2018-08-10 06:45:01 +00:00
# frozen_string_literal: true
2017-03-07 16:57:42 +00:00
class PrometheusService < MonitoringService
2018-02-23 20:33:33 +00:00
include PrometheusAdapter
2017-03-07 16:57:42 +00:00
# Access to prometheus is directly through the API
prop_accessor :api_url
2020-06-04 21:08:11 +00:00
prop_accessor :google_iap_service_account_json
prop_accessor :google_iap_audience_client_id
2018-01-02 21:40:03 +00:00
boolean_accessor :manual_configuration
2017-03-07 16:57:42 +00:00
2019-11-05 15:06:17 +00:00
# We need to allow the self-monitoring project to connect to the internal
# Prometheus instance.
# Since the internal Prometheus instance is usually a localhost URL, we need
# to allow localhost URLs when the following conditions are true:
# 1. project is the self-monitoring project.
# 2. api_url is the internal Prometheus URL.
2020-04-07 12:09:34 +00:00
with_options presence : true do
validates :api_url , public_url : true , if : - > ( object ) { object . manual_configuration? && ! object . allow_local_api_url? }
validates :api_url , url : true , if : - > ( object ) { object . manual_configuration? && object . allow_local_api_url? }
2017-03-07 16:57:42 +00:00
end
2018-02-24 00:06:08 +00:00
before_save :synchronize_service_state
2018-01-02 21:40:03 +00:00
2017-03-07 16:57:42 +00:00
after_save :clear_reactive_cache!
2019-11-22 15:06:39 +00:00
after_commit :track_events
2020-04-08 15:09:29 +00:00
after_create_commit :create_default_alerts
2020-07-14 09:09:02 +00:00
scope :preload_project , - > { preload ( :project ) }
scope :with_clusters_with_cilium , - > { joins ( project : [ :clusters ] ) . merge ( Clusters :: Cluster . with_available_cilium ) }
2017-03-07 16:57:42 +00:00
def initialize_properties
if properties . nil?
2018-01-04 16:11:39 +00:00
self . properties = { }
2017-03-07 16:57:42 +00:00
end
end
2018-01-02 21:40:03 +00:00
def show_active_box?
false
end
2017-03-07 16:57:42 +00:00
def title
'Prometheus'
end
def description
2018-01-31 21:22:03 +00:00
s_ ( 'PrometheusService|Time-series monitoring service' )
2017-03-07 16:57:42 +00:00
end
def self . to_param
'prometheus'
end
def fields
2020-06-04 21:08:11 +00:00
result = [
2018-01-04 16:11:39 +00:00
{
2018-01-31 21:55:47 +00:00
type : 'checkbox' ,
2018-01-30 10:28:20 +00:00
name : 'manual_configuration' ,
2018-01-31 21:55:47 +00:00
title : s_ ( 'PrometheusService|Active' ) ,
required : true
2018-01-02 21:40:03 +00:00
} ,
2017-03-07 16:57:42 +00:00
{
type : 'text' ,
name : 'api_url' ,
title : 'API URL' ,
2017-11-15 08:42:37 +00:00
placeholder : s_ ( 'PrometheusService|Prometheus API Base URL, like http://prometheus.example.com/' ) ,
2017-05-22 10:07:12 +00:00
required : true
2017-03-07 16:57:42 +00:00
}
]
2020-06-04 21:08:11 +00:00
if Feature . enabled? ( :prometheus_service_iap_auth )
result += [
{
type : 'text' ,
name : 'google_iap_audience_client_id' ,
title : 'Google IAP Audience Client ID' ,
placeholder : s_ ( 'PrometheusService|Client ID of the IAP secured resource (looks like IAP_CLIENT_ID.apps.googleusercontent.com)' ) ,
2020-06-11 09:08:16 +00:00
autocomplete : 'off' ,
2020-06-04 21:08:11 +00:00
required : false
} ,
{
type : 'textarea' ,
name : 'google_iap_service_account_json' ,
title : 'Google IAP Service Account JSON' ,
placeholder : s_ ( 'PrometheusService|Contents of the credentials.json file of your service account, like: { "type": "service_account", "project_id": ... }' ) ,
required : false
}
]
end
result
2017-03-07 16:57:42 +00:00
end
# Check we can connect to the Prometheus API
def test ( * args )
2019-08-07 02:42:20 +00:00
prometheus_client . ping
2017-03-07 16:57:42 +00:00
{ success : true , result : 'Checked API endpoint' }
2018-02-23 17:58:40 +00:00
rescue Gitlab :: PrometheusClient :: Error = > err
2017-03-07 16:57:42 +00:00
{ success : false , result : err }
end
2018-02-23 20:33:33 +00:00
def prometheus_client
2019-08-07 02:42:20 +00:00
return unless should_return_client?
2020-06-04 21:08:11 +00:00
options = { allow_local_requests : allow_local_api_url? }
if Feature . enabled? ( :prometheus_service_iap_auth ) && behind_iap?
# Adds the Authorization header
options [ :headers ] = iap_client . apply ( { } )
end
Gitlab :: PrometheusClient . new ( api_url , options )
2018-01-02 19:24:12 +00:00
end
2018-10-15 09:03:15 +00:00
def prometheus_available?
2020-02-11 18:08:58 +00:00
return false if template?
2018-02-07 00:53:18 +00:00
return false unless project
2018-01-30 10:35:30 +00:00
2020-03-05 21:08:13 +00:00
project . all_clusters . enabled . eager_load ( :application_prometheus ) . any? do | cluster |
cluster . application_prometheus & . available?
end
2018-01-04 01:45:57 +00:00
end
2019-11-05 15:06:17 +00:00
def allow_local_api_url?
2020-03-25 09:08:11 +00:00
allow_local_requests_from_web_hooks_and_services? ||
( self_monitoring_project? && internal_prometheus_url? )
2019-11-05 15:06:17 +00:00
end
2019-12-06 03:08:02 +00:00
def configured?
should_return_client?
end
2018-01-02 20:42:24 +00:00
private
2019-11-05 15:06:17 +00:00
def self_monitoring_project?
2020-01-28 15:08:36 +00:00
project && project . id == current_settings . self_monitoring_project_id
2019-11-05 15:06:17 +00:00
end
def internal_prometheus_url?
api_url . present? && api_url == :: Gitlab :: Prometheus :: Internal . uri
end
2020-03-25 09:08:11 +00:00
def allow_local_requests_from_web_hooks_and_services?
current_settings . allow_local_requests_from_web_hooks_and_services?
end
2019-03-04 18:36:43 +00:00
def should_return_client?
2019-08-07 02:42:20 +00:00
api_url . present? && manual_configuration? && active? && valid?
2019-03-04 18:36:43 +00:00
end
2019-11-05 15:06:17 +00:00
def current_settings
Gitlab :: CurrentSettings . current_application_settings
end
2018-02-24 00:06:08 +00:00
def synchronize_service_state
2018-10-15 09:03:15 +00:00
self . active = prometheus_available? || manual_configuration?
2018-01-04 01:45:57 +00:00
true
2018-01-02 21:40:03 +00:00
end
2019-11-22 15:06:39 +00:00
def track_events
if enabled_manual_prometheus?
Gitlab :: Tracking . event ( 'cluster:services:prometheus' , 'enabled_manual_prometheus' )
elsif disabled_manual_prometheus?
Gitlab :: Tracking . event ( 'cluster:services:prometheus' , 'disabled_manual_prometheus' )
end
true
end
def enabled_manual_prometheus?
manual_configuration_changed? && manual_configuration?
end
def disabled_manual_prometheus?
manual_configuration_changed? && ! manual_configuration?
end
2020-04-08 15:09:29 +00:00
def create_default_alerts
return unless project_id
2020-04-14 03:09:39 +00:00
Prometheus :: CreateDefaultAlertsWorker . perform_async ( project_id )
2020-04-08 15:09:29 +00:00
end
2020-06-04 21:08:11 +00:00
def behind_iap?
manual_configuration? && google_iap_audience_client_id . present? && google_iap_service_account_json . present?
end
def iap_client
@iap_client || = Google :: Auth :: Credentials . new ( Gitlab :: Json . parse ( google_iap_service_account_json ) , target_audience : google_iap_audience_client_id ) . client
end
2017-03-07 16:57:42 +00:00
end