Bug 1992563 - all the alert rules' annotations "summary" and "description" should comply with the OpenShift alerting guidelines
Summary: all the alert rules' annotations "summary" and "description" should comply wi...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Credential Operator
Version: 4.9
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.9.z
Assignee: Joel Diaz
QA Contact: Jianping SHu
URL:
Whiteboard:
Depends On: 2010341
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-08-11 10:19 UTC by hongyan li
Modified: 2021-12-06 11:22 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-12-06 11:22:25 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cloud-credential-operator pull 397 0 None open [release-4.9] Bug 1992563: update alerts with summary and descriptions 2021-10-27 17:01:53 UTC
Red Hat Product Errata RHBA-2021:4889 0 None None None 2021-12-06 11:22:45 UTC

Description hongyan li 2021-08-11 10:19:46 UTC
Description of problem:
all the alert rules'  annotations "summary" and "description"  should comply with the OpenShift alerting guidelines

Version-Release number of selected component (if applicable):
4.9.0-0.nightly-2021-08-07-175228

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:
$ oc get prometheusrules -n openshift-cloud-credential-operator -oyaml
apiVersion: v1
items:
- apiVersion: monitoring.coreos.com/v1
  kind: PrometheusRule
  metadata:
    annotations:
      exclude.release.openshift.io/internal-openshift-hosted: "true"
      include.release.openshift.io/self-managed-high-availability: "true"
    creationTimestamp: "2021-08-10T23:12:03Z"
    generation: 1
    name: cloud-credential-operator-alerts
    namespace: openshift-cloud-credential-operator
    ownerReferences:
    - apiVersion: config.openshift.io/v1
      kind: ClusterVersion
      name: version
      uid: 9fc7b5b6-6c23-4335-be07-ecfe1b9a142f
    resourceVersion: "1785"
    uid: 97b9370d-f34d-4208-aef3-240759b9f53b
  spec:
    groups:
    - name: CloudCredentialOperator
      rules:
      - alert: CloudCredentialOperatorTargetNamespaceMissing
        annotations:
          message: CredentialsRequest(s) pointing to non-existent namespace
        expr: cco_credentials_requests_conditions{condition="MissingTargetNamespace"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorProvisioningFailed
        annotations:
          message: CredentialsRequest(s) unable to be fulfilled
        expr: cco_credentials_requests_conditions{condition="CredentialsProvisionFailure"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorDeprovisioningFailed
        annotations:
          message: CredentialsRequest(s) unable to be cleaned up
        expr: cco_credentials_requests_conditions{condition="CredentialsDeprovisionFailure"}
          > 0
        for: 5m
        labels:
          severity: warning
      - alert: CloudCredentialOperatorInsufficientCloudCreds
        annotations:
          message: Cluster's cloud credentials insufficient for minting or passthrough
        expr: cco_credentials_requests_conditions{condition="InsufficientCloudCreds"}
          > 0
        for: 5m
        labels:
          severity: warning
kind: List
metadata:
  resourceVersion: ""

  selfLink: ""


Expected results:
alert rules have annotations "summary" and "description"

Additional info:
the "summary" and "description" annotations comply with the OpenShift alerting guidelines [1]

[1] https://github.com/openshift/enhancements/blob/master/enhancements/monitoring/alerting-consistency.md#documentation-required

Comment 2 Jianping SHu 2021-11-26 01:26:03 UTC
Verified with cluster-bot cluster with PR 397 (launch 4.9-ci,openshift/cloud-credential-operator#397 aws)
1. Login on prometheus webpage with openshift account. All CCO alerts are with description and summary informations.
https://prometheus-k8s-openshift-monitoring.apps.ci-ln-liw40nk-76ef8.origin-ci-int-aws.dev.rhcloud.com

CloudCredentialOperatorProvisioningFailed (0 active)
name: CloudCredentialOperatorProvisioningFailed
expr: cco_credentials_requests_conditions{condition="CredentialsProvisionFailure"} > 0
for: 5m
labels:
severity: warning
annotations:
description: While processing a CredentialsRequest, the Cloud Credential Operator encountered an issue. Check the conditions of all CredentialsRequets with 'oc get credentialsrequest -A' to find any CredentialsRequest(s) with a .stats.condition showing a condition type of CredentialsProvisionFailure set to True for more details on the issue.
message: CredentialsRequest(s) unable to be fulfilled
summary: One or more CredentialsRequest CRs are unable to be processed.
...

2. Create one CredentialsRequest with namespace doesn't exist, then alert CloudCredentialOperatorTargetNamespaceMissing is generated

apiVersion: cloudcredential.openshift.io/v1
kind: CredentialsRequest
metadata:
  name: my-cred-request
  namespace: openshift-cloud-credential-operator
spec:
  secretRef:
    name: my-cred-request-secret
    namespace: namespace-does-not-exist
  providerSpec:
    apiVersion: cloudcredential.openshift.io/v1
    kind: AWSProviderSpec
    statementEntries:
    - effect: Allow
      action:
      - s3:CreateBucket
      - s3:DeleteBucket
      resource: "*"

Comment 6 errata-xmlrpc 2021-12-06 11:22:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.9.10 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4889


Note You need to log in before you can comment on or make changes to this bug.