Bug 1992563

Summary: all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines
Product: OpenShift Container Platform Reporter: hongyan li <hongyli>
Component: Cloud Credential OperatorAssignee: Joel Diaz <jdiaz>
Status: CLOSED ERRATA QA Contact: Jianping SHu <jshu>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.9CC: arane, jdiaz, lwan
Target Milestone: ---   
Target Release: 4.9.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-12-06 11:22:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2010341    
Bug Blocks:    

Description hongyan li 2021-08-11 10:19:46 UTC 
Description of problem:
all the alert rules'  annotations "summary" and "description"  should comply with the OpenShift alerting guidelines

Version-Release number of selected component (if applicable):
4.9.0-0.nightly-2021-08-07-175228

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:
$ oc get prometheusrules -n openshift-cloud-credential-operator -oyaml
apiVersion: v1
items:
- apiVersion: monitoring.coreos.com/v1
  kind: PrometheusRule
  metadata:
    annotations:
      exclude.release.openshift.io/internal-openshift-hosted: "true"
      include.release.openshift.io/self-managed-high-availability: "true"
    creationTimestamp: "2021-08-10T23:12:03Z"
    generation: 1
    name: cloud-credential-operator-alerts
    namespace: openshift-cloud-credential-operator
    ownerReferences:
    - apiVersion: config.openshift.io/v1
      kind: ClusterVersion
      name: version
      uid: 9fc7b5b6-6c23-4335-be07-ecfe1b9a142f
    resourceVersion: "1785"
    uid: 97b9370d-f34d-4208-aef3-240759b9f53b
  spec:
    groups:
    - name: CloudCredentialOperator
      rules:
      - alert: CloudCredentialOperatorTargetNamespaceMissing
        annotations:
          message: CredentialsRequest(s) pointing to non-existent namespace
        expr: cco_credentials_requests_conditions{condition="MissingTargetNamespace"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorProvisioningFailed
        annotations:
          message: CredentialsRequest(s) unable to be fulfilled
        expr: cco_credentials_requests_conditions{condition="CredentialsProvisionFailure"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorDeprovisioningFailed
        annotations:
          message: CredentialsRequest(s) unable to be cleaned up
        expr: cco_credentials_requests_conditions{condition="CredentialsDeprovisionFailure"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorInsufficientCloudCreds
        annotations:
          message: Cluster's cloud credentials insufficient for minting or passthrough
        expr: cco_credentials_requests_conditions{condition="InsufficientCloudCreds"}
          > 0
        for: 5m
        labels:
          severity: warning
kind: List
metadata:
  resourceVersion: ""

  selfLink: ""


Expected results:
alert rules have annotations "summary" and "description"

Additional info:
the "summary" and "description" annotations comply with the OpenShift alerting guidelines [1]

[1] https://github.com/openshift/enhancements/blob/master/enhancements/monitoring/alerting-consistency.md#documentation-required
Comment 2 Jianping SHu 2021-11-26 01:26:03 UTC 
Verified with cluster-bot cluster with PR 397 (launch 4.9-ci,openshift/cloud-credential-operator#397 aws)
1. Login on prometheus webpage with openshift account. All CCO alerts are with description and summary informations.
https://prometheus-k8s-openshift-monitoring.apps.ci-ln-liw40nk-76ef8.origin-ci-int-aws.dev.rhcloud.com

CloudCredentialOperatorProvisioningFailed (0 active)
name: CloudCredentialOperatorProvisioningFailed
expr: cco_credentials_requests_conditions{condition="CredentialsProvisionFailure"} > 0
for: 5m
labels:
severity: warning
annotations:
description: While processing a CredentialsRequest, the Cloud Credential Operator encountered an issue. Check the conditions of all CredentialsRequets with 'oc get credentialsrequest -A' to find any CredentialsRequest(s) with a .stats.condition showing a condition type of CredentialsProvisionFailure set to True for more details on the issue.
message: CredentialsRequest(s) unable to be fulfilled
summary: One or more CredentialsRequest CRs are unable to be processed.
...

2. Create one CredentialsRequest with namespace doesn't exist, then alert CloudCredentialOperatorTargetNamespaceMissing is generated

apiVersion: cloudcredential.openshift.io/v1
kind: CredentialsRequest
metadata:
  name: my-cred-request
  namespace: openshift-cloud-credential-operator
spec:
  secretRef:
    name: my-cred-request-secret
    namespace: namespace-does-not-exist
  providerSpec:
    apiVersion: cloudcredential.openshift.io/v1
    kind: AWSProviderSpec
    statementEntries:
    - effect: Allow
      action:
      - s3:CreateBucket
      - s3:DeleteBucket
      resource: "*"
Comment 6 errata-xmlrpc 2021-12-06 11:22:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.10 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4889