mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

feat: add webhook type to admission metrics (#5493)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2022-11-30 10:30:24 +01:00 committed by GitHub
parent c3be9e36a5
commit ff9ba81440
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 29 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
pkg/metrics/attributes.go Normal file
View file

@ -0,0 +1,14 @@
package metrics
import "go.opentelemetry.io/otel/attribute"
const (
// keys
RequestWebhookKey = attribute.Key("request_webhook")
)
var (
// keyvalues
WebhookMutating = RequestWebhookKey.String("MutatingWebhookConfiguration")
WebhookValidating = RequestWebhookKey.String("ValidatingWebhookConfiguration")
)

29
pkg/webhooks/handlers/metrics.go
View file

@ -13,11 +13,11 @@ import (
admissionv1 "k8s.io/api/admission/v1" admissionv1 "k8s.io/api/admission/v1"
) )
func (inner AdmissionHandler) WithMetrics(logger logr.Logger, metricsConfig config.MetricsConfiguration) AdmissionHandler { func (inner AdmissionHandler) WithMetrics(logger logr.Logger, metricsConfig config.MetricsConfiguration, attrs ...attribute.KeyValue) AdmissionHandler {
return inner.withMetrics(logger, metricsConfig).WithTrace("METRICS") return inner.withMetrics(logger, metricsConfig).WithTrace("METRICS")
} }
func (inner AdmissionHandler) withMetrics(logger logr.Logger, metricsConfig config.MetricsConfiguration) AdmissionHandler { func (inner AdmissionHandler) withMetrics(logger logr.Logger, metricsConfig config.MetricsConfiguration, attrs ...attribute.KeyValue) AdmissionHandler {
meter := global.MeterProvider().Meter("kyverno") meter := global.MeterProvider().Meter("kyverno")
admissionRequestsMetric, err := meter.SyncInt64().Counter( admissionRequestsMetric, err := meter.SyncInt64().Counter(
"kyverno_admission_requests_total", "kyverno_admission_requests_total",
@ -42,29 +42,22 @@ func (inner AdmissionHandler) withMetrics(logger logr.Logger, metricsConfig conf
if response != nil { if response != nil {
allowed = response.Allowed allowed = response.Allowed
} }
attributes := []attribute.KeyValue{
attribute.String("resource_kind", request.Kind.Kind),
attribute.String("resource_namespace", namespace),
attribute.String("resource_request_operation", operation),
attribute.Bool("request_allowed", allowed),
}
attributes = append(attributes, attrs...)
if admissionReviewDurationMetric != nil { if admissionReviewDurationMetric != nil {
defer func() { defer func() {
latency := int64(time.Since(startTime)) latency := int64(time.Since(startTime))
admissionReviewLatencyDurationInSeconds := float64(latency) / float64(1000*1000*1000) admissionReviewLatencyDurationInSeconds := float64(latency) / float64(1000*1000*1000)
admissionReviewDurationMetric.Record( admissionReviewDurationMetric.Record(ctx, admissionReviewLatencyDurationInSeconds, attributes...)
ctx,
admissionReviewLatencyDurationInSeconds,
attribute.String("resource_kind", request.Kind.Kind),
attribute.String("resource_namespace", namespace),
attribute.String("resource_request_operation", operation),
attribute.Bool("request_allowed", allowed),
)
}() }()
} }
if admissionRequestsMetric != nil { if admissionRequestsMetric != nil {
admissionRequestsMetric.Add( admissionRequestsMetric.Add(ctx, 1, attributes...)
ctx,
1,
attribute.String("resource_kind", request.Kind.Kind),
attribute.String("resource_namespace", namespace),
attribute.String("resource_request_operation", operation),
attribute.Bool("request_allowed", allowed),
)
} }
} }
return response return response

8
pkg/webhooks/server.go
View file

@ -90,7 +90,7 @@ func NewServer(
WithProtection(toggle.ProtectManagedResources.Enabled()). WithProtection(toggle.ProtectManagedResources.Enabled()).
WithDump(debugModeOpts.DumpPayload). WithDump(debugModeOpts.DumpPayload).
WithOperationFilter(admissionv1.Create, admissionv1.Update, admissionv1.Connect). WithOperationFilter(admissionv1.Create, admissionv1.Update, admissionv1.Connect).
WithMetrics(resourceLogger, metricsConfig.Config). WithMetrics(resourceLogger, metricsConfig.Config, metrics.WebhookMutating).
WithAdmission(resourceLogger.WithName("mutate")) WithAdmission(resourceLogger.WithName("mutate"))
}, },
) )
@ -104,7 +104,7 @@ func NewServer(
WithFilter(configuration). WithFilter(configuration).
WithProtection(toggle.ProtectManagedResources.Enabled()). WithProtection(toggle.ProtectManagedResources.Enabled()).
WithDump(debugModeOpts.DumpPayload). WithDump(debugModeOpts.DumpPayload).
WithMetrics(resourceLogger, metricsConfig.Config). WithMetrics(resourceLogger, metricsConfig.Config, metrics.WebhookValidating).
WithAdmission(resourceLogger.WithName("validate")) WithAdmission(resourceLogger.WithName("validate"))
}, },
) )
@ -113,7 +113,7 @@ func NewServer(
config.PolicyMutatingWebhookServicePath, config.PolicyMutatingWebhookServicePath,
handlers.FromAdmissionFunc("MUTATE", policyHandlers.Mutate). handlers.FromAdmissionFunc("MUTATE", policyHandlers.Mutate).
WithDump(debugModeOpts.DumpPayload). WithDump(debugModeOpts.DumpPayload).
WithMetrics(policyLogger, metricsConfig.Config). WithMetrics(policyLogger, metricsConfig.Config, metrics.WebhookMutating).
WithAdmission(policyLogger.WithName("mutate")). WithAdmission(policyLogger.WithName("mutate")).
ToHandlerFunc(), ToHandlerFunc(),
) )
@ -123,7 +123,7 @@ func NewServer(
handlers.FromAdmissionFunc("VALIDATE", policyHandlers.Validate). handlers.FromAdmissionFunc("VALIDATE", policyHandlers.Validate).
WithDump(debugModeOpts.DumpPayload). WithDump(debugModeOpts.DumpPayload).
WithSubResourceFilter(). WithSubResourceFilter().
WithMetrics(policyLogger, metricsConfig.Config). WithMetrics(policyLogger, metricsConfig.Config, metrics.WebhookValidating).
WithAdmission(policyLogger.WithName("validate")). WithAdmission(policyLogger.WithName("validate")).
ToHandlerFunc(), ToHandlerFunc(),
) )