Skip to content

Commit

Permalink
Don't exclude SSO Push tokens from Prometheus alert
Browse files Browse the repository at this point in the history
In this commit [1], we excluded these tokens, because a new one was
created automatically on-demand if the old one had expired.

However, now that we're doing this 4 weeks before the token is due to
expire, it seems sensible to reinstate the alerting for tokens
associated with the SSO Push API user so that if the automatic creation
fails for some reason, we still get alerted.

It also has the benefit of making the code a bit simpler and easier to
understand.

[1]: c79c39a
  • Loading branch information
floehopper committed Oct 10, 2023
1 parent c548f11 commit 633b2c5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/collectors/global_prometheus_collector.rb
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ def metrics
def token_expiry_info
# Cache metric to prevent needless expensive calls to the database
Rails.cache.fetch("token_expiry_info", expires_in: 1.hour) do
ApiUser.where.not(email: SSOPushCredential::USER_EMAIL).flat_map do |user|
ApiUser.all.flat_map do |user|
user.authorisations.not_revoked.map do |token|
{
expires_at: token.expires_at.to_i,
Expand Down

0 comments on commit 633b2c5

Please sign in to comment.