debian-mirror-gitlab/app/services/projects/prometheus/alerts/notify_service.rb

166 lines
4.8 KiB
Ruby
Raw Normal View History

2020-04-22 19:07:51 +05:30
# frozen_string_literal: true
module Projects
module Prometheus
module Alerts
class NotifyService < BaseService
include Gitlab::Utils::StrongMemoize
2020-07-28 23:09:34 +05:30
include ::IncidentManagement::Settings
2020-04-22 19:07:51 +05:30
2020-06-23 00:09:42 +05:30
# This set of keys identifies a payload as a valid Prometheus
# payload and thus processable by this service. See also
# https://prometheus.io/docs/alerting/configuration/#webhook_config
REQUIRED_PAYLOAD_KEYS = %w[
version groupKey status receiver groupLabels commonLabels
commonAnnotations externalURL alerts
].to_set.freeze
SUPPORTED_VERSION = '4'
2020-04-22 19:07:51 +05:30
def execute(token)
return bad_request unless valid_payload_size?
2020-06-23 00:09:42 +05:30
return unprocessable_entity unless self.class.processable?(params)
2020-04-22 19:07:51 +05:30
return unauthorized unless valid_alert_manager_token?(token)
2020-05-24 23:13:21 +05:30
process_prometheus_alerts
2020-04-22 19:07:51 +05:30
send_alert_email if send_email?
ServiceResponse.success
end
2020-06-23 00:09:42 +05:30
def self.processable?(params)
# Workaround for https://gitlab.com/gitlab-org/gitlab/-/issues/220496
return false unless params
REQUIRED_PAYLOAD_KEYS.subset?(params.keys.to_set) &&
params['version'] == SUPPORTED_VERSION
end
2020-04-22 19:07:51 +05:30
private
def valid_payload_size?
Gitlab::Utils::DeepSize.new(params).valid?
end
def firings
@firings ||= alerts_by_status('firing')
end
def alerts_by_status(status)
alerts.select { |alert| alert['status'] == status }
end
def alerts
params['alerts']
end
def valid_alert_manager_token?(token)
2020-06-23 00:09:42 +05:30
valid_for_manual?(token) ||
valid_for_alerts_endpoint?(token) ||
valid_for_managed?(token)
2020-04-22 19:07:51 +05:30
end
def valid_for_manual?(token)
prometheus = project.find_or_initialize_service('prometheus')
return false unless prometheus.manual_configuration?
if setting = project.alerting_setting
compare_token(token, setting.token)
else
token.nil?
end
end
2020-06-23 00:09:42 +05:30
def valid_for_alerts_endpoint?(token)
return false unless project.alerts_service_activated?
# Here we are enforcing the existence of the token
compare_token(token, project.alerts_service.token)
end
2020-04-22 19:07:51 +05:30
def valid_for_managed?(token)
prometheus_application = available_prometheus_application(project)
return false unless prometheus_application
if token
compare_token(token, prometheus_application.alert_manager_token)
else
prometheus_application.alert_manager_token.nil?
end
end
def available_prometheus_application(project)
alert_id = gitlab_alert_id
return unless alert_id
alert = find_alert(project, alert_id)
return unless alert
cluster = alert.environment.deployment_platform&.cluster
return unless cluster&.enabled?
return unless cluster.application_prometheus_available?
cluster.application_prometheus
end
def find_alert(project, metric)
Projects::Prometheus::AlertsFinder
.new(project: project, metric: metric)
.execute
.first
end
def gitlab_alert_id
alerts&.first&.dig('labels', 'gitlab_alert_id')
end
def compare_token(expected, actual)
return unless expected && actual
ActiveSupport::SecurityUtils.secure_compare(expected, actual)
end
def send_alert_email
2020-10-24 23:57:45 +05:30
return unless firings.any?
2020-04-22 19:07:51 +05:30
notification_service
.async
2021-01-03 14:25:43 +05:30
.prometheus_alerts_fired(project, alerts_attributes)
2020-04-22 19:07:51 +05:30
end
2020-05-24 23:13:21 +05:30
def process_prometheus_alerts
alerts.each do |alert|
AlertManagement::ProcessPrometheusAlertService
.new(project, nil, alert.to_h)
.execute
end
end
2021-01-03 14:25:43 +05:30
def alerts_attributes
firings.map do |payload|
alert_params = Gitlab::AlertManagement::Payload.parse(
project,
payload,
monitoring_tool: Gitlab::AlertManagement::Payload::MONITORING_TOOLS[:prometheus]
).alert_params
AlertManagement::Alert.new(alert_params).attributes
end
end
2020-04-22 19:07:51 +05:30
def bad_request
ServiceResponse.error(message: 'Bad Request', http_status: :bad_request)
end
def unauthorized
ServiceResponse.error(message: 'Unauthorized', http_status: :unauthorized)
end
def unprocessable_entity
ServiceResponse.error(message: 'Unprocessable Entity', http_status: :unprocessable_entity)
end
end
end
end
end