Skip to content

Commit

Permalink
Certificate Expiring Critical + Warning-updated
Browse files Browse the repository at this point in the history
  • Loading branch information
@aaa5kameric
aaa5kameric committed Aug 9, 2024
1 parent 2d8544c commit 4d4bad8
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 58 deletions.
4 changes: 2 additions & 2 deletions resources/prometheus/prometheus-rules.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,15 +128,15 @@ spec:
summary: "Fleetshard synchronizer container `{{ $labels.pod }}/{{ $labels.container }}` in namespace `{{ $labels.namespace }}` restarted more than 3 times."
description: "Fleetshard synchronizer container `{{ $labels.pod }}/{{ $labels.container }}` in namespace `{{ $labels.namespace }}` has restarted more than 3 times during the last 30 minutes."
sop_url: "https://gitlab.cee.redhat.com/stackrox/acs-managed-service-runbooks/blob/master/sops/dp-005-fleetshard-sync-unavailable.md"
- alert: CertificateExpiringCritical
- alert: RHACSFleetshardCertificateExpiringCritical
expr: |
((acs_fleetshard_certificate_expiration_timestamp-time())/60/60/24)<1
labels:
severity: critical
annotations:
summary: "Certificate Expiring very soon in namespace `{{ $labels.namespace }}` for secret '{{ $labels.secret}}'."
description: "Certificate `{{ $labels.data_key }}` in namespace `{{ $labels.namespace }}` is expiring in less than a day."
- alert: CertificateExpiringSoon
- alert: RHACSFleetshardCertificateExpiringSoon
expr: |
((acs_fleetshard_certificate_expiration_timestamp-time())/60/60/24)<7
labels:
Expand Down
42 changes: 42 additions & 0 deletions resources/prometheus/unit_tests/RHACSFleetschardCertificateExpiring.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
rule_files:
- /tmp/prometheus-rules-test.yaml

evaluation_interval: 1m

tests:
- interval: 1d
input_series:
- series: acs_fleetshard_certificate_expiration_timestamp{namespace="rhacs", secret="secret", data_key="key"}
values: "604800+15x0" # equals to 7 days

alert_rule_test:
- eval_time: 0
alertname: RHACSFleetshardCertificateExpiringCritical
exp_alerts: [ ]
- eval_time: 3d
alertname: RHACSFleetshardCertificateExpiringSoon
exp_alerts:
- exp_labels:
alertname: RHACSFleetshardCertificateExpiringSoon
namespace: rhacs
secret: secret
data_key: key
severity: warning
exp_annotations:
summary: "Certificate Expiring soon in namespace `rhacs` for secret 'secret'."
description: "Certificate `key` in namespace `rhacs` is expiring in less than 7 days."
- eval_time: 6d
alertname: RHACSFleetshardCertificateExpiringCritical
exp_alerts:
- exp_labels:
alertname: RHACSFleetshardCertificateExpiringCritical
namespace: rhacs
secret: secret
data_key: key
severity: critical
exp_annotations:
summary: "Certificate Expiring very soon in namespace `rhacs` for secret 'secret'."
description: "Certificate `key` in namespace `rhacs` is expiring in less than a day."
- eval_time: 10d
alertname: RHACSFleetshardCertificateExpiringSoon
exp_alerts: [ ]
28 changes: 0 additions & 28 deletions resources/prometheus/unit_tests/RHACSFleetschardCertificateExpiringCritical.yaml
View file

This file was deleted.

28 changes: 0 additions & 28 deletions resources/prometheus/unit_tests/RHACSFleetschardCertificateExpiringSoon.yaml
View file

This file was deleted.

0 comments on commit 4d4bad8

Please sign in to comment.