From ac4951ba951ffd35e9c9cf7efa6a054f15124c27 Mon Sep 17 00:00:00 2001 From: Quentin Bisson Date: Wed, 26 Jun 2024 09:00:25 +0200 Subject: [PATCH] add-extra-pint-validations (#1269) --- CHANGELOG.md | 1 + .../management-cluster.rules.yml | 4 +-- test/conf/pint/pint-all.hcl | 9 +++++- test/conf/pint/pint-config.hcl | 32 +++++++++++++++++++ 4 files changed, 43 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d8e100916..2ba69bde8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Renamed alert `DeploymentNotSatisfiedCrossplane` to `CrossplaneDeploymentNotSatisfied` - Renamed alert `DeploymentNotSatisfiedExternalSecrets` to `ExternalSecretsDeploymentNotSatisfied` - Renamed alert `DeploymentNotSatisfiedFlux` to `FluxDeploymentNotSatisfied` +- Add extra pint validations. ## [4.3.5] - 2024-06-24 diff --git a/helm/prometheus-rules/templates/kaas/turtles/alerting-rules/management-cluster.rules.yml b/helm/prometheus-rules/templates/kaas/turtles/alerting-rules/management-cluster.rules.yml index 68f072ef1..4705694e7 100644 --- a/helm/prometheus-rules/templates/kaas/turtles/alerting-rules/management-cluster.rules.yml +++ b/helm/prometheus-rules/templates/kaas/turtles/alerting-rules/management-cluster.rules.yml @@ -42,7 +42,7 @@ spec: expr: avg_over_time(aggregation:kubernetes:pod_resource_requests_cpu_cores{cluster_type="management_cluster"}[2d]) / on (cluster_id) group_left avg_over_time(aggregation:kubernetes:node_allocatable_cpu_cores_total{cluster_type="management_cluster"}[2d]) > 0.93 for: 1h labels: - area: kass + area: kaas cancel_if_outside_working_hours: "true" severity: page team: {{ include "providerTeam" . }} @@ -54,7 +54,7 @@ spec: expr: avg_over_time(aggregation:kubernetes:pod_resource_requests_memory_bytes{cluster_type="management_cluster"}[2d]) / on (cluster_id) group_left avg_over_time(aggregation:kubernetes:node_allocatable_memory_bytes{cluster_type="management_cluster"}[2d]) > 0.93 for: 1h labels: - area: kass + area: kaas cancel_if_outside_working_hours: "true" severity: page team: {{ include "providerTeam" . }} diff --git a/test/conf/pint/pint-all.hcl b/test/conf/pint/pint-all.hcl index d56c0b9d4..2bbbe3be7 100644 --- a/test/conf/pint/pint-all.hcl +++ b/test/conf/pint/pint-all.hcl @@ -42,13 +42,20 @@ rule { required = true } - # Each alert must have a 'severity' annotation that's either 'page' or 'notify'. + # Each alert must have a 'severity' label that's either 'page' or 'notify'. label "severity" { severity = "bug" value = "(page|notify)" required = true } + # Each alert must have an `area' label that's either 'kaas' or 'platform'. + label "area" { + severity = "bug" + value = "(kaas|platform)" + required = true + } + # Check how many times each alert would fire in the last 1d. alerts { range = "1d" diff --git a/test/conf/pint/pint-config.hcl b/test/conf/pint/pint-config.hcl index c5ab661ec..4087f462a 100644 --- a/test/conf/pint/pint-config.hcl +++ b/test/conf/pint/pint-config.hcl @@ -1,7 +1,39 @@ rule { + # Disallow spaces in label/annotation keys, they're only allowed in values. + reject ".* +.*" { + label_keys = true + annotation_keys = true + } + + # Disallow URLs in labels, they should go to annotations. + reject "https?://.+" { + label_keys = true + label_values = true + } + # Ensure that all aggregations are preserving mandatory labels. aggregate ".+" { severity = "bug" keep = ["cluster_id", "installation", "pipeline", "provider"] } } + +rule { + # This block will apply to all alerting rules. + match { + kind = "alerting" + } + + # Each alert must have a 'description' annotation. + annotation "description" { + severity = "bug" + required = true + } + + # Check how many times each alert would fire in the last 1d. + alerts { + range = "1d" + step = "1m" + resolve = "5m" + } +}