mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-03-09 17:09:29 +00:00
f87d06ed85
Several packages are only used while running the e2e suite. These packages are less important to update, as the they can not influence the final executable that is part of the Ceph-CSI container-image. By moving these dependencies out of the main Ceph-CSI go.mod, it is easier to identify if a reported CVE affects Ceph-CSI, or only the testing (like most of the Kubernetes CVEs). Signed-off-by: Niels de Vos <ndevos@ibm.com>
391 lines
13 KiB
Go
391 lines
13 KiB
Go
/*
|
|
Copyright 2019 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package metrics
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/prometheus/client_golang/prometheus"
|
|
|
|
"k8s.io/apimachinery/pkg/util/sets"
|
|
promext "k8s.io/component-base/metrics/prometheusextension"
|
|
"k8s.io/klog/v2"
|
|
yaml "sigs.k8s.io/yaml/goyaml.v2"
|
|
)
|
|
|
|
var (
|
|
labelValueAllowLists = map[string]*MetricLabelAllowList{}
|
|
allowListLock sync.RWMutex
|
|
)
|
|
|
|
// ResetLabelValueAllowLists resets the allow lists for label values.
|
|
// NOTE: This should only be used in test.
|
|
func ResetLabelValueAllowLists() {
|
|
allowListLock.Lock()
|
|
defer allowListLock.Unlock()
|
|
labelValueAllowLists = map[string]*MetricLabelAllowList{}
|
|
}
|
|
|
|
// KubeOpts is superset struct for prometheus.Opts. The prometheus Opts structure
|
|
// is purposefully not embedded here because that would change struct initialization
|
|
// in the manner which people are currently accustomed.
|
|
//
|
|
// Name must be set to a non-empty string. DeprecatedVersion is defined only
|
|
// if the metric for which this options applies is, in fact, deprecated.
|
|
type KubeOpts struct {
|
|
Namespace string
|
|
Subsystem string
|
|
Name string
|
|
Help string
|
|
ConstLabels map[string]string
|
|
DeprecatedVersion string
|
|
deprecateOnce sync.Once
|
|
annotateOnce sync.Once
|
|
StabilityLevel StabilityLevel
|
|
initializeLabelAllowListsOnce sync.Once
|
|
LabelValueAllowLists *MetricLabelAllowList
|
|
}
|
|
|
|
// BuildFQName joins the given three name components by "_". Empty name
|
|
// components are ignored. If the name parameter itself is empty, an empty
|
|
// string is returned, no matter what. Metric implementations included in this
|
|
// library use this function internally to generate the fully-qualified metric
|
|
// name from the name component in their Opts. Users of the library will only
|
|
// need this function if they implement their own Metric or instantiate a Desc
|
|
// (with NewDesc) directly.
|
|
func BuildFQName(namespace, subsystem, name string) string {
|
|
return prometheus.BuildFQName(namespace, subsystem, name)
|
|
}
|
|
|
|
// StabilityLevel represents the API guarantees for a given defined metric.
|
|
type StabilityLevel string
|
|
|
|
const (
|
|
// INTERNAL metrics have no stability guarantees, as such, labels may
|
|
// be arbitrarily added/removed and the metric may be deleted at any time.
|
|
INTERNAL StabilityLevel = "INTERNAL"
|
|
// ALPHA metrics have no stability guarantees, as such, labels may
|
|
// be arbitrarily added/removed and the metric may be deleted at any time.
|
|
ALPHA StabilityLevel = "ALPHA"
|
|
// BETA metrics are governed by the deprecation policy outlined in by
|
|
// the control plane metrics stability KEP.
|
|
BETA StabilityLevel = "BETA"
|
|
// STABLE metrics are guaranteed not be mutated and removal is governed by
|
|
// the deprecation policy outlined in by the control plane metrics stability KEP.
|
|
STABLE StabilityLevel = "STABLE"
|
|
)
|
|
|
|
// setDefaults takes 'ALPHA' in case of empty.
|
|
func (sl *StabilityLevel) setDefaults() {
|
|
switch *sl {
|
|
case "":
|
|
*sl = ALPHA
|
|
default:
|
|
// no-op, since we have a StabilityLevel already
|
|
}
|
|
}
|
|
|
|
// CounterOpts is an alias for Opts. See there for doc comments.
|
|
type CounterOpts KubeOpts
|
|
|
|
// Modify help description on the metric description.
|
|
func (o *CounterOpts) markDeprecated() {
|
|
o.deprecateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("(Deprecated since %v) %v", o.DeprecatedVersion, o.Help)
|
|
})
|
|
}
|
|
|
|
// annotateStabilityLevel annotates help description on the metric description with the stability level
|
|
// of the metric
|
|
func (o *CounterOpts) annotateStabilityLevel() {
|
|
o.annotateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("[%v] %v", o.StabilityLevel, o.Help)
|
|
})
|
|
}
|
|
|
|
// convenience function to allow easy transformation to the prometheus
|
|
// counterpart. This will do more once we have a proper label abstraction
|
|
func (o *CounterOpts) toPromCounterOpts() prometheus.CounterOpts {
|
|
return prometheus.CounterOpts{
|
|
Namespace: o.Namespace,
|
|
Subsystem: o.Subsystem,
|
|
Name: o.Name,
|
|
Help: o.Help,
|
|
ConstLabels: o.ConstLabels,
|
|
}
|
|
}
|
|
|
|
// GaugeOpts is an alias for Opts. See there for doc comments.
|
|
type GaugeOpts KubeOpts
|
|
|
|
// Modify help description on the metric description.
|
|
func (o *GaugeOpts) markDeprecated() {
|
|
o.deprecateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("(Deprecated since %v) %v", o.DeprecatedVersion, o.Help)
|
|
})
|
|
}
|
|
|
|
// annotateStabilityLevel annotates help description on the metric description with the stability level
|
|
// of the metric
|
|
func (o *GaugeOpts) annotateStabilityLevel() {
|
|
o.annotateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("[%v] %v", o.StabilityLevel, o.Help)
|
|
})
|
|
}
|
|
|
|
// convenience function to allow easy transformation to the prometheus
|
|
// counterpart. This will do more once we have a proper label abstraction
|
|
func (o *GaugeOpts) toPromGaugeOpts() prometheus.GaugeOpts {
|
|
return prometheus.GaugeOpts{
|
|
Namespace: o.Namespace,
|
|
Subsystem: o.Subsystem,
|
|
Name: o.Name,
|
|
Help: o.Help,
|
|
ConstLabels: o.ConstLabels,
|
|
}
|
|
}
|
|
|
|
// HistogramOpts bundles the options for creating a Histogram metric. It is
|
|
// mandatory to set Name to a non-empty string. All other fields are optional
|
|
// and can safely be left at their zero value, although it is strongly
|
|
// encouraged to set a Help string.
|
|
type HistogramOpts struct {
|
|
Namespace string
|
|
Subsystem string
|
|
Name string
|
|
Help string
|
|
ConstLabels map[string]string
|
|
Buckets []float64
|
|
DeprecatedVersion string
|
|
deprecateOnce sync.Once
|
|
annotateOnce sync.Once
|
|
StabilityLevel StabilityLevel
|
|
initializeLabelAllowListsOnce sync.Once
|
|
LabelValueAllowLists *MetricLabelAllowList
|
|
}
|
|
|
|
// Modify help description on the metric description.
|
|
func (o *HistogramOpts) markDeprecated() {
|
|
o.deprecateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("(Deprecated since %v) %v", o.DeprecatedVersion, o.Help)
|
|
})
|
|
}
|
|
|
|
// annotateStabilityLevel annotates help description on the metric description with the stability level
|
|
// of the metric
|
|
func (o *HistogramOpts) annotateStabilityLevel() {
|
|
o.annotateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("[%v] %v", o.StabilityLevel, o.Help)
|
|
})
|
|
}
|
|
|
|
// convenience function to allow easy transformation to the prometheus
|
|
// counterpart. This will do more once we have a proper label abstraction
|
|
func (o *HistogramOpts) toPromHistogramOpts() prometheus.HistogramOpts {
|
|
return prometheus.HistogramOpts{
|
|
Namespace: o.Namespace,
|
|
Subsystem: o.Subsystem,
|
|
Name: o.Name,
|
|
Help: o.Help,
|
|
ConstLabels: o.ConstLabels,
|
|
Buckets: o.Buckets,
|
|
}
|
|
}
|
|
|
|
// TimingHistogramOpts bundles the options for creating a TimingHistogram metric. It is
|
|
// mandatory to set Name to a non-empty string. All other fields are optional
|
|
// and can safely be left at their zero value, although it is strongly
|
|
// encouraged to set a Help string.
|
|
type TimingHistogramOpts struct {
|
|
Namespace string
|
|
Subsystem string
|
|
Name string
|
|
Help string
|
|
ConstLabels map[string]string
|
|
Buckets []float64
|
|
InitialValue float64
|
|
DeprecatedVersion string
|
|
deprecateOnce sync.Once
|
|
annotateOnce sync.Once
|
|
StabilityLevel StabilityLevel
|
|
initializeLabelAllowListsOnce sync.Once
|
|
LabelValueAllowLists *MetricLabelAllowList
|
|
}
|
|
|
|
// Modify help description on the metric description.
|
|
func (o *TimingHistogramOpts) markDeprecated() {
|
|
o.deprecateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("(Deprecated since %v) %v", o.DeprecatedVersion, o.Help)
|
|
})
|
|
}
|
|
|
|
// annotateStabilityLevel annotates help description on the metric description with the stability level
|
|
// of the metric
|
|
func (o *TimingHistogramOpts) annotateStabilityLevel() {
|
|
o.annotateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("[%v] %v", o.StabilityLevel, o.Help)
|
|
})
|
|
}
|
|
|
|
// convenience function to allow easy transformation to the prometheus
|
|
// counterpart. This will do more once we have a proper label abstraction
|
|
func (o *TimingHistogramOpts) toPromHistogramOpts() promext.TimingHistogramOpts {
|
|
return promext.TimingHistogramOpts{
|
|
Namespace: o.Namespace,
|
|
Subsystem: o.Subsystem,
|
|
Name: o.Name,
|
|
Help: o.Help,
|
|
ConstLabels: o.ConstLabels,
|
|
Buckets: o.Buckets,
|
|
InitialValue: o.InitialValue,
|
|
}
|
|
}
|
|
|
|
// SummaryOpts bundles the options for creating a Summary metric. It is
|
|
// mandatory to set Name to a non-empty string. While all other fields are
|
|
// optional and can safely be left at their zero value, it is recommended to set
|
|
// a help string and to explicitly set the Objectives field to the desired value
|
|
// as the default value will change in the upcoming v0.10 of the library.
|
|
type SummaryOpts struct {
|
|
Namespace string
|
|
Subsystem string
|
|
Name string
|
|
Help string
|
|
ConstLabels map[string]string
|
|
Objectives map[float64]float64
|
|
MaxAge time.Duration
|
|
AgeBuckets uint32
|
|
BufCap uint32
|
|
DeprecatedVersion string
|
|
deprecateOnce sync.Once
|
|
annotateOnce sync.Once
|
|
StabilityLevel StabilityLevel
|
|
initializeLabelAllowListsOnce sync.Once
|
|
LabelValueAllowLists *MetricLabelAllowList
|
|
}
|
|
|
|
// Modify help description on the metric description.
|
|
func (o *SummaryOpts) markDeprecated() {
|
|
o.deprecateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("(Deprecated since %v) %v", o.DeprecatedVersion, o.Help)
|
|
})
|
|
}
|
|
|
|
// annotateStabilityLevel annotates help description on the metric description with the stability level
|
|
// of the metric
|
|
func (o *SummaryOpts) annotateStabilityLevel() {
|
|
o.annotateOnce.Do(func() {
|
|
o.Help = fmt.Sprintf("[%v] %v", o.StabilityLevel, o.Help)
|
|
})
|
|
}
|
|
|
|
// Deprecated: DefObjectives will not be used as the default objectives in
|
|
// v1.0.0 of the library. The default Summary will have no quantiles then.
|
|
var (
|
|
defObjectives = map[float64]float64{0.5: 0.05, 0.9: 0.01, 0.99: 0.001}
|
|
)
|
|
|
|
// convenience function to allow easy transformation to the prometheus
|
|
// counterpart. This will do more once we have a proper label abstraction
|
|
func (o *SummaryOpts) toPromSummaryOpts() prometheus.SummaryOpts {
|
|
// we need to retain existing quantile behavior for backwards compatibility,
|
|
// so let's do what prometheus used to do prior to v1.
|
|
objectives := o.Objectives
|
|
if objectives == nil {
|
|
objectives = defObjectives
|
|
}
|
|
return prometheus.SummaryOpts{
|
|
Namespace: o.Namespace,
|
|
Subsystem: o.Subsystem,
|
|
Name: o.Name,
|
|
Help: o.Help,
|
|
ConstLabels: o.ConstLabels,
|
|
Objectives: objectives,
|
|
MaxAge: o.MaxAge,
|
|
AgeBuckets: o.AgeBuckets,
|
|
BufCap: o.BufCap,
|
|
}
|
|
}
|
|
|
|
type MetricLabelAllowList struct {
|
|
labelToAllowList map[string]sets.Set[string]
|
|
}
|
|
|
|
func (allowList *MetricLabelAllowList) ConstrainToAllowedList(labelNameList, labelValueList []string) {
|
|
for index, value := range labelValueList {
|
|
name := labelNameList[index]
|
|
if allowValues, ok := allowList.labelToAllowList[name]; ok {
|
|
if !allowValues.Has(value) {
|
|
labelValueList[index] = "unexpected"
|
|
cardinalityEnforcementUnexpectedCategorizationsTotal.Inc()
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func (allowList *MetricLabelAllowList) ConstrainLabelMap(labels map[string]string) {
|
|
for name, value := range labels {
|
|
if allowValues, ok := allowList.labelToAllowList[name]; ok {
|
|
if !allowValues.Has(value) {
|
|
labels[name] = "unexpected"
|
|
cardinalityEnforcementUnexpectedCategorizationsTotal.Inc()
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func SetLabelAllowListFromCLI(allowListMapping map[string]string) {
|
|
allowListLock.Lock()
|
|
defer allowListLock.Unlock()
|
|
for metricLabelName, labelValues := range allowListMapping {
|
|
metricName := strings.Split(metricLabelName, ",")[0]
|
|
labelName := strings.Split(metricLabelName, ",")[1]
|
|
valueSet := sets.New[string](strings.Split(labelValues, ",")...)
|
|
|
|
allowList, ok := labelValueAllowLists[metricName]
|
|
if ok {
|
|
allowList.labelToAllowList[labelName] = valueSet
|
|
} else {
|
|
labelToAllowList := make(map[string]sets.Set[string])
|
|
labelToAllowList[labelName] = valueSet
|
|
labelValueAllowLists[metricName] = &MetricLabelAllowList{
|
|
labelToAllowList,
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func SetLabelAllowListFromManifest(manifest string) {
|
|
allowListMapping := make(map[string]string)
|
|
data, err := os.ReadFile(filepath.Clean(manifest))
|
|
if err != nil {
|
|
klog.Errorf("Failed to read allow list manifest: %v", err)
|
|
return
|
|
}
|
|
err = yaml.Unmarshal(data, &allowListMapping)
|
|
if err != nil {
|
|
klog.Errorf("Failed to parse allow list manifest: %v", err)
|
|
return
|
|
}
|
|
SetLabelAllowListFromCLI(allowListMapping)
|
|
}
|