Skip to content

Commit

Permalink
add sts error metric
Browse files Browse the repository at this point in the history
Signed-off-by: Jyoti Mahapatra <[email protected]>
  • Loading branch information
jyotimahapatra committed Feb 11, 2022
1 parent 9eed6f9 commit 9c0f042
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 3 deletions.
22 changes: 19 additions & 3 deletions pkg/metrics/metrics.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ const (
var authenticatorMetrics Metrics

func InitMetrics(registerer prometheus.Registerer) {
authenticatorMetrics = CreateMetrics(registerer)
authenticatorMetrics = createMetrics(registerer)
}

func Get() Metrics {
Expand All @@ -27,11 +27,13 @@ func Get() Metrics {
// Metrics are handles to the collectors for prometheus for the various metrics we are tracking.
type Metrics struct {
ConfigMapWatchFailures prometheus.Counter
Latency *prometheus.HistogramVec
EC2DescribeInstanceCallCount prometheus.Counter
Latency *prometheus.HistogramVec
StsConnectionFailure prometheus.Counter
StsResponses *prometheus.CounterVec
}

func CreateMetrics(reg prometheus.Registerer) Metrics {
func createMetrics(reg prometheus.Registerer) Metrics {
factory := promauto.With(reg)

return Metrics{
Expand All @@ -42,6 +44,20 @@ func CreateMetrics(reg prometheus.Registerer) Metrics {
Help: "EKS Configmap watch failures",
},
),
StsConnectionFailure: factory.NewCounter(
prometheus.CounterOpts{
Namespace: Namespace,
Name: "sts_connection_failures_total",
Help: "Sts call could not succeed or timedout",
},
),
StsResponses: factory.NewCounterVec(
prometheus.CounterOpts{
Namespace: Namespace,
Name: "sts_responses_total",
Help: "Sts responses with error code label",
}, []string{"ResponseCode"},
),
Latency: factory.NewHistogramVec(
prometheus.HistogramOpts{
Namespace: Namespace,
Expand Down
3 changes: 3 additions & 0 deletions pkg/token/token.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ import (
clientauthv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
"sigs.k8s.io/aws-iam-authenticator/pkg"
"sigs.k8s.io/aws-iam-authenticator/pkg/arn"
"sigs.k8s.io/aws-iam-authenticator/pkg/metrics"
)

// Identity is returned on successful Verify() results. It contains a parsed
Expand Down Expand Up @@ -510,6 +511,7 @@ func (v tokenVerifier) Verify(token string) (*Identity, error) {

response, err := v.client.Do(req)
if err != nil {
metrics.Get().StsConnectionFailure.Inc()
// special case to avoid printing the full URL if possible
if urlErr, ok := err.(*url.Error); ok {
return nil, NewSTSError(fmt.Sprintf("error during GET: %v", urlErr.Err))
Expand All @@ -523,6 +525,7 @@ func (v tokenVerifier) Verify(token string) (*Identity, error) {
return nil, NewSTSError(fmt.Sprintf("error reading HTTP result: %v", err))
}

metrics.Get().StsResponses.WithLabelValues(fmt.Sprint(response.StatusCode)).Inc()
if response.StatusCode != 200 {
return nil, NewSTSError(fmt.Sprintf("error from AWS (expected 200, got %d). Body: %s", response.StatusCode, string(responseBody[:])))
}
Expand Down
8 changes: 8 additions & 0 deletions pkg/token/token_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,16 @@ import (
"strings"
"testing"
"time"

"github.com/prometheus/client_golang/prometheus"
"sigs.k8s.io/aws-iam-authenticator/pkg/metrics"
)

func TestMain(m *testing.M) {
metrics.InitMetrics(prometheus.NewRegistry())
m.Run()
}

func validationErrorTest(t *testing.T, partition string, token string, expectedErr string) {
t.Helper()

Expand Down

0 comments on commit 9c0f042

Please sign in to comment.