debian-mirror-gitlab/app/models/project_services/prometheus_service.rb

204 lines
5.6 KiB
Ruby
Raw Normal View History

2018-11-20 20:47:30 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
class PrometheusService < MonitoringService
2018-03-27 19:54:05 +05:30
include PrometheusAdapter
2017-08-17 22:00:37 +05:30
# Access to prometheus is directly through the API
prop_accessor :api_url
2020-06-23 00:09:42 +05:30
prop_accessor :google_iap_service_account_json
prop_accessor :google_iap_audience_client_id
2018-03-17 18:26:18 +05:30
boolean_accessor :manual_configuration
2017-08-17 22:00:37 +05:30
2019-12-26 22:10:19 +05:30
# We need to allow the self-monitoring project to connect to the internal
# Prometheus instance.
# Since the internal Prometheus instance is usually a localhost URL, we need
# to allow localhost URLs when the following conditions are true:
# 1. project is the self-monitoring project.
# 2. api_url is the internal Prometheus URL.
2020-04-22 19:07:51 +05:30
with_options presence: true do
validates :api_url, public_url: true, if: ->(object) { object.manual_configuration? && !object.allow_local_api_url? }
validates :api_url, url: true, if: ->(object) { object.manual_configuration? && object.allow_local_api_url? }
2017-08-17 22:00:37 +05:30
end
2018-03-27 19:54:05 +05:30
before_save :synchronize_service_state
2018-03-17 18:26:18 +05:30
2017-08-17 22:00:37 +05:30
after_save :clear_reactive_cache!
2020-01-01 13:55:28 +05:30
after_commit :track_events
2020-04-22 19:07:51 +05:30
after_create_commit :create_default_alerts
2020-07-28 23:09:34 +05:30
scope :preload_project, -> { preload(:project) }
scope :with_clusters_with_cilium, -> { joins(project: [:clusters]).merge(Clusters::Cluster.with_available_cilium) }
2017-08-17 22:00:37 +05:30
def initialize_properties
if properties.nil?
self.properties = {}
end
end
2018-03-17 18:26:18 +05:30
def show_active_box?
false
end
2017-08-17 22:00:37 +05:30
def title
'Prometheus'
end
def description
2021-04-17 20:07:23 +05:30
s_('PrometheusService|Monitor application health with Prometheus metrics and dashboards')
2017-08-17 22:00:37 +05:30
end
def self.to_param
'prometheus'
end
def fields
2020-07-28 23:09:34 +05:30
[
2018-03-17 18:26:18 +05:30
{
type: 'checkbox',
name: 'manual_configuration',
title: s_('PrometheusService|Active'),
2021-04-17 20:07:23 +05:30
help: s_('PrometheusService|Select this checkbox to override the auto configuration settings with your own settings.'),
2018-03-17 18:26:18 +05:30
required: true
},
2017-08-17 22:00:37 +05:30
{
type: 'text',
name: 'api_url',
title: 'API URL',
2021-04-17 20:07:23 +05:30
placeholder: s_('PrometheusService|https://prometheus.example.com/'),
help: s_('PrometheusService|The Prometheus API base URL.'),
2017-09-10 17:25:29 +05:30
required: true
2020-07-28 23:09:34 +05:30
},
{
type: 'text',
name: 'google_iap_audience_client_id',
title: 'Google IAP Audience Client ID',
2021-04-17 20:07:23 +05:30
placeholder: s_('PrometheusService|IAP_CLIENT_ID.apps.googleusercontent.com'),
help: s_('PrometheusService|PrometheusService|The ID of the IAP-secured resource.'),
2020-07-28 23:09:34 +05:30
autocomplete: 'off',
required: false
},
{
type: 'textarea',
name: 'google_iap_service_account_json',
title: 'Google IAP Service Account JSON',
2021-04-17 20:07:23 +05:30
placeholder: s_('PrometheusService|{ "type": "service_account", "project_id": ... }'),
help: s_('PrometheusService|The contents of the credentials.json file of your service account.'),
2020-07-28 23:09:34 +05:30
required: false
2017-08-17 22:00:37 +05:30
}
]
end
# Check we can connect to the Prometheus API
def test(*args)
2019-10-12 21:52:04 +05:30
prometheus_client.ping
2017-08-17 22:00:37 +05:30
{ success: true, result: 'Checked API endpoint' }
2018-03-27 19:54:05 +05:30
rescue Gitlab::PrometheusClient::Error => err
2017-08-17 22:00:37 +05:30
{ success: false, result: err }
end
2018-03-27 19:54:05 +05:30
def prometheus_client
2019-10-12 21:52:04 +05:30
return unless should_return_client?
2020-11-24 15:15:51 +05:30
options = prometheus_client_default_options.merge(
allow_local_requests: allow_local_api_url?
)
2020-06-23 00:09:42 +05:30
2020-07-28 23:09:34 +05:30
if behind_iap?
2020-06-23 00:09:42 +05:30
# Adds the Authorization header
options[:headers] = iap_client.apply({})
end
Gitlab::PrometheusClient.new(api_url, options)
2018-03-17 18:26:18 +05:30
end
2018-12-13 13:39:08 +05:30
def prometheus_available?
2018-03-17 18:26:18 +05:30
return false if template?
return false unless project
2020-04-08 14:13:33 +05:30
project.all_clusters.enabled.eager_load(:application_prometheus).any? do |cluster|
cluster.application_prometheus&.available?
end
2017-09-10 17:25:29 +05:30
end
2019-12-26 22:10:19 +05:30
def allow_local_api_url?
2020-04-22 19:07:51 +05:30
allow_local_requests_from_web_hooks_and_services? ||
(self_monitoring_project? && internal_prometheus_url?)
2019-12-26 22:10:19 +05:30
end
2020-01-01 13:55:28 +05:30
def configured?
should_return_client?
end
2017-09-10 17:25:29 +05:30
private
2019-12-26 22:10:19 +05:30
def self_monitoring_project?
2020-03-13 15:44:24 +05:30
project && project.id == current_settings.self_monitoring_project_id
2019-12-26 22:10:19 +05:30
end
def internal_prometheus_url?
api_url.present? && api_url == ::Gitlab::Prometheus::Internal.uri
end
2020-04-22 19:07:51 +05:30
def allow_local_requests_from_web_hooks_and_services?
current_settings.allow_local_requests_from_web_hooks_and_services?
end
2019-03-13 22:55:13 +05:30
def should_return_client?
2019-10-12 21:52:04 +05:30
api_url.present? && manual_configuration? && active? && valid?
2019-03-13 22:55:13 +05:30
end
2019-12-26 22:10:19 +05:30
def current_settings
Gitlab::CurrentSettings.current_application_settings
end
2018-03-27 19:54:05 +05:30
def synchronize_service_state
2018-12-13 13:39:08 +05:30
self.active = prometheus_available? || manual_configuration?
2018-03-17 18:26:18 +05:30
true
end
2020-01-01 13:55:28 +05:30
def track_events
if enabled_manual_prometheus?
Gitlab::Tracking.event('cluster:services:prometheus', 'enabled_manual_prometheus')
elsif disabled_manual_prometheus?
Gitlab::Tracking.event('cluster:services:prometheus', 'disabled_manual_prometheus')
end
true
end
def enabled_manual_prometheus?
manual_configuration_changed? && manual_configuration?
end
def disabled_manual_prometheus?
manual_configuration_changed? && !manual_configuration?
end
2020-04-22 19:07:51 +05:30
def create_default_alerts
return unless project_id
Prometheus::CreateDefaultAlertsWorker.perform_async(project_id)
end
2020-06-23 00:09:42 +05:30
def behind_iap?
manual_configuration? && google_iap_audience_client_id.present? && google_iap_service_account_json.present?
end
2021-02-11 23:33:58 +05:30
def clean_google_iap_service_account
return unless google_iap_service_account_json
google_iap_service_account_json
.then { |json| Gitlab::Json.parse(json) }
.except('token_credential_uri')
end
2020-06-23 00:09:42 +05:30
def iap_client
2021-02-11 23:33:58 +05:30
@iap_client ||= Google::Auth::Credentials
.new(clean_google_iap_service_account, target_audience: google_iap_audience_client_id)
.client
2020-06-23 00:09:42 +05:30
end
2017-08-17 22:00:37 +05:30
end