Skip to content

ROX-28151: Tracker runner, triggered by Prometheus scrape request#15797

Merged
parametalol merged 18 commits intomasterfrom
michael/ROX-28151-cached-runner
Sep 8, 2025
Merged

ROX-28151: Tracker runner, triggered by Prometheus scrape request#15797
parametalol merged 18 commits intomasterfrom
michael/ROX-28151-cached-runner

Conversation

@parametalol
Copy link
Copy Markdown
Contributor

@parametalol parametalol commented Jun 19, 2025
edited
Loading

Description

Custom Prometheus metrics exposed on the /metrics path of the central API endpoint. Configured via the /v1/config service.

This PR adds the image vulnerabilities tracker and sets it up on a dedicated route, and enables configuration via the config service API.

Disabled by default.

User-facing documentation

Testing and quality

  • the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

  • added unit tests
  • added e2e tests
  • added regression tests
  • added compatibility tests
  • modified existing tests

How I validated my change

CI

Current dependencies on/for this PR:

@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Jun 19, 2025

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@codecov
Copy link
Copy Markdown

codecov bot commented Jun 19, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 75.73333% with 91 lines in your changes missing coverage. Please review.
✅ Project coverage is 48.68%. Comparing base (a75e8cd) to head (924e8b3).
⚠️ Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
central/metrics/custom/tracker/tracker_base.go 71.77% 30 Missing and 5 partials ⚠️
central/metrics/custom/runner.go 62.00% 12 Missing and 7 partials ⚠️
...ral/metrics/custom/image_vulnerabilities/labels.go 30.00% 14 Missing ⚠️
central/config/service/service.go 46.15% 7 Missing ⚠️
...al/metrics/custom/image_vulnerabilities/tracker.go 82.35% 4 Missing and 2 partials ⚠️
central/metrics/custom/singleton.go 0.00% 6 Missing ⚠️
central/metrics/custom/tracker/aggregator.go 91.17% 2 Missing and 1 partial ⚠️
central/config/service/singleton.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #15797      +/-   ##
==========================================
+ Coverage   48.62%   48.68%   +0.05%     
==========================================
  Files        2664     2674      +10     
  Lines      199336   199708     +372     
==========================================
+ Hits        96932    97219     +287     
- Misses      94809    94882      +73     
- Partials     7595     7607      +12
Flag Coverage Δ
go-unit-tests 48.68% <75.73%> (+0.05%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from 013331f to e7f93c7 Compare June 20, 2025 13:48
@parametalol parametalol force-pushed the michael/ROX-28151-cached-tracker branch from 4cf2b93 to 25e1bb8 Compare June 20, 2025 13:48
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from e7f93c7 to a76cb2a Compare June 20, 2025 15:56
@rhacs-bot
Copy link
Copy Markdown
Contributor

rhacs-bot commented Jun 20, 2025
edited
Loading

Images are ready for the commit at 924e8b3.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.9.x-719-g924e8b39b0.

@parametalol parametalol force-pushed the michael/ROX-28151-cached-tracker branch from 60b7302 to 17d90da Compare June 20, 2025 19:36
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from a76cb2a to a7eaed4 Compare June 20, 2025 19:36
@parametalol parametalol force-pushed the michael/ROX-28151-cached-tracker branch from 17d90da to 64d7b55 Compare June 23, 2025 09:39
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from a7eaed4 to b2392c1 Compare June 23, 2025 09:59
This was referenced Jun 23, 2025
Closed
Merged
Merged
Closed
Closed
Closed
@parametalol parametalol changed the base branch from michael/ROX-28151-cached-tracker to michael/authn-copy-context-identity June 23, 2025 14:01
@parametalol parametalol mentioned this pull request Jun 23, 2025
Merged
9 tasks
@parametalol parametalol changed the title michael/ROX-28151-cached-runner ROX-28151: Tracker runner, triggered by Prometheus scrape request Jun 23, 2025
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from 9430e5c to fe18a4b Compare July 2, 2025 07:42
@parametalol parametalol mentioned this pull request Jul 16, 2025
Merged
9 tasks
@parametalol parametalol mentioned this pull request Jul 28, 2025
Merged
9 tasks
@parametalol parametalol force-pushed the michael/authn-copy-context-identity branch from a8c335e to a719ed0 Compare August 14, 2025 08:02
@parametalol parametalol changed the base branch from michael/authn-copy-context-identity to michael/ROX-28151-cached-tracker August 14, 2025 08:17
@parametalol parametalol force-pushed the michael/ROX-28151-cached-tracker branch from 232068a to 96cfe28 Compare August 14, 2025 08:24
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch 2 times, most recently from 11b8374 to 7dba6d0 Compare August 14, 2025 11:51
@parametalol parametalol force-pushed the michael/ROX-28151-cached-tracker branch from 96cfe28 to 38551df Compare August 14, 2025 11:51
stehessel
stehessel reviewed Sep 3, 2025
View reviewed changes
stehessel
stehessel reviewed Sep 3, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@stehessel stehessel left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of using the Prometheus registry as a cache that is invalidated upon user request. What is not clear to me is how stale labels get purged from the cache? IIUC stale findings from previous gathers remain as metrics in the registry - is that right? Ideally these stale findings would be purged after the gathering period expired.

parametalol
parametalol commented Sep 5, 2025
View reviewed changes
@parametalol parametalol mentioned this pull request Sep 8, 2025
Closed
9 tasks
@parametalol parametalol changed the base branch from michael/ROX-28151-cached-tracker to master September 8, 2025 14:06
@parametalol parametalol force-pushed the michael/ROX-28151-cached-runner branch from 7058c8a to 924e8b3 Compare September 8, 2025 14:22
@parametalol parametalol enabled auto-merge (squash) September 8, 2025 15:41
@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Sep 8, 2025

@parametalol: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/ocp-4-18-nongroovy-e2e-tests 7058c8a link false /test ocp-4-18-nongroovy-e2e-tests
ci/prow/ocp-4-12-operator-e2e-tests 924e8b3 link false /test ocp-4-12-operator-e2e-tests
ci/prow/ocp-4-12-nongroovy-e2e-tests 924e8b3 link false /test ocp-4-12-nongroovy-e2e-tests

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@parametalol parametalol merged commit cccc762 into master Sep 8, 2025
90 of 98 checks passed
@parametalol parametalol deleted the michael/ROX-28151-cached-runner branch September 8, 2025 16:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stehessel stehessel stehessel approved these changes

Assignees

No one assigned

Labels

area/central

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@parametalol @rhacs-bot @stehessel @janisz