13 @@ type MetricsConfig struct {
|
|||
}
|
||||
|
||||
type MetricsConfigManager interface {
|
||||
RecordPolicyResults(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, ruleName string, ruleResult RuleResult, ruleType RuleType, ruleExecutionCause RuleExecutionCause)
|
||||
RecordPolicyChanges(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, policyChangeType string)
|
||||
RecordPolicyRuleInfo(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, ruleName string, ruleType RuleType, status string, metricValue float64)
|
||||
RecordPolicyExecutionDuration(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, ruleName string, ruleResult RuleResult, ruleType RuleType, ruleExecutionCause RuleExecutionCause, ruleExecutionLatency float64)
|
||||
RecordAdmissionRequests(resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, allowed bool)
|
||||
RecordAdmissionReviewDuration(resourceKind string, resourceNamespace string, resourceRequestOperation string, admissionRequestLatency float64, allowed bool)
|
||||
RecordClientQueries(clientQueryOperation ClientQueryOperation, clientType ClientType, resourceKind string, resourceNamespace string)
|
||||
RecordPolicyResults(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, ruleName string, ruleResult RuleResult, ruleType RuleType, ruleExecutionCause RuleExecutionCause)
|
||||
RecordPolicyChanges(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, policyChangeType string)
|
||||
RecordPolicyRuleInfo(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, ruleName string, ruleType RuleType, status string, metricValue float64)
|
||||
RecordPolicyExecutionDuration(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, ruleName string, ruleResult RuleResult, ruleType RuleType, ruleExecutionCause RuleExecutionCause, ruleExecutionLatency float64)
|
||||
RecordAdmissionRequests(ctx context.Context, resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, allowed bool)
|
||||
RecordAdmissionReviewDuration(ctx context.Context, resourceKind string, resourceNamespace string, resourceRequestOperation string, admissionRequestLatency float64, allowed bool)
|
||||
RecordClientQueries(ctx context.Context, clientQueryOperation ClientQueryOperation, clientType ClientType, resourceKind string, resourceNamespace string)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) initializeMetrics() error {
|
||||
|
|
@ -116,12 +116,12 @@ func ShutDownController(ctx context.Context, pusher *controller.Controller) {
|
|||
}
|
||||
|
||||
func NewOTLPGRPCConfig(
|
||||
ctx context.Context,
|
||||
endpoint string,
|
||||
certs string,
|
||||
kubeClient kubernetes.Interface,
|
||||
log logr.Logger,
|
||||
) (*controller.Controller, error) {
|
||||
ctx := context.Background()
|
||||
var client otlpmetric.Client
|
||||
|
||||
if certs != "" {
|
||||
|
|
@ -150,7 +150,8 @@ func NewOTLPGRPCConfig(
|
|||
return nil, err
|
||||
}
|
||||
|
||||
res, err := resource.New(context.Background(),
|
||||
res, err := resource.New(
|
||||
ctx,
|
||||
resource.WithAttributes(semconv.ServiceNameKey.String("kyverno_metrics")),
|
||||
resource.WithSchemaURL(semconv.SchemaURL),
|
||||
)
|
||||
|
|
@ -181,10 +182,12 @@ func NewOTLPGRPCConfig(
|
|||
}
|
||||
|
||||
func NewPrometheusConfig(
|
||||
ctx context.Context,
|
||||
log logr.Logger,
|
||||
) (*http.ServeMux, error) {
|
||||
config := prometheus.Config{}
|
||||
res, err := resource.New(context.Background(),
|
||||
res, err := resource.New(
|
||||
ctx,
|
||||
resource.WithAttributes(semconv.ServiceNameKey.String("kyverno-svc-metrics")),
|
||||
resource.WithAttributes(semconv.ServiceNamespaceKey.String(kconfig.KyvernoNamespace())),
|
||||
resource.WithSchemaURL(semconv.SchemaURL),
|
||||
|
|
@ -218,12 +221,10 @@ func NewPrometheusConfig(
|
|||
return metricsServerMux, nil
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordPolicyResults(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
func (m *MetricsConfig) RecordPolicyResults(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, ruleName string, ruleResult RuleResult, ruleType RuleType,
|
||||
ruleExecutionCause RuleExecutionCause,
|
||||
) {
|
||||
ctx := context.Background()
|
||||
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("policy_validation_mode", string(policyValidationMode)),
|
||||
attribute.String("policy_type", string(policyType)),
|
||||
|
|
@ -238,13 +239,10 @@ func (m *MetricsConfig) RecordPolicyResults(policyValidationMode PolicyValidatio
|
|||
attribute.String("rule_type", string(ruleType)),
|
||||
attribute.String("rule_execution_cause", string(ruleExecutionCause)),
|
||||
}
|
||||
|
||||
m.policyResultsMetric.Add(ctx, 1, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordPolicyChanges(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, policyChangeType string) {
|
||||
ctx := context.Background()
|
||||
|
||||
func (m *MetricsConfig) RecordPolicyChanges(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string, policyChangeType string) {
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("policy_validation_mode", string(policyValidationMode)),
|
||||
attribute.String("policy_type", string(policyType)),
|
||||
|
|
@ -253,14 +251,12 @@ func (m *MetricsConfig) RecordPolicyChanges(policyValidationMode PolicyValidatio
|
|||
attribute.String("policy_name", policyName),
|
||||
attribute.String("policy_change_type", policyChangeType),
|
||||
}
|
||||
|
||||
m.policyChangesMetric.Add(ctx, 1, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordPolicyRuleInfo(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
func (m *MetricsConfig) RecordPolicyRuleInfo(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
ruleName string, ruleType RuleType, status string, metricValue float64,
|
||||
) {
|
||||
ctx := context.Background()
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("policy_validation_mode", string(policyValidationMode)),
|
||||
attribute.String("policy_type", string(policyType)),
|
||||
|
|
@ -271,28 +267,22 @@ func (m *MetricsConfig) RecordPolicyRuleInfo(policyValidationMode PolicyValidati
|
|||
attribute.String("rule_type", string(ruleType)),
|
||||
attribute.String("status_ready", status),
|
||||
}
|
||||
|
||||
m.policyRuleInfoMetric.Observe(ctx, metricValue, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordAdmissionRequests(resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, allowed bool) {
|
||||
ctx := context.Background()
|
||||
|
||||
func (m *MetricsConfig) RecordAdmissionRequests(ctx context.Context, resourceKind string, resourceNamespace string, resourceRequestOperation ResourceRequestOperation, allowed bool) {
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("resource_kind", resourceKind),
|
||||
attribute.String("resource_namespace", resourceNamespace),
|
||||
attribute.String("resource_request_operation", string(resourceRequestOperation)),
|
||||
attribute.Bool("request_allowed", allowed),
|
||||
}
|
||||
|
||||
m.admissionRequestsMetric.Add(ctx, 1, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordPolicyExecutionDuration(policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
func (m *MetricsConfig) RecordPolicyExecutionDuration(ctx context.Context, policyValidationMode PolicyValidationMode, policyType PolicyType, policyBackgroundMode PolicyBackgroundMode, policyNamespace string, policyName string,
|
||||
ruleName string, ruleResult RuleResult, ruleType RuleType, ruleExecutionCause RuleExecutionCause, ruleExecutionLatency float64,
|
||||
) {
|
||||
ctx := context.Background()
|
||||
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("policy_validation_mode", string(policyValidationMode)),
|
||||
attribute.String("policy_type", string(policyType)),
|
||||
|
|
@ -304,32 +294,25 @@ func (m *MetricsConfig) RecordPolicyExecutionDuration(policyValidationMode Polic
|
|||
attribute.String("rule_type", string(ruleType)),
|
||||
attribute.String("rule_execution_cause", string(ruleExecutionCause)),
|
||||
}
|
||||
|
||||
m.policyExecutionDurationMetric.Record(ctx, ruleExecutionLatency, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordAdmissionReviewDuration(resourceKind string, resourceNamespace string, resourceRequestOperation string, admissionRequestLatency float64, allowed bool) {
|
||||
ctx := context.Background()
|
||||
|
||||
func (m *MetricsConfig) RecordAdmissionReviewDuration(ctx context.Context, resourceKind string, resourceNamespace string, resourceRequestOperation string, admissionRequestLatency float64, allowed bool) {
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("resource_kind", resourceKind),
|
||||
attribute.String("resource_namespace", resourceNamespace),
|
||||
attribute.String("resource_request_operation", resourceRequestOperation),
|
||||
attribute.Bool("request_allowed", allowed),
|
||||
}
|
||||
|
||||
m.admissionReviewDurationMetric.Record(ctx, admissionRequestLatency, commonLabels...)
|
||||
}
|
||||
|
||||
func (m *MetricsConfig) RecordClientQueries(clientQueryOperation ClientQueryOperation, clientType ClientType, resourceKind string, resourceNamespace string) {
|
||||
ctx := context.Background()
|
||||
|
||||
func (m *MetricsConfig) RecordClientQueries(ctx context.Context, clientQueryOperation ClientQueryOperation, clientType ClientType, resourceKind string, resourceNamespace string) {
|
||||
commonLabels := []attribute.KeyValue{
|
||||
attribute.String("operation", string(clientQueryOperation)),
|
||||
attribute.String("client_type", string(clientType)),
|
||||
attribute.String("resource_kind", resourceKind),
|
||||
attribute.String("resource_namespace", resourceNamespace),
|
||||
}
|
||||
|
||||
m.clientQueriesMetric.Add(ctx, 1, commonLabels...)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policychanges
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
|
|
@ -9,6 +10,7 @@ import (
|
|||
)
|
||||
|
||||
func registerPolicyChangesMetric(
|
||||
ctx context.Context,
|
||||
m *metrics.MetricsConfig,
|
||||
policyValidationMode metrics.PolicyValidationMode,
|
||||
policyType metrics.PolicyType,
|
||||
|
|
@ -29,17 +31,17 @@ func registerPolicyChangesMetric(
|
|||
return nil
|
||||
}
|
||||
|
||||
m.RecordPolicyChanges(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, string(policyChangeType))
|
||||
m.RecordPolicyChanges(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, string(policyChangeType))
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func RegisterPolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, policyChangeType PolicyChangeType) error {
|
||||
func RegisterPolicy(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, policyChangeType PolicyChangeType) error {
|
||||
name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err = registerPolicyChangesMetric(m, validationMode, policyType, backgroundMode, namespace, name, policyChangeType); err != nil {
|
||||
if err = registerPolicyChangesMetric(ctx, m, validationMode, policyType, backgroundMode, namespace, name, policyChangeType); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policyexecutionduration
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
|
|
@ -10,6 +11,7 @@ import (
|
|||
)
|
||||
|
||||
func registerPolicyExecutionDurationMetric(
|
||||
ctx context.Context,
|
||||
m *metrics.MetricsConfig,
|
||||
policyValidationMode metrics.PolicyValidationMode,
|
||||
policyType metrics.PolicyType,
|
||||
|
|
@ -36,14 +38,14 @@ func registerPolicyExecutionDurationMetric(
|
|||
return nil
|
||||
}
|
||||
|
||||
m.RecordPolicyExecutionDuration(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleResult, ruleType, ruleExecutionCause, ruleExecutionLatency)
|
||||
m.RecordPolicyExecutionDuration(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleResult, ruleType, ruleExecutionCause, ruleExecutionLatency)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// policy - policy related data
|
||||
// engineResponse - resource and rule related data
|
||||
func ProcessEngineResponse(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
func ProcessEngineResponse(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -71,6 +73,7 @@ func ProcessEngineResponse(m *metrics.MetricsConfig, policy kyvernov1.PolicyInte
|
|||
}
|
||||
ruleExecutionLatencyInSeconds := float64(rule.RuleStats.ProcessingTime) / float64(1000*1000*1000)
|
||||
if err := registerPolicyExecutionDurationMetric(
|
||||
ctx,
|
||||
m,
|
||||
validationMode,
|
||||
policyType,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policyresults
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
|
|
@ -10,6 +11,7 @@ import (
|
|||
)
|
||||
|
||||
func registerPolicyResultsMetric(
|
||||
ctx context.Context,
|
||||
m *metrics.MetricsConfig,
|
||||
policyValidationMode metrics.PolicyValidationMode,
|
||||
policyType metrics.PolicyType,
|
||||
|
|
@ -35,14 +37,14 @@ func registerPolicyResultsMetric(
|
|||
return nil
|
||||
}
|
||||
|
||||
m.RecordPolicyResults(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, resourceKind, resourceNamespace, resourceRequestOperation, ruleName, ruleResult, ruleType, ruleExecutionCause)
|
||||
m.RecordPolicyResults(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, resourceKind, resourceNamespace, resourceRequestOperation, ruleName, ruleResult, ruleType, ruleExecutionCause)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// policy - policy related data
|
||||
// engineResponse - resource and rule related data
|
||||
func ProcessEngineResponse(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
func ProcessEngineResponse(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse, executionCause metrics.RuleExecutionCause, resourceRequestOperation metrics.ResourceRequestOperation) error {
|
||||
name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -70,6 +72,7 @@ func ProcessEngineResponse(m *metrics.MetricsConfig, policy kyvernov1.PolicyInte
|
|||
ruleResult = metrics.Fail
|
||||
}
|
||||
if err := registerPolicyResultsMetric(
|
||||
ctx,
|
||||
m,
|
||||
validationMode,
|
||||
policyType,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policyruleinfo
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
||||
|
|
@ -10,6 +11,7 @@ import (
|
|||
)
|
||||
|
||||
func registerPolicyRuleInfoMetric(
|
||||
ctx context.Context,
|
||||
m *metrics.MetricsConfig,
|
||||
policyValidationMode metrics.PolicyValidationMode,
|
||||
policyType metrics.PolicyType,
|
||||
|
|
@ -44,12 +46,12 @@ func registerPolicyRuleInfoMetric(
|
|||
if ready {
|
||||
status = "true"
|
||||
}
|
||||
m.RecordPolicyRuleInfo(policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, status, metricValue)
|
||||
m.RecordPolicyRuleInfo(ctx, policyValidationMode, policyType, policyBackgroundMode, policyNamespace, policyName, ruleName, ruleType, status, metricValue)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func AddPolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
|
||||
func AddPolicy(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
|
||||
name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -58,14 +60,14 @@ func AddPolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error
|
|||
for _, rule := range autogen.ComputeRules(policy) {
|
||||
ruleName := rule.Name
|
||||
ruleType := metrics.ParseRuleType(rule)
|
||||
if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleCreated, ready); err != nil {
|
||||
if err = registerPolicyRuleInfoMetric(ctx, m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleCreated, ready); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func RemovePolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
|
||||
func RemovePolicy(ctx context.Context, m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) error {
|
||||
name, namespace, policyType, backgroundMode, validationMode, err := metrics.GetPolicyInfos(policy)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -74,7 +76,7 @@ func RemovePolicy(m *metrics.MetricsConfig, policy kyvernov1.PolicyInterface) er
|
|||
for _, rule := range autogen.ComputeRules(policy) {
|
||||
ruleName := rule.Name
|
||||
ruleType := metrics.ParseRuleType(rule)
|
||||
if err = registerPolicyRuleInfoMetric(m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleDeleted, ready); err != nil {
|
||||
if err = registerPolicyRuleInfoMetric(ctx, m, validationMode, policyType, backgroundMode, namespace, name, ruleName, ruleType, PolicyRuleDeleted, ready); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package policy
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"strings"
|
||||
"sync"
|
||||
|
|
@ -62,13 +63,13 @@ func (pc *PolicyController) applyAndReportPerNamespace(policy kyvernov1.PolicyIn
|
|||
}
|
||||
|
||||
func (pc *PolicyController) registerPolicyResultsMetricValidation(logger logr.Logger, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
if err := policyResults.ProcessEngineResponse(pc.metricsConfig, policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
|
||||
if err := policyResults.ProcessEngineResponse(context.TODO(), pc.metricsConfig, policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_results_total metrics for the above policy", "name", policy.GetName())
|
||||
}
|
||||
}
|
||||
|
||||
func (pc *PolicyController) registerPolicyExecutionDurationMetricValidate(logger logr.Logger, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
if err := policyExecutionDuration.ProcessEngineResponse(pc.metricsConfig, policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
|
||||
if err := policyExecutionDuration.ProcessEngineResponse(context.TODO(), pc.metricsConfig, policy, engineResponse, metrics.BackgroundScan, metrics.ResourceCreated); err != nil {
|
||||
logger.Error(err, "error occurred while registering kyverno_policy_execution_duration_seconds metrics for the above policy", "name", policy.GetName())
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,8 +18,8 @@ func (inner AdmissionHandler) WithMetrics(metricsConfig *metrics.MetricsConfig)
|
|||
func (inner AdmissionHandler) withMetrics(metricsConfig *metrics.MetricsConfig) AdmissionHandler {
|
||||
return func(ctx context.Context, logger logr.Logger, request *admissionv1.AdmissionRequest, startTime time.Time) *admissionv1.AdmissionResponse {
|
||||
response := inner(ctx, logger, request, startTime)
|
||||
defer admissionReviewDuration.Process(metricsConfig, request, response, int64(time.Since(startTime)))
|
||||
admissionRequests.Process(metricsConfig, request, response)
|
||||
defer admissionReviewDuration.Process(ctx, metricsConfig, request, response, int64(time.Since(startTime)))
|
||||
admissionRequests.Process(ctx, metricsConfig, request, response)
|
||||
return response
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,9 +108,9 @@ func (h *generationHandler) Handle(
|
|||
}
|
||||
|
||||
// registering the kyverno_policy_results_total metric concurrently
|
||||
go webhookutils.RegisterPolicyResultsMetricGeneration(h.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyResultsMetricGeneration(context.TODO(), h.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
// registering the kyverno_policy_execution_duration_seconds metric concurrently
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricGenerate(h.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricGenerate(context.TODO(), h.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
}
|
||||
|
||||
if failedResponse := applyUpdateRequest(request, kyvernov1beta1.Generate, h.urGenerator, policyContext.AdmissionInfo, request.Operation, engineResponses...); failedResponse != nil {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package mutation
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"reflect"
|
||||
"time"
|
||||
|
|
@ -117,9 +118,9 @@ func (v *mutationHandler) applyMutations(
|
|||
engineResponses = append(engineResponses, engineResponse)
|
||||
|
||||
// registering the kyverno_policy_results_total metric concurrently
|
||||
go webhookutils.RegisterPolicyResultsMetricMutation(v.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyResultsMetricMutation(context.TODO(), v.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
// registering the kyverno_policy_execution_duration_seconds metric concurrently
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricMutate(v.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricMutate(context.TODO(), v.log, metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
}
|
||||
|
||||
// generate annotations
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package resource
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
|
|
@ -55,9 +56,9 @@ func (h *handlers) handleMutateExisting(logger logr.Logger, request *admissionv1
|
|||
}
|
||||
|
||||
// registering the kyverno_policy_results_total metric concurrently
|
||||
go webhookutils.RegisterPolicyResultsMetricMutation(logger, h.metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyResultsMetricMutation(context.TODO(), logger, h.metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
// registering the kyverno_policy_execution_duration_seconds metric concurrently
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricMutate(logger, h.metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricMutate(context.TODO(), logger, h.metricsConfig, string(request.Operation), policy, *engineResponse)
|
||||
}
|
||||
|
||||
if failedResponse := applyUpdateRequest(request, kyvernov1beta1.Mutate, h.urGenerator, policyContext.AdmissionInfo, request.Operation, engineResponses...); failedResponse != nil {
|
||||
|
|
|
|||
|
|
@ -101,8 +101,8 @@ func (v *validationHandler) HandleValidation(
|
|||
continue
|
||||
}
|
||||
|
||||
go webhookutils.RegisterPolicyResultsMetricValidation(logger, metricsConfig, string(request.Operation), policyContext.Policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricValidate(logger, metricsConfig, string(request.Operation), policyContext.Policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyResultsMetricValidation(context.TODO(), logger, metricsConfig, string(request.Operation), policyContext.Policy, *engineResponse)
|
||||
go webhookutils.RegisterPolicyExecutionDurationMetricValidate(context.TODO(), logger, metricsConfig, string(request.Operation), policyContext.Policy, *engineResponse)
|
||||
|
||||
engineResponses = append(engineResponses, engineResponse)
|
||||
if !engineResponse.IsSuccessful() {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/go-logr/logr"
|
||||
|
|
@ -25,40 +26,40 @@ func registerMetric(logger logr.Logger, m string, requestOperation string, r rep
|
|||
|
||||
// POLICY RESULTS
|
||||
|
||||
func RegisterPolicyResultsMetricMutation(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyResultsMetricMutation(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_results_total", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyResults.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyResults.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
||||
func RegisterPolicyResultsMetricValidation(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyResultsMetricValidation(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_results_total", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyResults.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyResults.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
||||
func RegisterPolicyResultsMetricGeneration(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyResultsMetricGeneration(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_results_total", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyResults.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyResults.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
||||
// POLICY EXECUTION
|
||||
|
||||
func RegisterPolicyExecutionDurationMetricMutate(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyExecutionDurationMetricMutate(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_execution_duration_seconds", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyExecutionDuration.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyExecutionDuration.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
||||
func RegisterPolicyExecutionDurationMetricValidate(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyExecutionDurationMetricValidate(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_execution_duration_seconds", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyExecutionDuration.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyExecutionDuration.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
||||
func RegisterPolicyExecutionDurationMetricGenerate(logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
func RegisterPolicyExecutionDurationMetricGenerate(ctx context.Context, logger logr.Logger, metricsConfig *metrics.MetricsConfig, requestOperation string, policy kyvernov1.PolicyInterface, engineResponse response.EngineResponse) {
|
||||
registerMetric(logger, "kyverno_policy_execution_duration_seconds", requestOperation, func(op metrics.ResourceRequestOperation) error {
|
||||
return policyExecutionDuration.ProcessEngineResponse(metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
return policyExecutionDuration.ProcessEngineResponse(ctx, metricsConfig, policy, engineResponse, metrics.AdmissionRequest, op)
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue