Feature/fixing prometheus #745
Conversation
There was a problem hiding this comment.
What is the testable result of this change?
From the Prometheus docs, when this is running, there should be an endpoint available that exposes metrics at /actuator/prometheus or similar. If this is enabled by default, we could also include a smoke test to verify that this is running.
|
... and now a smoketest for the promethus endpoint as well |
|
This looks good so far. When I get a chance later today, I'll spin up the project and check if it's reporting metrics too, and approve if everything looks OK. Thanks Jens! |
There was a problem hiding this comment.
I do not see actuator/info appearing as part of the default config.
prometheus, health, and metrics appear, but I need to explicitly set up info to get that endpoint, in both the main and test application configs:
endpoint:
...
info:
enabled: true
...Is leaving info out intended?
It would also not take much to extend that IT test to cover all these endpoints. I tried the following, and it worked for me:
@ParameterizedTest
@ValueSource(strings = {"prometheus", "info", "health", "metrics"})
void testActuatorEndpointExists(String endpoint) throws IOException {
CloseableHttpClient httpclient = HttpClients.createDefault();
CloseableHttpResponse response = httpclient.execute(new HttpGet("http://localhost:" + port + "/actuator/" + endpoint));
int statusCode = response.getStatusLine().getStatusCode();
assertEquals(200, statusCode);
}Could you add that as well?
|
Does the prometheus endpoint expose anything potentially sensitive? |
Agree with this. I'd include them commented out so it's easy to enable, but not as default. The good news is that base for these is at /actuator which is a sibling of the /fhir baseurl. So it's easy to enable them internally and prevent public access through a reverse proxy/gateway. |
|
While I can comment them out I feel I do need to say a couple of things here:
I may be making some wrong assumptions here, but that is how I see it. |
|
I don't disagree with you in general, @jkiddo. But consider this scenario. I am deploying my own application.yml file as a file with my server deployment. My application.yml doesn't mention the actuator endpoints at all. Tomorrow, I pull the latest code and build it which now includes these options in the classpath/jar copy of application.yaml. I re-deploy my server (not changing my locally deployed properties file), and now the endpoints are suddenly enabled because these properties are not explicitly overridden in my deployed properties but are present on the classpath/jar. |
|
Here are the relevant docs on property loading order: I'm pretty sure any property in the compiled/jar copy of the properties file will but picked up if it's not explicitly overridden in a deployment - so it makes sense to me to be careful and only have safe/reasonable defaults enabled. |
|
@XcrigX - that's a fair point, though I experience a different behavour. When using |
|
@jkiddo - I just ran a quick test to verify my understanding. Here's what I did.
The server came up on 8888, despite my local application.yaml not specifying that port and it not being the Spring default- it's picking up the default value specified in the compiled jar. To double-check myself I then stopped the server, uncommented server.port and changed it to 8081, reran and it came up on 8081. |
|
I guess that the reason that you @XcrigX experience a different behaviour than me is because I use the 
|
Adding parameterized tests for endpoints
|
To get the ball rolling I've removed the prometheus and metrics parts by default. |
Fixing prometheus so that it actually works. Also seems related to micrometer-metrics/micrometer#5093