2018-11-20 20:47:30 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
class PrometheusService < MonitoringService
2018-03-27 19:54:05 +05:30
include PrometheusAdapter
2017-08-17 22:00:37 +05:30
# Access to prometheus is directly through the API
prop_accessor :api_url
2020-06-23 00:09:42 +05:30
prop_accessor :google_iap_service_account_json
prop_accessor :google_iap_audience_client_id
2018-03-17 18:26:18 +05:30
boolean_accessor :manual_configuration
2017-08-17 22:00:37 +05:30
2019-12-26 22:10:19 +05:30
# We need to allow the self-monitoring project to connect to the internal
# Prometheus instance.
# Since the internal Prometheus instance is usually a localhost URL, we need
# to allow localhost URLs when the following conditions are true:
# 1. project is the self-monitoring project.
# 2. api_url is the internal Prometheus URL.
2020-04-22 19:07:51 +05:30
with_options presence : true do
validates :api_url , public_url : true , if : - > ( object ) { object . manual_configuration? && ! object . allow_local_api_url? }
validates :api_url , url : true , if : - > ( object ) { object . manual_configuration? && object . allow_local_api_url? }
2017-08-17 22:00:37 +05:30
end
2018-03-27 19:54:05 +05:30
before_save :synchronize_service_state
2018-03-17 18:26:18 +05:30
2017-08-17 22:00:37 +05:30
after_save :clear_reactive_cache!
2020-01-01 13:55:28 +05:30
after_commit :track_events
2020-04-22 19:07:51 +05:30
after_create_commit :create_default_alerts
2020-07-28 23:09:34 +05:30
scope :preload_project , - > { preload ( :project ) }
scope :with_clusters_with_cilium , - > { joins ( project : [ :clusters ] ) . merge ( Clusters :: Cluster . with_available_cilium ) }
2017-08-17 22:00:37 +05:30
def initialize_properties
if properties . nil?
self . properties = { }
end
end
2018-03-17 18:26:18 +05:30
def show_active_box?
false
end
2017-08-17 22:00:37 +05:30
def title
'Prometheus'
end
def description
2018-03-17 18:26:18 +05:30
s_ ( 'PrometheusService|Time-series monitoring service' )
2017-08-17 22:00:37 +05:30
end
def self . to_param
'prometheus'
end
def fields
2020-07-28 23:09:34 +05:30
[
2018-03-17 18:26:18 +05:30
{
type : 'checkbox' ,
name : 'manual_configuration' ,
title : s_ ( 'PrometheusService|Active' ) ,
required : true
} ,
2017-08-17 22:00:37 +05:30
{
type : 'text' ,
name : 'api_url' ,
title : 'API URL' ,
2018-03-17 18:26:18 +05:30
placeholder : s_ ( 'PrometheusService|Prometheus API Base URL, like http://prometheus.example.com/' ) ,
2017-09-10 17:25:29 +05:30
required : true
2020-07-28 23:09:34 +05:30
} ,
{
type : 'text' ,
name : 'google_iap_audience_client_id' ,
title : 'Google IAP Audience Client ID' ,
placeholder : s_ ( 'PrometheusService|Client ID of the IAP secured resource (looks like IAP_CLIENT_ID.apps.googleusercontent.com)' ) ,
autocomplete : 'off' ,
required : false
} ,
{
type : 'textarea' ,
name : 'google_iap_service_account_json' ,
title : 'Google IAP Service Account JSON' ,
placeholder : s_ ( 'PrometheusService|Contents of the credentials.json file of your service account, like: { "type": "service_account", "project_id": ... }' ) ,
required : false
2017-08-17 22:00:37 +05:30
}
]
end
# Check we can connect to the Prometheus API
def test ( * args )
2019-10-12 21:52:04 +05:30
prometheus_client . ping
2017-08-17 22:00:37 +05:30
{ success : true , result : 'Checked API endpoint' }
2018-03-27 19:54:05 +05:30
rescue Gitlab :: PrometheusClient :: Error = > err
2017-08-17 22:00:37 +05:30
{ success : false , result : err }
end
2018-03-27 19:54:05 +05:30
def prometheus_client
2019-10-12 21:52:04 +05:30
return unless should_return_client?
2020-10-24 23:57:45 +05:30
options = {
allow_local_requests : allow_local_api_url? ,
# We should choose more conservative timeouts, but some queries we run are now busting our
# default timeouts, which are stricter. We should make those queries faster instead.
# See https://gitlab.com/gitlab-org/gitlab/-/issues/233109
timeout : 60
}
2020-06-23 00:09:42 +05:30
2020-07-28 23:09:34 +05:30
if behind_iap?
2020-06-23 00:09:42 +05:30
# Adds the Authorization header
options [ :headers ] = iap_client . apply ( { } )
end
Gitlab :: PrometheusClient . new ( api_url , options )
2018-03-17 18:26:18 +05:30
end
2018-12-13 13:39:08 +05:30
def prometheus_available?
2018-03-17 18:26:18 +05:30
return false if template?
return false unless project
2020-04-08 14:13:33 +05:30
project . all_clusters . enabled . eager_load ( :application_prometheus ) . any? do | cluster |
cluster . application_prometheus & . available?
end
2017-09-10 17:25:29 +05:30
end
2019-12-26 22:10:19 +05:30
def allow_local_api_url?
2020-04-22 19:07:51 +05:30
allow_local_requests_from_web_hooks_and_services? ||
( self_monitoring_project? && internal_prometheus_url? )
2019-12-26 22:10:19 +05:30
end
2020-01-01 13:55:28 +05:30
def configured?
should_return_client?
end
2017-09-10 17:25:29 +05:30
private
2019-12-26 22:10:19 +05:30
def self_monitoring_project?
2020-03-13 15:44:24 +05:30
project && project . id == current_settings . self_monitoring_project_id
2019-12-26 22:10:19 +05:30
end
def internal_prometheus_url?
api_url . present? && api_url == :: Gitlab :: Prometheus :: Internal . uri
end
2020-04-22 19:07:51 +05:30
def allow_local_requests_from_web_hooks_and_services?
current_settings . allow_local_requests_from_web_hooks_and_services?
end
2019-03-13 22:55:13 +05:30
def should_return_client?
2019-10-12 21:52:04 +05:30
api_url . present? && manual_configuration? && active? && valid?
2019-03-13 22:55:13 +05:30
end
2019-12-26 22:10:19 +05:30
def current_settings
Gitlab :: CurrentSettings . current_application_settings
end
2018-03-27 19:54:05 +05:30
def synchronize_service_state
2018-12-13 13:39:08 +05:30
self . active = prometheus_available? || manual_configuration?
2018-03-17 18:26:18 +05:30
true
end
2020-01-01 13:55:28 +05:30
def track_events
if enabled_manual_prometheus?
Gitlab :: Tracking . event ( 'cluster:services:prometheus' , 'enabled_manual_prometheus' )
elsif disabled_manual_prometheus?
Gitlab :: Tracking . event ( 'cluster:services:prometheus' , 'disabled_manual_prometheus' )
end
true
end
def enabled_manual_prometheus?
manual_configuration_changed? && manual_configuration?
end
def disabled_manual_prometheus?
manual_configuration_changed? && ! manual_configuration?
end
2020-04-22 19:07:51 +05:30
def create_default_alerts
return unless project_id
Prometheus :: CreateDefaultAlertsWorker . perform_async ( project_id )
end
2020-06-23 00:09:42 +05:30
def behind_iap?
manual_configuration? && google_iap_audience_client_id . present? && google_iap_service_account_json . present?
end
def iap_client
@iap_client || = Google :: Auth :: Credentials . new ( Gitlab :: Json . parse ( google_iap_service_account_json ) , target_audience : google_iap_audience_client_id ) . client
end
2017-08-17 22:00:37 +05:30
end