Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Metrics should be exposed over secure channel #24803

Merged
merged 1 commit into from Apr 2, 2020
Merged

Metrics should be exposed over secure channel #24803

merged 1 commit into from Apr 2, 2020

Conversation

paulfantom
Copy link
Contributor

as in title

@openshift-ci-robot openshift-ci-robot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Mar 31, 2020
@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 31, 2020
@paulfantom paulfantom changed the title WIP: Metrics should be exposed over secure channel Metrics should be exposed over secure channel Apr 1, 2020
@openshift-ci-robot openshift-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 1, 2020
lilic
lilic reviewed Apr 1, 2020
View reviewed changes
Copy link
Contributor

@lilic lilic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Couple of comments.

test/extended/prometheus/prometheus.go
@@ -230,6 +230,44 @@ var _ = g.Describe("[sig-instrumentation] Prometheus", func() {
}
return true, nil
})).NotTo(o.HaveOccurred(), "possibly some services didn't register ServiceMonitors to allow metrics collection")

g.By("verifying all targets are exposing metrics over secure channel")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right above there is a line that says:

// TODO: should probably be https

Should that now be https with this PR, or do we just remove that at least for CVO, as it checks the targets page as well

verifying all expected jobs have a working target

Copy link
Contributor Author

@paulfantom paulfantom Apr 2, 2020
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They should be https and some of them already are, but not all (crio, cvo) expose metrics over https as of now. So that "TODO" is still valid.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also that test should stay as it checks for some crucial targets to be up.

test/extended/prometheus/prometheus.go
o.Expect(err).NotTo(o.HaveOccurred())

// Currently following targets do not secure their /metrics endpoints:
// job="cco-metrics" - https://bugzilla.redhat.com/show_bug.cgi?id=1809194
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we leave a note in the bugzillas to remove themselves from this list after they merge their PRs?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I plan on doing that after this is merged.

@paulfantom
Copy link
Contributor Author

/retest

@paulfantom
Copy link
Contributor Author

/test verify

@lilic
Copy link
Contributor

lilic commented Apr 2, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 2, 2020
@openshift-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lilic, paulfantom

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

2 similar comments
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot openshift-merge-robot merged commit 9a0f749 into openshift:master Apr 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lilic lilic lilic left review comments

@metalmatze metalmatze Awaiting requested review from metalmatze

@s-urbaniak s-urbaniak Awaiting requested review from s-urbaniak

Assignees

@lilic lilic

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@paulfantom @lilic @openshift-ci-robot @openshift-bot @openshift-merge-robot