esmetrics.go 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. /*
  2. Copyright © 2025 ESO Maintainer Team
  3. Licensed under the Apache License, Version 2.0 (the "License");
  4. you may not use this file except in compliance with the License.
  5. You may obtain a copy of the License at
  6. https://www.apache.org/licenses/LICENSE-2.0
  7. Unless required by applicable law or agreed to in writing, software
  8. distributed under the License is distributed on an "AS IS" BASIS,
  9. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  10. See the License for the specific language governing permissions and
  11. limitations under the License.
  12. */
  13. // Package esmetrics provides metrics functionality for the ExternalSecret controller
  14. package esmetrics
  15. import (
  16. "github.com/prometheus/client_golang/prometheus"
  17. v1 "k8s.io/api/core/v1"
  18. "sigs.k8s.io/controller-runtime/pkg/metrics"
  19. esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
  20. ctrlmetrics "github.com/external-secrets/external-secrets/pkg/controllers/metrics"
  21. )
  22. const (
  23. // ExternalSecretSubsystem is the subsystem for the external-secret controller.
  24. ExternalSecretSubsystem = "externalsecret"
  25. // SyncCallsKey is the metric key for sync calls.
  26. SyncCallsKey = "sync_calls_total"
  27. // SyncCallsErrorKey is the metric key for sync call errors.
  28. SyncCallsErrorKey = "sync_calls_error"
  29. // ExternalSecretStatusConditionKey is the metric key for the external secret status condition.
  30. ExternalSecretStatusConditionKey = "status_condition"
  31. // ExternalSecretReconcileDurationKey is the metric key for the external secret reconcile duration.
  32. ExternalSecretReconcileDurationKey = "reconcile_duration"
  33. )
  34. var counterVecMetrics = map[string]*prometheus.CounterVec{}
  35. var gaugeVecMetrics = map[string]*prometheus.GaugeVec{}
  36. // SetUpMetrics is called at the root to set-up the metric logic using the
  37. // config flags provided.
  38. func SetUpMetrics() {
  39. // Obtain the prometheus metrics and register
  40. syncCallsTotal := prometheus.NewCounterVec(prometheus.CounterOpts{
  41. Subsystem: ExternalSecretSubsystem,
  42. Name: SyncCallsKey,
  43. Help: "Total number of the External Secret sync calls",
  44. }, ctrlmetrics.NonConditionMetricLabelNames)
  45. syncCallsError := prometheus.NewCounterVec(prometheus.CounterOpts{
  46. Subsystem: ExternalSecretSubsystem,
  47. Name: SyncCallsErrorKey,
  48. Help: "Total number of the External Secret sync errors",
  49. }, ctrlmetrics.NonConditionMetricLabelNames)
  50. externalSecretCondition := prometheus.NewGaugeVec(prometheus.GaugeOpts{
  51. Subsystem: ExternalSecretSubsystem,
  52. Name: ExternalSecretStatusConditionKey,
  53. Help: "The status condition of a specific External Secret",
  54. }, ctrlmetrics.ConditionMetricLabelNames)
  55. externalSecretReconcileDuration := prometheus.NewGaugeVec(prometheus.GaugeOpts{
  56. Subsystem: ExternalSecretSubsystem,
  57. Name: ExternalSecretReconcileDurationKey,
  58. Help: "The duration time to reconcile the External Secret",
  59. }, ctrlmetrics.NonConditionMetricLabelNames)
  60. metrics.Registry.MustRegister(syncCallsTotal, syncCallsError, externalSecretCondition, externalSecretReconcileDuration)
  61. counterVecMetrics = map[string]*prometheus.CounterVec{
  62. SyncCallsKey: syncCallsTotal,
  63. SyncCallsErrorKey: syncCallsError,
  64. }
  65. gaugeVecMetrics = map[string]*prometheus.GaugeVec{
  66. ExternalSecretStatusConditionKey: externalSecretCondition,
  67. ExternalSecretReconcileDurationKey: externalSecretReconcileDuration,
  68. }
  69. }
  70. // UpdateExternalSecretCondition is a function that updates the condition of an external secret.
  71. func UpdateExternalSecretCondition(es *esv1.ExternalSecret, condition *esv1.ExternalSecretStatusCondition, value float64) {
  72. esInfo := make(map[string]string)
  73. esInfo["name"] = es.Name
  74. esInfo["namespace"] = es.Namespace
  75. for k, v := range es.Labels {
  76. esInfo[k] = v
  77. }
  78. conditionLabels := ctrlmetrics.RefineConditionMetricLabels(esInfo)
  79. externalSecretCondition := GetGaugeVec(ExternalSecretStatusConditionKey)
  80. // this allows us to delete metrics even when other labels (like helm annotations) have changed
  81. baseLabels := prometheus.Labels{
  82. "name": es.Name,
  83. "namespace": es.Namespace,
  84. }
  85. switch condition.Type {
  86. case esv1.ExternalSecretDeleted:
  87. // Remove condition=Ready metrics when the object gets deleted.
  88. baseLabels["condition"] = string(esv1.ExternalSecretReady)
  89. baseLabels["status"] = string(v1.ConditionFalse)
  90. externalSecretCondition.DeletePartialMatch(baseLabels)
  91. baseLabels["status"] = string(v1.ConditionTrue)
  92. externalSecretCondition.DeletePartialMatch(baseLabels)
  93. delete(baseLabels, "condition")
  94. delete(baseLabels, "status")
  95. case esv1.ExternalSecretReady:
  96. // Remove condition=Deleted metrics when the object gets ready.
  97. baseLabels["condition"] = string(esv1.ExternalSecretDeleted)
  98. baseLabels["status"] = string(v1.ConditionFalse)
  99. externalSecretCondition.DeletePartialMatch(baseLabels)
  100. baseLabels["status"] = string(v1.ConditionTrue)
  101. externalSecretCondition.DeletePartialMatch(baseLabels)
  102. delete(baseLabels, "condition")
  103. delete(baseLabels, "status")
  104. // Toggle opposite Status to 0, but first delete any stale metrics with old labels
  105. switch condition.Status {
  106. case v1.ConditionFalse:
  107. // delete any existing metrics with status True (regardless of other labels)
  108. // condition is fixed to ExternalSecretReady because other statuses were already handled above.
  109. baseLabels["condition"] = string(esv1.ExternalSecretReady)
  110. baseLabels["status"] = string(v1.ConditionTrue)
  111. externalSecretCondition.DeletePartialMatch(baseLabels)
  112. delete(baseLabels, "condition")
  113. delete(baseLabels, "status")
  114. // Set the metric with current labels
  115. externalSecretCondition.With(ctrlmetrics.RefineLabels(conditionLabels,
  116. map[string]string{
  117. "condition": string(esv1.ExternalSecretReady),
  118. "status": string(v1.ConditionTrue),
  119. })).Set(0)
  120. case v1.ConditionTrue:
  121. // delete any existing metrics with status False (regardless of other labels)
  122. baseLabels["condition"] = string(esv1.ExternalSecretReady)
  123. baseLabels["status"] = string(v1.ConditionFalse)
  124. externalSecretCondition.DeletePartialMatch(baseLabels)
  125. delete(baseLabels, "condition")
  126. delete(baseLabels, "status")
  127. // finally, set the metric with current labels
  128. externalSecretCondition.With(ctrlmetrics.RefineLabels(conditionLabels,
  129. map[string]string{
  130. "condition": string(esv1.ExternalSecretReady),
  131. "status": string(v1.ConditionFalse),
  132. })).Set(0)
  133. case v1.ConditionUnknown:
  134. break
  135. default:
  136. break
  137. }
  138. default:
  139. break
  140. }
  141. externalSecretCondition.With(ctrlmetrics.RefineLabels(conditionLabels,
  142. map[string]string{
  143. "condition": string(condition.Type),
  144. "status": string(condition.Status),
  145. })).Set(value)
  146. }
  147. // GetCounterVec returns the counter vec for the given key.
  148. func GetCounterVec(key string) *prometheus.CounterVec {
  149. return counterVecMetrics[key]
  150. }
  151. // GetGaugeVec returns the gauge vec for the given key.
  152. func GetGaugeVec(key string) *prometheus.GaugeVec {
  153. return gaugeVecMetrics[key]
  154. }